Class: OmniAuth::Strategies::Google

Inherits:
OAuth
  • Object
show all
Defined in:
lib/omniauth/strategies/oauth/google.rb

Overview

Authenticate to Google via OAuth and retrieve basic user information.

Usage: use OmniAuth::Strategies::Google, 'consumerkey', 'consumersecret'

Instance Attribute Summary

Attributes inherited from OAuth

#consumer_key, #consumer_options, #consumer_secret, #name

Instance Method Summary collapse

Methods inherited from OAuth

#callback_phase, #consumer, #unique_id

Constructor Details

#initialize(app, consumer_key = nil, consumer_secret = nil, options = {}, &block) ⇒ Google

Returns a new instance of Google.



12
13
14
15
16
17
18
19
20
21
22
23
# File 'lib/omniauth/strategies/oauth/google.rb', line 12

def initialize(app, consumer_key=nil, consumer_secret=nil, options={}, &block)
  client_options = {
    :access_token_path => '/accounts/OAuthGetAccessToken',
    :authorize_path => '/accounts/OAuthAuthorizeToken',
    :request_token_path => '/accounts/OAuthGetRequestToken',
    :site => 'https://www.google.com',
  }
  google_contacts_auth = 'www.google.com/m8/feeds'
  options[:scope] ||= "https://#{google_contacts_auth}"
  options[:scope] << " https://#{google_contacts_auth}" unless options[:scope] =~ %r[http[s]?:\/\/#{google_contacts_auth}]
  super(app, :google, consumer_key, consumer_secret, client_options, options, &block)
end

Instance Method Details

#auth_hashObject



25
26
27
28
29
30
31
32
33
34
35
36
# File 'lib/omniauth/strategies/oauth/google.rb', line 25

def auth_hash
  ui = 
  OmniAuth::Utils.deep_merge(
    super, {
      'uid' => ui['uid'],
      'user_info' => ui,
      'extra' => {
        'user_hash' => user_hash,
      },
    }
  )
end

#request_phaseObject

Monkeypatch OmniAuth to pass the scope and authorize_params in the consumer.get_request_token call



63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
# File 'lib/omniauth/strategies/oauth/google.rb', line 63

def request_phase
  request_options = {:scope => options[:scope]}
  request_options.merge!(options[:authorize_params])

  request_token = consumer.get_request_token({:oauth_callback => callback_url}, request_options)
  session['oauth'] ||= {}
  session['oauth'][name.to_s] = {'callback_confirmed' => request_token.callback_confirmed?, 'request_token' => request_token.token, 'request_secret' => request_token.secret}
  r = Rack::Response.new

  if request_token.callback_confirmed?
    r.redirect(request_token.authorize_url)
  else
    r.redirect(request_token.authorize_url(:oauth_callback => callback_url))
  end

  r.finish
end

#user_hashObject



51
52
53
54
55
56
57
58
59
60
# File 'lib/omniauth/strategies/oauth/google.rb', line 51

def user_hash
  # Google is very strict about keeping authorization and
  # authentication separated.
  # They give no endpoint to get a user's profile directly that I can
  # find. We *can* get their name and email out of the contacts feed,
  # however. It will fail in the extremely rare case of a user who has
  # a Google Account but has never even signed up for Gmail. This has
  # not been seen in the field.
  @user_hash ||= MultiJson.decode(@access_token.get('https://www.google.com/m8/feeds/contacts/default/full?max-results=1&alt=json').body)
end

#user_infoObject



38
39
40
41
42
43
44
45
46
47
48
49
# File 'lib/omniauth/strategies/oauth/google.rb', line 38

def 
  email = user_hash['feed']['id']['$t']

  name = user_hash['feed']['author'].first['name']['$t']
  name = email if name.strip == '(unknown)'

  {
    'email' => email,
    'uid' => email,
    'name' => name,
  }
end