google登录auth2自定义范围(不带openid) [英] google sign-in auth2 customize scope without openid
问题描述
我想自定义范围,使其仅允许电子邮件"和个人资料",不带"openid"
因为我想让它只要求访问电子邮件和基本个人资料信息.
I want to customize the scope to allow only "email" and "profile", without "openid"
because I would like to making it asking only to access to email and basic profile info.
我尝试使用meta来做到这一点:
I tried to do it using the meta:
<meta name="google-signin-scope" content="email profile">
或js:
gapi.auth2.init({
client_id: 'xxxxxxxxx.apps.googleusercontent.com',
scope: 'email profile'
});
但是它不起作用:在生成的URL中始终存在"openid"作用域...
But it does not work: in the generated URL there is always the "openid" scope...
如何重置"范围并仅允许我想要的?
How can I "reset" the scope, and allow only what I want?
推荐答案
BasicProfile需要配置文件电子邮件openid"作用域.
BasicProfile requires 'profile email openid' scopes.
您可以禁用基本个人资料,而仅需要个人资料电子邮件"范围:
You can disable basic profile and require just 'profile email' scopes:
<meta name="google-signin-fetch_basic_profile" content="false">
<meta name="google-signin-scope" content="profile email">
请注意,在这种情况下,GoogleUser.getBasicProfile()将返回null.您必须手动获取个人资料"和电子邮件"数据.
Note that GoogleUser.getBasicProfile() will return null in this case. You have to manually get 'profile' and 'email' data.
完整的示例(您必须用实际的client_id替换YOUR_CLIENT_ID):
Fully working example (you have to replace YOUR_CLIENT_ID with your actual client_id):
<html>
<head>
<meta name="google-signin-client_id" content="YOUR_CLIENT_ID">
<meta name="google-signin-fetch_basic_profile" content="false">
<meta name="google-signin-scope" content="profile email">
</head>
<body>
<script>
function requestEmailData() {
gapi.client.load('oauth2', 'v2', function() {
gapi.client.oauth2.userinfo.get().execute(function(resp) {
// Shows user email
console.log(resp.email);
})
});
}
function requestProfileData() {
gapi.client.load('plus', 'v1', function() {
gapi.client.plus.people.get( {'userId' : 'me'} ).execute(function(resp) {
// Shows profile information
console.log(resp);
})
});
}
function onSuccess() {
gapi.load('client', function() {
// based on http://stackoverflow.com/a/15384981
requestEmailData();
requestProfileData();
});
}
</script>
<div class="g-signin2" data-onsuccess="onSuccess"></div>
<script src="https://apis.google.com/js/platform.js?onload=onLoad" async defer></script>
</body>
</html>
请注意,您必须在开发者控制台中启用Google+ API才能请求配置文件"数据.为此
Note that you'll have to enable Google+ API in developers console to request 'profile' data. To do that
- 转到 https://console.developers.google.com/
- 选择项目
- 转到API& auth> API
- 找到并启用Google+ API.
- go to https://console.developers.google.com/
- select project
- go to APIs & auth > APIs
- find and enable Google+ API.
这篇关于google登录auth2自定义范围(不带openid)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!