mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-23 22:10:55 +01:00
Tighten scope requests with Google OAuth
Summary: We currently make a ludicrously gigantic permission request to do Google auth (read/write access to the entire address book), since I couldn't figure out how to do a more narrowly tailored request when I implemented it. @csilvers pointed me at some much more sensible APIs; we can now just ask for user ID, name, and email address. Test Plan: Created a new account via Google Oauth. Linked/unlinked an existing account. Verified diagnostics page still works correctly. Logged in with a pre-existing Google account created with the old API (to verify user IDs are the same through both methods). Reviewers: btrahan, vrana, csilvers, Makinde Reviewed By: csilvers CC: aran Differential Revision: https://secure.phabricator.com/D2378
This commit is contained in:
parent
5604a662df
commit
6a04328430
2 changed files with 14 additions and 28 deletions
|
@ -71,44 +71,31 @@ final class PhabricatorOAuthProviderGoogle extends PhabricatorOAuthProvider {
|
|||
}
|
||||
|
||||
public function getUserInfoURI() {
|
||||
return 'https://www.google.com/m8/feeds/contacts/default/full';
|
||||
return 'https://www.googleapis.com/oauth2/v1/userinfo';
|
||||
}
|
||||
|
||||
public function getMinimumScope() {
|
||||
// This is the Google contacts API, which is apparently the best way to get
|
||||
// the user ID / login / email since Google doesn't apparently have a
|
||||
// more generic "user.info" sort of call (or, if it does, I couldn't find
|
||||
// it). This is sort of terrifying since it lets Phabricator read your whole
|
||||
// address book and possibly your physical address and such, so it would
|
||||
// be really nice to find a way to restrict this scope to something less
|
||||
// crazily permissive. But users will click anything and the dialog isn't
|
||||
// very scary, so whatever.
|
||||
return 'https://www.google.com/m8/feeds';
|
||||
$scopes = array(
|
||||
'https://www.googleapis.com/auth/userinfo.email',
|
||||
'https://www.googleapis.com/auth/userinfo.profile',
|
||||
);
|
||||
|
||||
return implode(' ', $scopes);
|
||||
}
|
||||
|
||||
public function setUserData($data) {
|
||||
// SimpleXMLElement will throw if $data is unusably malformed, which to
|
||||
// us is just a provider issue
|
||||
try {
|
||||
$xml = new SimpleXMLElement($data);
|
||||
} catch (Exception $e) {
|
||||
throw new PhabricatorOAuthProviderException();
|
||||
}
|
||||
$data = json_decode($data, true);
|
||||
$this->validateUserData($data);
|
||||
|
||||
$id = (string)$xml->id;
|
||||
$this->userData = array(
|
||||
'id' => $id,
|
||||
'email' => (string)$xml->author[0]->email,
|
||||
'real' => (string)$xml->author[0]->name,
|
||||
// Guess account name from email address, this is just a hint anyway.
|
||||
$data['account'] = head(explode('@', $data['email']));
|
||||
|
||||
// Guess account name from email address, this is just a hint anyway.
|
||||
'account' => head(explode('@', $id)),
|
||||
);
|
||||
$this->userData = $data;
|
||||
return $this;
|
||||
}
|
||||
|
||||
public function retrieveUserID() {
|
||||
return $this->userData['id'];
|
||||
return $this->userData['email'];
|
||||
}
|
||||
|
||||
public function retrieveUserEmail() {
|
||||
|
@ -130,7 +117,7 @@ final class PhabricatorOAuthProviderGoogle extends PhabricatorOAuthProvider {
|
|||
}
|
||||
|
||||
public function retrieveUserRealName() {
|
||||
return $this->userData['real'];
|
||||
return $this->userData['name'];
|
||||
}
|
||||
|
||||
public function getExtraAuthParameters() {
|
||||
|
|
|
@ -7,7 +7,6 @@
|
|||
|
||||
|
||||
phutil_require_module('phabricator', 'applications/auth/oauth/provider/base');
|
||||
phutil_require_module('phabricator', 'applications/auth/oauth/provider/exception');
|
||||
phutil_require_module('phabricator', 'infrastructure/env');
|
||||
|
||||
phutil_require_module('phutil', 'utils');
|
||||
|
|
Loading…
Reference in a new issue