omniauth-google-oauth2 0.1.17 → 0.1.18
Sign up to get free protection for your applications and to get access to all the features.
- data/.ruby-version +1 -0
- data/README.md +11 -5
- data/lib/omniauth/google_oauth2/version.rb +1 -1
- data/lib/omniauth/strategies/google_oauth2.rb +5 -5
- data/spec/omniauth/strategies/google_oauth2_spec.rb +17 -10
- metadata +76 -85
- data/.rvmrc +0 -1
data/.ruby-version
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
ruby-1.9.3
|
data/README.md
CHANGED
@@ -32,20 +32,26 @@ You can now access the OmniAuth Google OAuth2 URL: `/auth/google_oauth2`
|
|
32
32
|
|
33
33
|
You can configure several options, which you pass in to the `provider` method via a hash:
|
34
34
|
|
35
|
-
* `scope`: A comma-separated list
|
35
|
+
* `scope`: A comma-separated list of permissions you want to request from the user. See the [Google OAuth 2.0 Playground](https://developers.google.com/oauthplayground/) for a full list of available permissions. Caveats:
|
36
36
|
* The `userinfo.email` and `userinfo.profile` scopes are used by default. By defining your own `scope`, you override these defaults. If you need these scopes, don't forget to add them yourself!
|
37
37
|
* Scopes starting with `https://www.googleapis.com/auth/` do not need that prefix specified. So while you should use the smaller scope `books` since that permission starts with the mentioned prefix, you should use the full scope URL `https://docs.google.com/feeds/` to access a user's docs, for example.
|
38
|
-
* `
|
38
|
+
* `prompt`: A space-delimited list of string values that determines whether the user is re-prompted for authentication and/or consent. Possible values are:
|
39
|
+
* `none`: No authentication or consent pages will be displayed; it will return an error if the user is not already authenticated and has not pre-configured consent for the requested scopes. This can be used as a method to check for existing authentication and/or consent.
|
40
|
+
* `consent`: The user will always be prompted for consent, even if he has previously allowed access a given set of scopes.
|
41
|
+
* `select_account`: The user will always be prompted to select a user account. This allows a user who has multiple current account sessions to select one amongst them.
|
42
|
+
|
43
|
+
If no value is specified, the user only sees the authentication page if he is not logged in and only sees the consent page the first time he authorizes a given set of scopes.
|
44
|
+
|
39
45
|
* `access_type`: Defaults to `offline`, so a refresh token is sent to be used when the user is not present at the browser. Can be set to `online`.
|
40
46
|
|
41
|
-
Here's an example of a possible configuration where the user is asked for extra permissions and is
|
47
|
+
Here's an example of a possible configuration where the user is asked for extra permissions and is always prompted to select his account when logging in:
|
42
48
|
|
43
49
|
```ruby
|
44
50
|
Rails.application.config.middleware.use OmniAuth::Builder do
|
45
51
|
provider :google_oauth2, ENV["GOOGLE_KEY"], ENV["GOOGLE_SECRET"],
|
46
52
|
{
|
47
|
-
:scope => "userinfo.email,userinfo.profile,plus.me,http://gdata.youtube.com",
|
48
|
-
:
|
53
|
+
:scope => "userinfo.email, userinfo.profile, plus.me, http://gdata.youtube.com",
|
54
|
+
:prompt => "consent select_account"
|
49
55
|
}
|
50
56
|
end
|
51
57
|
```
|
@@ -4,11 +4,11 @@ module OmniAuth
|
|
4
4
|
module Strategies
|
5
5
|
class GoogleOauth2 < OmniAuth::Strategies::OAuth2
|
6
6
|
|
7
|
-
# Possible scopes: userinfo.email,userinfo.profile,plus.me
|
8
7
|
DEFAULT_SCOPE = "userinfo.email,userinfo.profile"
|
9
8
|
|
10
9
|
option :name, 'google_oauth2'
|
11
|
-
|
10
|
+
|
11
|
+
option :authorize_options, [:access_type, :hd, :prompt, :request_visible_actions, :scope, :state]
|
12
12
|
|
13
13
|
option :client_options, {
|
14
14
|
:site => 'https://accounts.google.com',
|
@@ -23,19 +23,19 @@ module OmniAuth
|
|
23
23
|
options[:authorize_options].each do |k|
|
24
24
|
params[k] = request.params[k.to_s] unless [nil, ''].include?(request.params[k.to_s])
|
25
25
|
end
|
26
|
-
scopes = (params[:scope] || DEFAULT_SCOPE).split(
|
26
|
+
scopes = (params[:scope] || DEFAULT_SCOPE).delete(' ').split(',')
|
27
27
|
scopes.map! { |s| s =~ /^https?:\/\// ? s : "#{base_scope_url}#{s}" }
|
28
28
|
params[:scope] = scopes.join(' ')
|
29
29
|
# This makes sure we get a refresh_token.
|
30
30
|
# http://googlecode.blogspot.com/2011/10/upcoming-changes-to-oauth-20-endpoint.html
|
31
31
|
params[:access_type] = 'offline' if params[:access_type].nil?
|
32
|
-
params[:
|
32
|
+
params[:login_hint] = request.params['login_hint'] if request.params['login_hint']
|
33
33
|
# Override the state per request
|
34
34
|
session['omniauth.state'] = params[:state] if request.params['state']
|
35
35
|
end
|
36
36
|
end
|
37
37
|
|
38
|
-
uid{ raw_info['id'] || verified_email }
|
38
|
+
uid { raw_info['id'] || verified_email }
|
39
39
|
|
40
40
|
info do
|
41
41
|
prune!({
|
@@ -46,7 +46,7 @@ describe OmniAuth::Strategies::GoogleOauth2 do
|
|
46
46
|
end
|
47
47
|
|
48
48
|
describe '#authorize_params' do
|
49
|
-
%w(
|
49
|
+
%w(access_type hd prompt state any_other).each do |k|
|
50
50
|
it "should set the #{k} authorize option dynamically in the request" do
|
51
51
|
@options = {:authorize_options => [k.to_sym], k.to_sym => ''}
|
52
52
|
subject.stub(:request) { double('Request', {:params => { k => 'something' }, :env => {}}) }
|
@@ -70,6 +70,11 @@ describe OmniAuth::Strategies::GoogleOauth2 do
|
|
70
70
|
subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email')
|
71
71
|
end
|
72
72
|
|
73
|
+
it 'should deal with whitespace when joining scopes' do
|
74
|
+
@options = { :authorize_options => [:scope], :scope => 'userinfo.profile, userinfo.email'}
|
75
|
+
subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email')
|
76
|
+
end
|
77
|
+
|
73
78
|
it 'should set default scope to userinfo.email,userinfo.profile' do
|
74
79
|
@options = { :authorize_options => [:scope]}
|
75
80
|
subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile')
|
@@ -82,15 +87,10 @@ describe OmniAuth::Strategies::GoogleOauth2 do
|
|
82
87
|
end
|
83
88
|
end
|
84
89
|
|
85
|
-
describe '
|
86
|
-
it 'should set the
|
87
|
-
@options = {:
|
88
|
-
subject.authorize_params['
|
89
|
-
end
|
90
|
-
|
91
|
-
it 'should default to "force"' do
|
92
|
-
@options = {}
|
93
|
-
subject.authorize_params['approval_prompt'].should eq('force')
|
90
|
+
describe 'prompt' do
|
91
|
+
it 'should set the prompt parameter if present' do
|
92
|
+
@options = {:prompt => 'consent select_account'}
|
93
|
+
subject.authorize_params['prompt'].should eq('consent select_account')
|
94
94
|
end
|
95
95
|
end
|
96
96
|
|
@@ -126,6 +126,13 @@ describe OmniAuth::Strategies::GoogleOauth2 do
|
|
126
126
|
subject.authorize_params['hd'].should eq('example.com')
|
127
127
|
end
|
128
128
|
end
|
129
|
+
|
130
|
+
describe 'login_hint' do
|
131
|
+
it 'should set the login_hint parameter if present' do
|
132
|
+
subject.stub(:request) { double('Request', {:params => { 'login_hint' => 'example@example.com' }, :env => {}}) }
|
133
|
+
subject.authorize_params['login_hint'].should eq('example@example.com')
|
134
|
+
end
|
135
|
+
end
|
129
136
|
end
|
130
137
|
|
131
138
|
describe 'raw info' do
|
metadata
CHANGED
@@ -1,95 +1,90 @@
|
|
1
|
-
--- !ruby/object:Gem::Specification
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
2
|
name: omniauth-google-oauth2
|
3
|
-
version: !ruby/object:Gem::Version
|
4
|
-
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.18
|
5
5
|
prerelease:
|
6
|
-
segments:
|
7
|
-
- 0
|
8
|
-
- 1
|
9
|
-
- 17
|
10
|
-
version: 0.1.17
|
11
6
|
platform: ruby
|
12
|
-
authors:
|
7
|
+
authors:
|
13
8
|
- Josh Ellithorpe
|
14
9
|
- Yury Korolev
|
15
10
|
autorequire:
|
16
11
|
bindir: bin
|
17
12
|
cert_chain: []
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
dependencies:
|
22
|
-
- !ruby/object:Gem::Dependency
|
13
|
+
date: 2013-06-17 00:00:00.000000000 Z
|
14
|
+
dependencies:
|
15
|
+
- !ruby/object:Gem::Dependency
|
23
16
|
name: omniauth
|
24
|
-
|
25
|
-
requirement: &id001 !ruby/object:Gem::Requirement
|
17
|
+
requirement: !ruby/object:Gem::Requirement
|
26
18
|
none: false
|
27
|
-
requirements:
|
19
|
+
requirements:
|
28
20
|
- - ~>
|
29
|
-
- !ruby/object:Gem::Version
|
30
|
-
|
31
|
-
segments:
|
32
|
-
- 1
|
33
|
-
- 0
|
34
|
-
version: "1.0"
|
21
|
+
- !ruby/object:Gem::Version
|
22
|
+
version: '1.0'
|
35
23
|
type: :runtime
|
36
|
-
version_requirements: *id001
|
37
|
-
- !ruby/object:Gem::Dependency
|
38
|
-
name: omniauth-oauth2
|
39
24
|
prerelease: false
|
40
|
-
|
25
|
+
version_requirements: !ruby/object:Gem::Requirement
|
26
|
+
none: false
|
27
|
+
requirements:
|
28
|
+
- - ~>
|
29
|
+
- !ruby/object:Gem::Version
|
30
|
+
version: '1.0'
|
31
|
+
- !ruby/object:Gem::Dependency
|
32
|
+
name: omniauth-oauth2
|
33
|
+
requirement: !ruby/object:Gem::Requirement
|
41
34
|
none: false
|
42
|
-
requirements:
|
43
|
-
- -
|
44
|
-
- !ruby/object:Gem::Version
|
45
|
-
|
46
|
-
segments:
|
47
|
-
- 0
|
48
|
-
version: "0"
|
35
|
+
requirements:
|
36
|
+
- - ! '>='
|
37
|
+
- !ruby/object:Gem::Version
|
38
|
+
version: '0'
|
49
39
|
type: :runtime
|
50
|
-
version_requirements: *id002
|
51
|
-
- !ruby/object:Gem::Dependency
|
52
|
-
name: rspec
|
53
40
|
prerelease: false
|
54
|
-
|
41
|
+
version_requirements: !ruby/object:Gem::Requirement
|
42
|
+
none: false
|
43
|
+
requirements:
|
44
|
+
- - ! '>='
|
45
|
+
- !ruby/object:Gem::Version
|
46
|
+
version: '0'
|
47
|
+
- !ruby/object:Gem::Dependency
|
48
|
+
name: rspec
|
49
|
+
requirement: !ruby/object:Gem::Requirement
|
55
50
|
none: false
|
56
|
-
requirements:
|
51
|
+
requirements:
|
57
52
|
- - ~>
|
58
|
-
- !ruby/object:Gem::Version
|
59
|
-
hash: 23
|
60
|
-
segments:
|
61
|
-
- 2
|
62
|
-
- 6
|
63
|
-
- 0
|
53
|
+
- !ruby/object:Gem::Version
|
64
54
|
version: 2.6.0
|
65
55
|
type: :development
|
66
|
-
version_requirements: *id003
|
67
|
-
- !ruby/object:Gem::Dependency
|
68
|
-
name: rake
|
69
56
|
prerelease: false
|
70
|
-
|
57
|
+
version_requirements: !ruby/object:Gem::Requirement
|
71
58
|
none: false
|
72
|
-
requirements:
|
73
|
-
- -
|
74
|
-
- !ruby/object:Gem::Version
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
59
|
+
requirements:
|
60
|
+
- - ~>
|
61
|
+
- !ruby/object:Gem::Version
|
62
|
+
version: 2.6.0
|
63
|
+
- !ruby/object:Gem::Dependency
|
64
|
+
name: rake
|
65
|
+
requirement: !ruby/object:Gem::Requirement
|
66
|
+
none: false
|
67
|
+
requirements:
|
68
|
+
- - ! '>='
|
69
|
+
- !ruby/object:Gem::Version
|
70
|
+
version: '0'
|
79
71
|
type: :development
|
80
|
-
|
72
|
+
prerelease: false
|
73
|
+
version_requirements: !ruby/object:Gem::Requirement
|
74
|
+
none: false
|
75
|
+
requirements:
|
76
|
+
- - ! '>='
|
77
|
+
- !ruby/object:Gem::Version
|
78
|
+
version: '0'
|
81
79
|
description: A Google oauth2 strategy for OmniAuth 1.0
|
82
|
-
email:
|
80
|
+
email:
|
83
81
|
- quest@mac.com
|
84
82
|
executables: []
|
85
|
-
|
86
83
|
extensions: []
|
87
|
-
|
88
84
|
extra_rdoc_files: []
|
89
|
-
|
90
|
-
files:
|
85
|
+
files:
|
91
86
|
- .gitignore
|
92
|
-
- .
|
87
|
+
- .ruby-version
|
93
88
|
- Gemfile
|
94
89
|
- README.md
|
95
90
|
- Rakefile
|
@@ -103,41 +98,37 @@ files:
|
|
103
98
|
- spec/omniauth/strategies/google_oauth2_spec.rb
|
104
99
|
- spec/spec_helper.rb
|
105
100
|
- spec/support/shared_examples.rb
|
106
|
-
|
107
|
-
homepage: ""
|
101
|
+
homepage: ''
|
108
102
|
licenses: []
|
109
|
-
|
110
103
|
post_install_message:
|
111
104
|
rdoc_options: []
|
112
|
-
|
113
|
-
require_paths:
|
105
|
+
require_paths:
|
114
106
|
- lib
|
115
|
-
required_ruby_version: !ruby/object:Gem::Requirement
|
107
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
116
108
|
none: false
|
117
|
-
requirements:
|
118
|
-
- -
|
119
|
-
- !ruby/object:Gem::Version
|
120
|
-
|
121
|
-
segments:
|
109
|
+
requirements:
|
110
|
+
- - ! '>='
|
111
|
+
- !ruby/object:Gem::Version
|
112
|
+
version: '0'
|
113
|
+
segments:
|
122
114
|
- 0
|
123
|
-
|
124
|
-
required_rubygems_version: !ruby/object:Gem::Requirement
|
115
|
+
hash: 465443751449155842
|
116
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
125
117
|
none: false
|
126
|
-
requirements:
|
127
|
-
- -
|
128
|
-
- !ruby/object:Gem::Version
|
129
|
-
|
130
|
-
segments:
|
118
|
+
requirements:
|
119
|
+
- - ! '>='
|
120
|
+
- !ruby/object:Gem::Version
|
121
|
+
version: '0'
|
122
|
+
segments:
|
131
123
|
- 0
|
132
|
-
|
124
|
+
hash: 465443751449155842
|
133
125
|
requirements: []
|
134
|
-
|
135
126
|
rubyforge_project:
|
136
|
-
rubygems_version: 1.
|
127
|
+
rubygems_version: 1.8.25
|
137
128
|
signing_key:
|
138
129
|
specification_version: 3
|
139
130
|
summary: A Google oauth2 strategy for OmniAuth 1.0
|
140
|
-
test_files:
|
131
|
+
test_files:
|
141
132
|
- spec/omniauth/strategies/google_oauth2_spec.rb
|
142
133
|
- spec/spec_helper.rb
|
143
134
|
- spec/support/shared_examples.rb
|
data/.rvmrc
DELETED
@@ -1 +0,0 @@
|
|
1
|
-
rvm use 1.9.3@omniauth-google-oauth2 --create
|