Handle client side flow for google auth.#35
Handle client side flow for google auth.#35rohanpujaris wants to merge 1 commit intoueberauth:masterfrom
Conversation
rohanpujaris
force-pushed
the
support_for_google_client_side_flow
branch
from
1367e38 to
9ae213d
Compare
hassox
left a comment
hassox
left a comment
There was a problem hiding this comment.
Overall looks good. 1 question about the return of the oauth call.
| resp = Ueberauth.Strategy.Google.OAuth.get(token, path) | ||
|
|
||
| case resp do | ||
| {:ok, %OAuth2.Response{status_code: 401, body: _body}} -> |
There was a problem hiding this comment.
Does a 401 here return with an :error in the tuple? I think when I was testing it it still responded with an :ok
There was a problem hiding this comment.
@hassox Yep, it returned an :error when I tested it. I will retest it and confirm.
There was a problem hiding this comment.
@hassox I have verified the response again. It returns with and :error. Below is the returned response.
{:error,
%OAuth2.Response{body: %{"error" => "invalid_token",
"error_description" => "Invalid Credentials"},
headers: [{"vary", "X-Origin"},
{"www-authenticate",
"Bearer realm=\"https://accounts.google.com/\", error=invalid_token"},
{"content-type", "application/json; charset=UTF-8"},
{"date", "Wed, 14 Jun 2017 06:47:11 GMT"},
{"expires", "Wed, 14 Jun 2017 06:47:11 GMT"},
{"cache-control", "private, max-age=0"},
{"x-content-type-options", "nosniff"}, {"x-frame-options", "SAMEORIGIN"},
{"x-xss-protection", "1; mode=block"}, {"server", "GSE"},
{"alt-svc", "quic=\":443\"; ma=2592000; v=\"38,37,36,35\""},
{"accept-ranges", "none"}, {"vary", "Origin,Accept-Encoding"},
{"transfer-encoding", "chunked"}], status_code: 401}}
There was a problem hiding this comment.
The latest oauth2 version has changed so that any successful HTTP status codes (200..399) returns {:ok, resp} and all others returns {:error, resp}.
| @doc """ | ||
| Handles the callback for Google client side flow. | ||
| """ | ||
| def handle_callback!(%Plug.Conn{params: %{"token" => token}} = conn) do |
There was a problem hiding this comment.
@hassox could we add the parameter as binary as well? We technically don't need the Conn so if I add the logic of the oauth callbacks outside of an phoenix project I dont need to carry on the Conn everywhere.
The same for other strategies
There was a problem hiding this comment.
@yordis I'm not sure I follow when you say binary. Are you asking that this match be changed from %Plug.Conn{params: %{"token" => token}} to %{params: %{"token" => token}}?
There was a problem hiding this comment.
@blakedietz could you make this change based on @yordis's comment below?
There was a problem hiding this comment.
@rohanpujaris the param that holds the JWT is called credential I think: https://developers.google.com/identity/gsi/web/reference/js-reference#credential
|
Any updates on this? I’m running into issues with my spa + api because of this. |
|
@blakedietz Sorry for the delays, I'll look over things and see where they stand. In the mean time @yordis or @hassox do you have any further questions or concerns? |
|
@doomspork as long as I don't depends of |
|
@doomspork @yordis Should I proceed with removing %Plug.Conn{} reference on this PR. reference is also present here -> https://github.com/rohanpujaris/ueberauth_google/blob/master/lib/ueberauth/strategy/google.ex#L34 Let me know if we want to remove it from above code as well? |
|
@rohanpujaris dont worry about it for now. |
|
@ueberauth/developers just roll with what we have right now so when we introduce token workflow we go back to all the providers and we take care of the use case |
|
@yordis why would we want to remove the |
|
@scrogson yes but, details like those
and returning the same ueberauth data structure back is why I wouldn't do the request myself. Outside, yes just call the API directly. |
|
is it not planned to have this merged? |
|
@rohanpujaris / @ueberauth/core — where is this PR at? What do we need to do to finish getting this merged? @yordis how does this impact the proposed changes you'd like to make? |
|
There are multiple ways to implement this, the only issue going for this route is the dependency with |
|
Can we get this merged? |
|
Hi! What is the plan for this PR? |
|
@ueberauth/developers I completely lost track of this, my apologies. Any thoughts? |
|
I am no longer working on Elixir and PhoenixFramework. If anybody wants to take this forward, feel free to do so. |
9 participants
Use ueberauth_google with client side flow, when user just passes token to server.