Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
discourse/lib/auth/google_oauth2_authenticator.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

37 lines
1.1 KiB
Ruby
Raw Normal View History

DEV: enable frozen string literal on all files This reduces chances of errors where consumers of strings mutate inputs and reduces memory usage of the app. Test suite passes now, but there may be some stuff left, so we will run a few sites on a branch prior to merging
2019-05-02 18:17:27 -04:00
# frozen_string_literal: true
REFACTOR: Migrate GoogleOAuth2Authenticator to use ManagedAuthenticator (#7120) https://meta.discourse.org/t/future-social-authentication-improvements/94691/3
2019-03-07 06:31:04 -05:00
class Auth::GoogleOAuth2Authenticator < Auth::ManagedAuthenticator
Add Google Oauth2 authenticator. The current Google OpenID authentication has been deprecated by Google and will NOT work for any new websites.
2014-05-21 18:19:40 -04:00
def name
"google_oauth2"
end
FEATURE: List, revoke and reconnect associated accounts. Phase 1 (#6099) Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook.
2018-07-23 11:51:57 -04:00
def enabled?
SiteSetting.enable_google_oauth2_logins
end
REFACTOR: Migrate GoogleOAuth2Authenticator to use ManagedAuthenticator (#7120) https://meta.discourse.org/t/future-social-authentication-improvements/94691/3
2019-03-07 06:31:04 -05:00
def primary_email_verified?(auth_token)
# note, emails that come back from google via omniauth are always valid
# this protects against future regressions
auth_token[:extra][:raw_info][:email_verified]
Add Google Oauth2 authenticator. The current Google OpenID authentication has been deprecated by Google and will NOT work for any new websites.
2014-05-21 18:19:40 -04:00
end
def register_middleware(omniauth)
Take 2 on https://github.com/discourse/discourse/commit/f74d6bb605f0395f4cba5e69d3c32206ca7c39a8. New options are left out by default when not configured so that an incorrect default configuration doesn't blow up google oauth for everyone.
2018-02-22 18:19:36 -05:00
options = {
setup: lambda { |env|
strategy = env["omniauth.strategy"]
FIX: Google `HD` and `Prompt` settings should be checked at runtime Previously a server restart was required after settings changes, and it did not work in multisite environments
2019-01-31 05:05:25 -05:00
strategy.options[:client_id] = SiteSetting.google_oauth2_client_id
strategy.options[:client_secret] = SiteSetting.google_oauth2_client_secret
if (google_oauth2_hd = SiteSetting.google_oauth2_hd).present?
strategy.options[:hd] = google_oauth2_hd
end
if (google_oauth2_prompt = SiteSetting.google_oauth2_prompt).present?
strategy.options[:prompt] = google_oauth2_prompt.gsub("|", " ")
end
REFACTOR: Migrate GoogleOAuth2Authenticator to use ManagedAuthenticator (#7120) https://meta.discourse.org/t/future-social-authentication-improvements/94691/3
2019-03-07 06:31:04 -05:00
}
Take 2 on https://github.com/discourse/discourse/commit/f74d6bb605f0395f4cba5e69d3c32206ca7c39a8. New options are left out by default when not configured so that an incorrect default configuration doesn't blow up google oauth for everyone.
2018-02-22 18:19:36 -05:00
}
omniauth.provider :google_oauth2, options
Add Google Oauth2 authenticator. The current Google OpenID authentication has been deprecated by Google and will NOT work for any new websites.
2014-05-21 18:19:40 -04:00
end
Don't blow up if Redis switches to READONLY
2015-04-24 13:10:43 -04:00
end