开发者

How do I NOT require user's email when using Rails Omniauth gem and Google OpenID

开发者 https://www.devze.com 2023-02-10 17:56 出处:网络
My current /config/initializers/omniauth.rb file contains: Rails.application.config.middleware.use OmniAuth::Builder do

My current /config/initializers/omniauth.rb file contains:

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :open_id, nil, :name => 'google', :identifier => 'https://www.google.com/accounts/o8/id'
end

When I login via Google by going to /auth/google, Google reports:

DOMAIN is asking for some information from your Google Account EMAIL - Email address: NAME (EMAIL)

My application doesn't need 开发者_如何学Gothe user's email and so I'd like to remove this barrier to entry. Is there anyway to remove this requirement. For Facebook, I've found I can add the "scope" property of options, for example:

provider :facebook, 'APP_ID', 'APP_SECRET', {:scope => ''}


Based on a quick review of the source for the OpenID strategy (which Google Aps auth inherits from), you can pass in options specifying which attributes are optional vs. required for an Attributes Exchange (AX) auth.

See source code here for options: https://github.com/intridea/omniauth/blob/master/oa-openid/lib/omniauth/strategies/open_id.rb

Based on that, I think you could change the options like so to remove email as a required attribute:

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :open_id, nil, :name => 'google', :identifier => 'https://www.google.com/accounts/o8/id', :required => [], :optional => []
end

Good luck. I didn't test this, just reading the source.

0

精彩评论

暂无评论...
验证码 换一张
取 消