samples(web): Fix the outdated web sample

samples/web/.env

@@ -0,0 +1,4 @@
+GOOGLE_API_KEY=AIzaSyC6GvjvPlEzJpTW2bW2t0MPHQTfltTosHk
+GOOGLE_CLIENT_ID=479164972499-i7j6av7bp2s4on5ltb7pj2lb2iu5a8gi.apps.googleusercontent.com
+GOOGLE_CLIENT_SECRET=JBotCTG5biFWGz43jdQSZaa3
+GOOGLE_APPLICATION_CREDENTIALS=~/Downloads/ruby-samples-cred.json

samples/web/README.md

@@ -40,5 +40,7 @@ To start the server, run
 ruby app.rb
 ```
 
+Make sure you're running redis server locally at port `6379`
+
 Open `http://localhost:4567/` in your browser to explore the sample.
 

samples/web/app.rb

@@ -40,7 +40,7 @@
   # Returns credentials authorized for the requested scopes. If no credentials are available,
   # redirects the user to authorize access.
   def credentials_for(scope)
-    authorizer = Google::Auth::WebUserAuthorizer.new(settings.client_id, scope, settings.token_store)
+    authorizer = Google::Auth::WebUserAuthorizer.new(settings.client_id, scope, settings.token_store, '/oauth2callback')
     user_id = session[:user_id]
     redirect LOGIN_URL if user_id.nil?
     credentials = authorizer.get_credentials(user_id, request)
@@ -66,14 +66,12 @@ def resize(url, width)
 #
 post('/signin') do
   audience = settings.client_id.id
-  # Important: The google-id-token gem is not production ready. If using, consider fetching and
-  # supplying the valid keys separately rather than using the built-in certificate fetcher.
   validator = GoogleIDToken::Validator.new
-  claim = validator.check(params['id_token'], audience, audience)
+  claim = validator.check(params['credential'], audience, audience)
   if claim
     session[:user_id] = claim['sub']
     session[:user_email] = claim['email']
-    200
+    redirect back
   else
     logger.info('No valid identity token present')
     401

samples/web/views/home.erb

@@ -13,22 +13,40 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 %>
-<div class="g-signin2" data-onsuccess="onSignIn"></div>
-<script>
-function onSignIn(googleUser) {
-  var id_token = googleUser.getAuthResponse().id_token;
-  var formData = new FormData();
-  formData.append('id_token', id_token);
-  var req = new XMLHttpRequest();
-  req.addEventListener("load", function() {
-    console.log("Log in successful");
-    // Successful login...
-  });
-  req.addEventListener("error", function() {
-    console.log("Log in failed");
-    // Handle error...
-  });
-  req.open("POST", "/signin");
-  req.send(formData);
-}
-</script>
+<html>
+  <head>
+    <script src="https://accounts.google.com/gsi/client" async defer></script>
+    <div id="g_id_onload"
+         data-client_id="<%= @client_id %>"
+         data-context="signin"
+         data-ux_mode="popup"
+         data-login_uri="http://localhost:4567/signin"
+         data-auto_prompt="false">
+    </div>
+
+    <div class="g_id_signin"
+         data-type="standard"
+         data-shape="rectangular"
+         data-theme="outline"
+         data-text="signin_with"
+         data-size="large"
+         data-logo_alignment="left">
+    </div>
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <style type="text/css">
+      .navigation a {
+        padding: 10px;
+      }
+      .main {
+        padding: 10px;
+      }
+    </style>
+  </head>
+  <body>
+    <div class="navigation">
+      <a href="/">Home</a>
+      <a href="/drive">Google Drive Sample</a>
+      <a href="/calendar">Google Calendar Sample</a>
+    </div>
+  </body>
+</html>