archive/phabricator
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Add Google as an OAuth2 provider (BETA)

Browse Source 
Summary:
This is pretty straightforward, except:

  - We need to request read/write access to the address book to get the account
ID (which we MUST have) and real name, email and account name (which we'd like
to have). This is way more access than we should need, but there's apparently no
"get_loggedin_user_basic_information" type of call in the Google API suite (or,
at least, I couldn't find one).
  - We can't get the profile picture or profile URI since there's no Plus API
access and Google users don't have meaningful public pages otherwise.
  - Google doesn't save the fact that you've authorized the app, so every time
you want to login you need to reaffirm that you want to give us silly amounts of
access. Phabricator sessions are pretty long-duration though so this shouldn't
be a major issue.

Test Plan:
  - Registered, logged out, and logged in with Google.
  - Registered, logged out, and logged in with Facebook / Github to make sure I
didn't break anything.
  - Linked / unlinked Google accounts.

Reviewers: Makinde, jungejason, nh, tuomaspelkonen, aran

Reviewed By: aran

CC: aran, epriestley, Makinde

Differential Revision: 916
This commit is contained in:
epriestley
2011-09-08 16:37:22 -07:00
parent 4da43b31a3
commit 1620bce842
12 changed files with 263 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/applications/auth/controller/oauth/PhabricatorOAuthLoginController.php
View File

@@ -63,9 +63,7 @@ class PhabricatorOAuthLoginController extends PhabricatorAuthController {
'access_token' => $this->accessToken,
));
$user_json = @file_get_contents($userinfo_uri);
$user_data = json_decode($user_json, true);
$user_data = @file_get_contents($userinfo_uri);
$provider->setUserData($user_data);
$provider->setAccessToken($this->accessToken);
@@ -240,7 +238,7 @@ class PhabricatorOAuthLoginController extends PhabricatorAuthController {
'client_secret' => $client_secret,
'redirect_uri' => $redirect_uri,
'code' => $code,
);
) + $provider->getExtraTokenParameters();
$post_data = http_build_query($query_data);
$post_length = strlen($post_data);
@@ -270,8 +268,7 @@ class PhabricatorOAuthLoginController extends PhabricatorAuthController {
return $this->buildErrorResponse(new PhabricatorOAuthFailureView());
}
$data = array();
parse_str($response, $data);
$data = $provider->decodeTokenResponse($response);
$token = idx($data, 'access_token');
if (!$token) {