github/meteor
1
1
Fork 0
mirror of https://github.com/meteor/meteor.git synced 2026-05-02 03:01:46 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
eb04e791e6f42f29ea514b8cf04b9722246db736
meteor/packages/google/google_client.js
Emily Stark 55363a9b86 Merge remote-tracking branch 'origin/devel' into awwx-oauth-encryption 
Conflicts:
	History.md
	packages/facebook/facebook_client.js
	packages/github/github_client.js
	packages/google/google_client.js
	packages/meetup/meetup_client.js
	packages/meteor-developer/meteor_developer_client.js
	packages/twitter/twitter_client.js
	packages/weibo/weibo_client.js
2014-04-22 11:31:31 -07:00

63 lines
2.4 KiB
JavaScript
Raw Blame History

Google = {};
// Request Google credentials for the user
// @param options {optional}
// @param credentialRequestCompleteCallback {Function} Callback function to call on
// completion. Takes one argument, credentialToken on success, or Error on
// error.
Google.requestCredential = function (options, credentialRequestCompleteCallback) {
// support both (options, callback) and (callback).
if (!credentialRequestCompleteCallback && typeof options === 'function') {
credentialRequestCompleteCallback = options;
options = {};
} else if (!options) {
options = {};
}
var config = ServiceConfiguration.configurations.findOne({service: 'google'});
if (!config) {
credentialRequestCompleteCallback && credentialRequestCompleteCallback(
new ServiceConfiguration.ConfigError());
return;
}
var credentialToken = Random.secret();
// always need this to get user id from google.
var requiredScope = ['profile'];
var scope = ['email'];
if (options.requestPermissions)
scope = options.requestPermissions;
scope = _.union(scope, requiredScope);
var flatScope = _.map(scope, encodeURIComponent).join('+');
// https://developers.google.com/accounts/docs/OAuth2WebServer#formingtheurl
var accessType = options.requestOfflineToken ? 'offline' : 'online';
var approvalPrompt = options.forceApprovalPrompt ? 'force' : 'auto';
var loginUrl =
'https://accounts.google.com/o/oauth2/auth' +
'?response_type=code' +
'&client_id=' + config.clientId +
'&scope=' + flatScope +
'&redirect_uri=' + Meteor.absoluteUrl('_oauth/google?close') +
'&state=' + credentialToken +
'&access_type=' + accessType +
'&approval_prompt=' + approvalPrompt;
// Use Google's domain-specific login page if we want to restrict creation to
// a particular email domain. (Don't use it if restrictCreationByEmailDomain
// is a function.) Note that all this does is change Google's UI ---
// accounts-base/accounts_server.js still checks server-side that the server
// has the proper email address after the OAuth conversation.
if (typeof Accounts._options.restrictCreationByEmailDomain === 'string') {
loginUrl += '&hd=' + encodeURIComponent(Accounts._options.restrictCreationByEmailDomain);
}
OAuth.showPopup(
loginUrl,
_.bind(credentialRequestCompleteCallback, null, credentialToken),
{ height: 406 }
);
};
Reference in New Issue View Git Blame Copy Permalink