Class: Auth::GoogleOAuth2Authenticator
Constant Summary
collapse
- GROUPS_SCOPE =
"https://www.googleapis.com/auth/admin.directory.group.readonly"
- GROUPS_DOMAIN =
"admin.googleapis.com"
- GROUPS_PATH =
"/admin/directory/v1/groups"
- OAUTH2_BASE_URL =
"https://oauth2.googleapis.com"
Instance Method Summary
collapse
#after_create_account, #always_update_user_email?, #can_connect_existing_user?, #can_revoke?, #description_for_auth_hash, #description_for_user, #find_user_by_email, #find_user_by_username, #is_managed?, #match_by_email, #match_by_username, #retrieve_avatar, #retrieve_profile, #revoke
#after_create_account, #can_connect_existing_user?, #can_revoke?, #description_for_auth_hash, #description_for_user, #revoke
Instance Method Details
#after_authenticate(auth_token, existing_account: nil) ⇒ Object
57
58
59
60
61
62
63
64
65
66
67
68
69
|
# File 'lib/auth/google_oauth2_authenticator.rb', line 57
def after_authenticate(auth_token, existing_account: nil)
groups = provides_groups? ? raw_groups(auth_token.uid) : nil
auth_token.[:raw_groups] = groups if groups
result = super
if groups
result.associated_groups =
groups.map { |group| group.with_indifferent_access.slice(:id, :name) }
end
result
end
|
#enabled? ⇒ Boolean
13
14
15
|
# File 'lib/auth/google_oauth2_authenticator.rb', line 13
def enabled?
SiteSetting.enable_google_oauth2_logins
end
|
#name ⇒ Object
9
10
11
|
# File 'lib/auth/google_oauth2_authenticator.rb', line 9
def name
"google_oauth2"
end
|
#primary_email_verified?(auth_token) ⇒ Boolean
17
18
19
20
21
|
# File 'lib/auth/google_oauth2_authenticator.rb', line 17
def primary_email_verified?(auth_token)
auth_token[:extra][:raw_info][:email_verified]
end
|
#provides_groups? ⇒ Boolean
71
72
73
74
75
|
# File 'lib/auth/google_oauth2_authenticator.rb', line 71
def provides_groups?
SiteSetting.google_oauth2_hd.present? && SiteSetting.google_oauth2_hd_groups &&
SiteSetting.google_oauth2_hd_groups_service_account_admin_email.present? &&
SiteSetting.google_oauth2_hd_groups_service_account_json.present?
end
|
#register_middleware(omniauth) ⇒ Object
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
# File 'lib/auth/google_oauth2_authenticator.rb', line 23
def register_middleware(omniauth)
options = {
setup:
lambda do |env|
opts = env["omniauth.strategy"].options
opts[:client_id] = SiteSetting.google_oauth2_client_id
opts[:client_secret] = SiteSetting.google_oauth2_client_secret
if (google_oauth2_hd = SiteSetting.google_oauth2_hd).present?
opts[:hd] = google_oauth2_hd
end
if (google_oauth2_prompt = SiteSetting.google_oauth2_prompt).present?
opts[:prompt] = google_oauth2_prompt.gsub("|", " ")
end
opts[:client_options][:connection_build] = lambda do |builder|
if SiteSetting.google_oauth2_verbose_logging
builder.response :logger,
Rails.logger,
{ bodies: true, formatter: Auth::OauthFaradayFormatter }
end
builder.request :url_encoded
builder.adapter FinalDestination::FaradayAdapter
end
opts[:skip_jwt] = true
end,
}
omniauth.provider :google_oauth2, options
end
|