github/meteor
1
1
Fork 0
mirror of https://github.com/meteor/meteor.git synced 2026-05-02 03:01:46 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
b01ed021eaee519c035b707cfdfb77501e32a7bb
meteor/packages/google/google_client.js
Emily Stark d573464f92 Rename Oauth.initiateLogin to Oauth.showPopup.
2013-11-20 11:26:51 -08:00

62 lines
2.5 KiB
JavaScript
Raw Blame History

Google = {};
// Request Google credentials for the user
// @param options {optional}
// @param credentialRequestCompleteCallback {Function} Callback function to call on
// completion. Takes one argument, credentialToken on success, or Error on
// error.
Google.requestCredential = function (options, credentialRequestCompleteCallback) {
// support both (options, callback) and (callback).
if (!credentialRequestCompleteCallback && typeof options === 'function') {
credentialRequestCompleteCallback = options;
options = {};
} else if (!options) {
options = {};
}
var config = ServiceConfiguration.configurations.findOne({service: 'google'});
if (!config) {
credentialRequestCompleteCallback && credentialRequestCompleteCallback(new ServiceConfiguration.ConfigError("Service not configured"));
return;
}
var credentialToken = Random.id();
// always need this to get user id from google.
var requiredScope = ['https://www.googleapis.com/auth/userinfo.profile'];
var scope = ['https://www.googleapis.com/auth/userinfo.email'];
if (options.requestPermissions)
scope = options.requestPermissions;
scope = _.union(scope, requiredScope);
var flatScope = _.map(scope, encodeURIComponent).join('+');
// https://developers.google.com/accounts/docs/OAuth2WebServer#formingtheurl
var accessType = options.requestOfflineToken ? 'offline' : 'online';
var approvalPrompt = options.forceApprovalPrompt ? 'force' : 'auto';
var loginUrl =
'https://accounts.google.com/o/oauth2/auth' +
'?response_type=code' +
'&client_id=' + config.clientId +
'&scope=' + flatScope +
'&redirect_uri=' + Meteor.absoluteUrl('_oauth/google?close') +
'&state=' + credentialToken +
'&access_type=' + accessType +
'&approval_prompt=' + approvalPrompt;
// Use Google's domain-specific login page if we want to restrict creation to
// a particular email domain. (Don't use it if restrictCreationByEmailDomain
// is a function.) Note that all this does is change Google's UI ---
// accounts-base/accounts_server.js still checks server-side that the server
// has the proper email address after the OAuth conversation.
if (typeof Accounts._options.restrictCreationByEmailDomain === 'string') {
loginUrl += '&hd=' + encodeURIComponent(Accounts._options.restrictCreationByEmailDomain);
}
Oauth.showPopup(
loginUrl,
_.bind(credentialRequestCompleteCallback, null, credentialToken),
{ height: 406 }
);
};
Reference in New Issue View Git Blame Copy Permalink