Permalink
Browse files

Merge remote-tracking branch 'origin/RB-0.4'

Conflicts:
	README.md
	examples/app.js
	lib/auth.strategies/google2.js
	package.json
  • Loading branch information...
2 parents 011dbba + 2e54955 commit bef8708703993c969a163bffd5746fe528375761 @ciaranj committed Mar 8, 2012
Showing with 19 additions and 10 deletions.
  1. +2 −0 README.md
  2. +1 −1 examples/app.js
  3. +15 −8 lib/auth.strategies/google2.js
  4. +1 −1 package.json
View
@@ -53,6 +53,8 @@ Run
Changelog
=========
+ * 0.5.1
+ Change Google OAuth2 strategy to only request (and retrieve) the authenticating user's profile information (and optionally their e-mail address.)
* 0.5.0
Update to support connect 2.0.0
New 2-legged OAuth provider support ( Jason Chu )
View
@@ -89,7 +89,7 @@ app.use(connect.static(__dirname + '/public'))
, auth.Github({appId : ghId, appSecret: ghSecret, callback: ghCallbackAddress})
, auth.Yahoo({consumerKey: yahooConsumerKey, consumerSecret: yahooConsumerSecret, callback: yahooCallbackAddress})
, auth.Google({consumerKey: googleConsumerKey, consumerSecret: googleConsumerSecret, scope: "", callback: googleCallbackAddress})
- , auth.Google2({appId : google2Id, appSecret: google2Secret, callback: google2CallbackAddress})
+ , auth.Google2({appId : google2Id, appSecret: google2Secret, callback: google2CallbackAddress, requestEmailPermission: true})
, auth.Foursquare({appId: foursquareId, appSecret: foursquareSecret, callback: foursquareCallbackAddress})
, auth.Janrain({apiKey: janrainApiKey, appDomain: janrainAppDomain, callback: janrainCallbackUrl})
, auth.Getglue({appId : getGlueId, appSecret: getGlueSecret, callback: getGlueCallbackAddress})
@@ -14,7 +14,15 @@ module.exports= function(options, server) {
// Construct the internal OAuth client
my._oAuth= new OAuth(options.appId, options.appSecret, "", "https://accounts.google.com/o/oauth2/auth", "https://accounts.google.com/o/oauth2/token");
my._redirectUri= options.callback;
- my.scope= options.scope || "https://www.google.com/m8/feeds/";
+ my.scope= options.scope || "https://www.googleapis.com/auth/userinfo.profile";
+
+ // Ensure we have the correct scopes to match what the consumer really wants.
+ if( options.requestEmailPermission === true && my.scope.indexOf("auth/userinfo.email") == -1 ) {
+ my.scope+= " https://www.googleapis.com/auth/userinfo.email";
+ }
+ if( my.scope.indexOf("auth/userinfo.profile") == -1 ) {
+ my.scope+= " https://www.googleapis.com/auth/userinfo.profile";
+ }
// Give the strategy a name
that.name = options.name || "google2";
@@ -62,16 +70,15 @@ module.exports= function(options, server) {
else {
request.session["access_token"]= access_token;
if( refresh_token ) request.session["refresh_token"]= refresh_token;
- my._oAuth.get(
- "https://www.google.com/m8/feeds/contacts/default/full/0?alt=json",
+ my._oAuth.get("https://www.googleapis.com/oauth2/v1/userinfo?alt=json",
access_token,
- function(error, data){
+ function(error, profileData){
if( error ) {
- self.trace( 'Error retrieving the contact details =>' + JSON.stringify(error) );
+ self.trace( 'Error retrieving the profile data =>' + JSON.stringify(error) );
self._google2_fail(callback);
} else {
- var profile = { 'username': JSON.parse(data).entry.id.$t };
- self.success(profile, callback);
+ var profile= JSON.parse(profileData);
+ self.success(profile, callback);
}
});
}
@@ -87,4 +94,4 @@ module.exports= function(options, server) {
}
}
return that;
-};
+};
View
@@ -1,7 +1,7 @@
{
"name" : "connect-auth",
"description" : "Middleware for Connect (node.js) for handling your authentication needs.",
- "version" : "0.5.0",
+ "version" : "0.5.1",
"author" : "Ciaran Jessup <ciaranj@gmail.com>",
"engines" : {"node" : ">=0.6.0"},
"main" : "lib/index.js",

0 comments on commit bef8708

Please sign in to comment.