OAuth Doorman
Description
oauth_doorman is a gem which handles Google OAuth2 authorization in your application:
- composes authentification url
- retrieves access_token for user account
- provides methods for access to Google API
Account administration
- create developer account representing your company if doesn't exist
- this account must have rights to manipulate with user informations, so, let Administrator to enable the Provisioning API
- register your new Application at https://code.google.com/apis/console/ in API Access tab
Hash Parameters
Required Keys
- redirect_uri - your callback url
- client_id - generated by google when registering application
- client_secret - generated by google when registering application
Defaults
scopes | "https://www.googleapis.com/auth/userinfo.email", "https://apps-apis.google.com/a/feeds/groups/"] |
auth_url | "https://accounts.google.com/o/oauth2/auth" |
token_url | "https://accounts.google.com/o/oauth2/token" |
response_type | "code" |
state | "ATAXO" |
user_info_url | "https://www.googleapis.com/oauth2/v1/userinfo" |
groups_info_url | "https://apps-apis.google.com/a/feeds/group/2.0/%s/?member=%s" |
groups_info_auth_header_name | "Authorization" |
groups_info_auth_header_content | "OAuth %s" |
groups_info_request_timeout | 5 |
Available Scopes
Listed in README_scopes
Examples
Initialize Oauth Doorman
api = OauthDoorman::Api.new(
:redirect_uri => "http://localhost:3000/oauth2callback",
:client_id => "123456789.apps.googleusercontent.com",
:client_secret => "O1ciRD-F1EX9h8t8LSQlFQk7",
:state => "MYSTATE"
)
Redirect to Google Account gate
url = api.compose_authentification_request_url(false)
The method parameter force_refresh_token
determines whether refresh_token
should be returned in your callback method. If set to true, user is always asked for permission to provide refresh_token
.
Initialize OAuth Doorman instance by code or refresh_token in callback method
api.init_connection_by_code(request.params[:code])
# in case when you know the refresh_token
provisioning_api.init_connection_by_refresh_token("feififjsd756osd-sdfewd435ssd")
PS: This will be the only way to access API methods in the future.
Calling API functions
current_user = api.get_user_email()
hash_result = provisioning_api.get_user_groups("ataxo.com", current_user)
Author
2012 Ataxo Interactive, a.s.