-
-
Notifications
You must be signed in to change notification settings - Fork 975
/
google.rb
82 lines (72 loc) · 2.97 KB
/
google.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
require 'omniauth/oauth'
require 'multi_json'
module OmniAuth
module Strategies
# Authenticate to Google via OAuth and retrieve basic
# user information.
#
# Usage:
# use OmniAuth::Strategies::Google, 'consumerkey', 'consumersecret'
class Google < OmniAuth::Strategies::OAuth
def initialize(app, consumer_key=nil, consumer_secret=nil, options={}, &block)
client_options = {
:access_token_path => '/accounts/OAuthGetAccessToken',
:authorize_path => '/accounts/OAuthAuthorizeToken',
:request_token_path => '/accounts/OAuthGetRequestToken',
:site => 'https://www.google.com',
}
google_contacts_auth = 'www.google.com/m8/feeds'
options[:scope] ||= "https://#{google_contacts_auth}"
options[:scope] << " https://#{google_contacts_auth}" unless options[:scope] =~ %r[http[s]?:\/\/#{google_contacts_auth}]
super(app, :google, consumer_key, consumer_secret, client_options, options, &block)
end
def auth_hash
ui = user_info
OmniAuth::Utils.deep_merge(
super, {
'uid' => ui['uid'],
'user_info' => ui,
'extra' => {
'user_hash' => user_hash,
},
}
)
end
def user_info
email = user_hash['feed']['id']['$t']
name = user_hash['feed']['author'].first['name']['$t']
name = email if name.strip == '(unknown)'
{
'email' => email,
'uid' => email,
'name' => name,
}
end
def user_hash
# Google is very strict about keeping authorization and
# authentication separated.
# They give no endpoint to get a user's profile directly that I can
# find. We *can* get their name and email out of the contacts feed,
# however. It will fail in the extremely rare case of a user who has
# a Google Account but has never even signed up for Gmail. This has
# not been seen in the field.
@user_hash ||= MultiJson.decode(@access_token.get('https://www.google.com/m8/feeds/contacts/default/full?max-results=1&alt=json').body)
end
# Monkeypatch OmniAuth to pass the scope and authorize_params in the consumer.get_request_token call
def request_phase
request_options = {:scope => options[:scope]}
request_options.merge!(options[:authorize_params])
request_token = consumer.get_request_token({:oauth_callback => callback_url}, request_options)
session['oauth'] ||= {}
session['oauth'][name.to_s] = {'callback_confirmed' => request_token.callback_confirmed?, 'request_token' => request_token.token, 'request_secret' => request_token.secret}
r = Rack::Response.new
if request_token.callback_confirmed?
r.redirect(request_token.authorize_url)
else
r.redirect(request_token.authorize_url(:oauth_callback => callback_url))
end
r.finish
end
end
end
end