Merge branch 'zimme-google-prompt' into devel

PR #4370

History.md

@@ -119,6 +119,8 @@
 
   - uglify-js: 2.4.20 (from 2.4.17)
 
+* `Meteor.loginWithGoogle` now supports `prompt`. Choose a prompt to always be
+  displayed on Google login.
 
 ## v1.1.0.2, 2015-Apr-06
 

packages/accounts-oauth/oauth_client.js

@@ -10,6 +10,7 @@
  * @param {String[]} options.requestPermissions A list of permissions to request from the user.
  * @param {Boolean} options.requestOfflineToken If true, asks the user for permission to act on their behalf when offline. This stores an additional offline token in the `services` field of the user document. Currently only supported with Google.
  * @param {Boolean} options.forceApprovalPrompt If true, forces the user to approve the app's permissions, even if previously approved. Currently only supported with Google.
+ * @param {String} options.prompt String of the kind of prompt(s) to always show. Valid options are "consent", "none", "select_account" or a combination. i.e. "select_account+consent". Currently only supported with Google.
  * @param {String} options.userEmail An email address that the external service will use to pre-fill the login prompt. Currently only supported with Meteor developer accounts.
  * @param {String} options.loginStyle Login style ("popup" or "redirect", defaults to the login service configuration).  The "popup" style opens the login page in a separate popup window, which is generally preferred because the Meteor application doesn't need to be reloaded.  The "redirect" style redirects the Meteor application's window to the login page, and the login service provider redirects back to the Meteor application which is then reloaded.  The "redirect" style can be used in situations where a popup window can't be opened, such as in a mobile UIWebView.  The "redirect" style however relies on session storage which isn't available in Safari private mode, so the "popup" style will be forced if session storage can't be used.
  * @param {Function} [callback] Optional callback. Called with no arguments on success, or with a single `Error` argument on failure. The callback cannot be called if you are using the "redirect" `loginStyle`, because the app will have reloaded in the meantime; try using [client-side login hooks](#accounts_onlogin) instead.

packages/google/google_client.js

@@ -33,7 +33,6 @@ Google.requestCredential = function (options, credentialRequestCompleteCallback)
 
   // https://developers.google.com/accounts/docs/OAuth2WebServer#formingtheurl
   var accessType = options.requestOfflineToken ? 'offline' : 'online';
-  var approvalPrompt = options.forceApprovalPrompt ? 'force' : 'auto';
 
   var loginStyle = OAuth._loginStyle('google', config, options);
 
@@ -44,8 +43,13 @@ Google.requestCredential = function (options, credentialRequestCompleteCallback)
         '&scope=' + flatScope +
         '&redirect_uri=' + OAuth._redirectUri('google', config) +
         '&state=' + OAuth._stateParam(loginStyle, credentialToken) +
-        '&access_type=' + accessType +
-        '&approval_prompt=' + approvalPrompt;
+        '&access_type=' + accessType;
+
+  if (typeof options.prompt === 'string') {
+    loginUrl += '&prompt=' + options.prompt;
+  } else if (options.forceApprovalPrompt) {
+    loginUrl += '&prompt=consent';
+  }
 
   // Use Google's domain-specific login page if we want to restrict creation to
   // a particular email domain. (Don't use it if restrictCreationByEmailDomain