1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-23 22:10:55 +01:00

Tighten scope requests with Google OAuth

Summary: We currently make a ludicrously gigantic permission request to do Google auth (read/write access to the entire address book), since I couldn't figure out how to do a more narrowly tailored request when I implemented it. @csilvers pointed me at some much more sensible APIs; we can now just ask for user ID, name, and email address.

Test Plan: Created a new account via Google Oauth. Linked/unlinked an existing account. Verified diagnostics page still works correctly. Logged in with a pre-existing Google account created with the old API (to verify user IDs are the same through both methods).

Reviewers: btrahan, vrana, csilvers, Makinde

Reviewed By: csilvers

CC: aran

Differential Revision: https://secure.phabricator.com/D2378
This commit is contained in:
epriestley 2012-05-03 13:25:06 -07:00
parent 5604a662df
commit 6a04328430
2 changed files with 14 additions and 28 deletions

View file

@ -71,44 +71,31 @@ final class PhabricatorOAuthProviderGoogle extends PhabricatorOAuthProvider {
}
public function getUserInfoURI() {
return 'https://www.google.com/m8/feeds/contacts/default/full';
return 'https://www.googleapis.com/oauth2/v1/userinfo';
}
public function getMinimumScope() {
// This is the Google contacts API, which is apparently the best way to get
// the user ID / login / email since Google doesn't apparently have a
// more generic "user.info" sort of call (or, if it does, I couldn't find
// it). This is sort of terrifying since it lets Phabricator read your whole
// address book and possibly your physical address and such, so it would
// be really nice to find a way to restrict this scope to something less
// crazily permissive. But users will click anything and the dialog isn't
// very scary, so whatever.
return 'https://www.google.com/m8/feeds';
$scopes = array(
'https://www.googleapis.com/auth/userinfo.email',
'https://www.googleapis.com/auth/userinfo.profile',
);
return implode(' ', $scopes);
}
public function setUserData($data) {
// SimpleXMLElement will throw if $data is unusably malformed, which to
// us is just a provider issue
try {
$xml = new SimpleXMLElement($data);
} catch (Exception $e) {
throw new PhabricatorOAuthProviderException();
}
$data = json_decode($data, true);
$this->validateUserData($data);
$id = (string)$xml->id;
$this->userData = array(
'id' => $id,
'email' => (string)$xml->author[0]->email,
'real' => (string)$xml->author[0]->name,
// Guess account name from email address, this is just a hint anyway.
$data['account'] = head(explode('@', $data['email']));
// Guess account name from email address, this is just a hint anyway.
'account' => head(explode('@', $id)),
);
$this->userData = $data;
return $this;
}
public function retrieveUserID() {
return $this->userData['id'];
return $this->userData['email'];
}
public function retrieveUserEmail() {
@ -130,7 +117,7 @@ final class PhabricatorOAuthProviderGoogle extends PhabricatorOAuthProvider {
}
public function retrieveUserRealName() {
return $this->userData['real'];
return $this->userData['name'];
}
public function getExtraAuthParameters() {

View file

@ -7,7 +7,6 @@
phutil_require_module('phabricator', 'applications/auth/oauth/provider/base');
phutil_require_module('phabricator', 'applications/auth/oauth/provider/exception');
phutil_require_module('phabricator', 'infrastructure/env');
phutil_require_module('phutil', 'utils');