Tighten scope requests with Google OAuth
6a04328430f0
Actions

Authored by epriestley <git@epriestley.com> on May 3 2012, 22:25.

Description

Tighten scope requests with Google OAuth

Summary: We currently make a ludicrously gigantic permission request to do Google auth (read/write access to the entire address book), since I couldn't figure out how to do a more narrowly tailored request when I implemented it. @csilvers pointed me at some much more sensible APIs; we can now just ask for user ID, name, and email address.

Test Plan: Created a new account via Google Oauth. Linked/unlinked an existing account. Verified diagnostics page still works correctly. Logged in with a pre-existing Google account created with the old API (to verify user IDs are the same through both methods).

Reviewers: btrahan, vrana, csilvers, Makinde

Reviewed By: csilvers

CC: aran

Differential Revision: https://secure.phabricator.com/D2378

Details

Committed

epriestley <git@epriestley.com>

May 3 2012, 22:25

Pushed

aubort

Jan 31 2017, 17:16

Parents

rPH5604a662df6c: Minor, if we fatal before loading PhabricatorAccessLog, don't double-fatal.

Branches

Unknown

Tags

Unknown

Event Timeline

epriestley <git@epriestley.com> committed rPH6a04328430f0: Tighten scope requests with Google OAuth (authored by epriestley <git@epriestley.com>).May 3 2012, 22:25

Changes (2)

				Path
	M			src/applications/auth/oauth/provider/google/PhabricatorOAuthProviderGoogle.php
	M			src/applications/auth/oauth/provider/google/__init__.php

Tighten scope requests with Google OAuth6a04328430f0Actions

Description

Details

Event Timeline

Changes (2)

rPH6a04328430f0

src/applications/auth/oauth/provider/google/PhabricatorOAuthProviderGoogle.php

src/applications/auth/oauth/provider/google/__init__.php

Tighten scope requests with Google OAuth
6a04328430f0
Actions

src/applications/auth/oauth/provider/google/init.php