~ubuntu-branches/debian/sid/ruby-omniauth-google-oauth2/sid

« back to all changes in this revision

Viewing changes to lib/omniauth/strategies/google_oauth2.rb

  • Committer: Package Import Robot
  • Author(s): Nitesh A Jain
  • Date: 2014-04-26 21:51:32 UTC
  • mfrom: (1.1.1)
  • Revision ID: package-import@ubuntu.com-20140426215132-1z01hugr2zhqbbnx
Tags: 0.2.4-1
New upstream release 

Show diffs side-by-side

added added

removed removed

Lines of Context:
4
4
  module Strategies
5
5
    class GoogleOauth2 < OmniAuth::Strategies::OAuth2
6
6
      BASE_SCOPE_URL = "https://www.googleapis.com/auth/"
7
 
      DEFAULT_SCOPE = "userinfo.email,userinfo.profile"
 
7
      BASE_SCOPES = %w[profile email openid]
 
8
      DEFAULT_SCOPE = "email,profile"
8
9
 
9
10
      option :name, 'google_oauth2'
10
11
 
11
12
      option :skip_friends, true
12
13
 
13
 
      option :authorize_options, [:access_type, :hd, :login_hint, :prompt, :request_visible_actions, :scope, :state, :redirect_uri]
 
14
      option :authorize_options, [:access_type, :hd, :login_hint, :prompt, :request_visible_actions, :scope, :state, :redirect_uri, :include_granted_scopes]
14
15
 
15
16
      option :client_options, {
16
17
        :site          => 'https://accounts.google.com',
26
27
 
27
28
          raw_scope = params[:scope] || DEFAULT_SCOPE
28
29
          scope_list = raw_scope.split(" ").map {|item| item.split(",")}.flatten
29
 
          scope_list.map! { |s| s =~ /^https?:\/\// ? s : "#{BASE_SCOPE_URL}#{s}" }
 
30
          scope_list.map! { |s| s =~ /^https?:\/\// || BASE_SCOPES.include?(s) ? s : "#{BASE_SCOPE_URL}#{s}" }
30
31
          params[:scope] = scope_list.join(" ")
31
32
          params[:access_type] = 'offline' if params[:access_type].nil?
32
33
 
34
35
        end
35
36
      end
36
37
 
37
 
      uid { raw_info['id'] || verified_email }
 
38
      uid { raw_info['sub'] || verified_email }
38
39
 
39
40
      info do
40
41
        prune!({
42
43
          :email      => verified_email,
43
44
          :first_name => raw_info['given_name'],
44
45
          :last_name  => raw_info['family_name'],
45
 
          :image      => image_url(options),
 
46
          :image      => image_url,
46
47
          :urls => {
47
 
            'Google' => raw_info['link']
 
48
            'Google' => raw_info['profile']
48
49
          }
49
50
        })
50
51
      end
53
54
        hash = {}
54
55
        hash[:id_token] = access_token['id_token']
55
56
        hash[:raw_info] = raw_info unless skip_info?
56
 
        hash[:raw_friend_info] = raw_friend_info(raw_info['id']) unless skip_info? || options[:skip_friends]
 
57
        hash[:raw_friend_info] = raw_friend_info(raw_info['sub']) unless skip_info? || options[:skip_friends]
57
58
        prune! hash
58
59
      end
59
60
 
60
61
      def raw_info
61
 
        @raw_info ||= access_token.get('https://www.googleapis.com/oauth2/v1/userinfo').parsed
 
62
        @raw_info ||= access_token.get('https://www.googleapis.com/plus/v1/people/me/openIdConnect').parsed
62
63
      end
63
64
 
64
65
      def raw_friend_info(id)
66
67
      end
67
68
 
68
69
      def custom_build_access_token
69
 
        if verify_token(request.params['id_token'], request.params['access_token'])
 
70
        if request.xhr? && request.params['code']
 
71
          verifier = request.params['code']
 
72
          client.auth_code.get_token(verifier, { :redirect_uri => 'postmessage'}.merge(token_params.to_hash(:symbolize_keys => true)),
 
73
                                     deep_symbolize(options.auth_token_params || {}))
 
74
        elsif verify_token(request.params['id_token'], request.params['access_token'])
70
75
          ::OAuth2::AccessToken.from_hash(client, request.params.dup)
71
76
        else
72
77
          orig_build_access_token
85
90
      end
86
91
 
87
92
      def verified_email
88
 
        raw_info['verified_email'] ? raw_info['email'] : nil
 
93
        raw_info['email_verified'] ? raw_info['email'] : nil
89
94
      end
90
95
 
91
 
      def image_url(options)
 
96
      def image_url
92
97
        original_url = raw_info['picture']
93
 
        return original_url if original_url.nil? || (!options[:image_size] && !options[:image_aspect_ratio])
94
 
 
 
98
        original_url = original_url.gsub("https:https://", "https://") if original_url
 
99
        params_index = original_url.index('/photo.jpg') if original_url
 
100
 
 
101
        if params_index && image_size_opts_passed?
 
102
          original_url.insert(params_index, image_params)
 
103
        else
 
104
          original_url
 
105
        end
 
106
      end
 
107
 
 
108
      def image_size_opts_passed?
 
109
        !!(options[:image_size] || options[:image_aspect_ratio])
 
110
      end
 
111
 
 
112
      def image_params
95
113
        image_params = []
96
114
        if options[:image_size].is_a?(Integer)
97
115
          image_params << "s#{options[:image_size]}"
101
119
        end
102
120
        image_params << 'c' if options[:image_aspect_ratio] == 'square'
103
121
 
104
 
        params_index = original_url.index('/photo.jpg')
105
 
        original_url.insert(params_index, ('/' + image_params.join('-')))
 
122
        '/' + image_params.join('-')
106
123
      end
107
124
 
108
125
      def verify_token(id_token, access_token)