-
Notifications
You must be signed in to change notification settings - Fork 410
Home
Austin Story edited this page Oct 26, 2020
·
13 revisions
Get your API key at https://code.google.com/apis/console/
auth/google_oauth2
{
"provider" => "google_oauth2",
"uid" => "100000000000000000000",
"info" => {
"name" => "John Smith",
"email" => "john@example.com",
"first_name" => "John",
"last_name" => "Smith",
"image" => "https://lh4.googleusercontent.com/photo.jpg",
"urls" => {
"google" => "https://plus.google.com/+JohnSmith"
}
},
"credentials" => {
"token" => "TOKEN",
"refresh_token" => "REFRESH_TOKEN",
"expires_at" => 1496120719,
"expires" => true
},
"extra" => {
"id_token" => "ID_TOKEN",
"id_info" => {
"azp" => "APP_ID",
"aud" => "APP_ID",
"sub" => "100000000000000000000",
"email" => "john@example.com",
"email_verified" => true,
"at_hash" => "HK6E_P6Dh8Y93mRNtsDB1Q",
"iss" => "accounts.google.com",
"iat" => 1496117119,
"exp" => 1496120719
},
"raw_info" => {
"kind" => "plus#personOpenIdConnect",
"gender" => "male",
"sub" => "100000000000000000000",
"name" => "John Smith",
"given_name" => "John",
"family_name" => "Smith",
"profile" => "https://plus.google.com/+JohnSmith",
"picture" => "https://lh4.googleusercontent.com/photo.jpg?sz=50",
"email" => "john@example.com",
"email_verified" => "true",
"locale" => "en",
"hd" => "company.com"
}
}
}
- You don't need the https://www.googleapis.com/auth/ prefix.
- You provide a comma separated list, without spaces.
As part of configuring the provider you can statically declare hd in order to limit the domains that can be requested from google.
Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2, ENV['GOOGLE_CLIENT_ID'], ENV['GOOGLE_CLIENT_SECRET'], { hd: 'example.com' }
endTo do this at runtime, the best way that i have found is to request to the authorize_path with the parameters you would like to inject.
# in rails link
Rails.application.routes.url_helpers.user_google_oauth2_omniauth_authorize_path({ hd: 'example.com' })