In the projects menu at the top of the page, ensure the correct project is selected or create a new one.
In the left-side navigation menu, choose APIs & Services → Credentials.
Click the button labeled “Create credentials.” In the menu that appears, choose to create an OAuth client ID.
When prompted to select an application type, select Web application.
Enter your application’s name.
This gem adds a single OAuth callback to your app at /google_sign_in/callback. Under Authorized redirect URIs,
add that callback for your application’s domain: for example, https://example.com/google_sign_in/callback.
To use Google sign-in in development, you’ll need to add another redirect URI for your local environment, like
http://localhost:3000/google_sign_in/callback. For security reasons, we recommend using a separate
client ID for local development. Repeat these instructions to set up a new client ID for development.
Click the button labeled “Create.” You’ll be presented with a client ID and client secret. Save these.
With your client ID set up, configure your Rails application to use it. Run bin/rails credentials:edit to edit your
app’s encrypted credentials and add the following:
google_sign_in:
client_id: [Your client ID here]client_secret: [Your client secret here]
You’re all set to use Google sign-in now. The gem automatically uses the client ID and client secret in your credentials.
Alternatively, you can provide the client ID and client secret using ENV variables. Add a new initializer that sets
config.google_sign_in.client_id and config.google_sign_in.client_secret:
Which would make the callback /my_own/google_sign_in_route/callback.
Usage
This gem provides a google_sign_in_button helper. It generates a button which initiates Google sign-in:
<%= google_sign_in_button 'Sign in with my Google account', proceed_to: create_login_url %><%= google_sign_in_button image_tag('google_logo.png', alt: 'Google'), proceed_to: create_login_url %><%= google_sign_in_button proceed_to: create_login_url do %>
Sign in with my <%= image_tag('google_logo.png', alt: 'Google') %> account
<% end %>
The proceed_to argument is required. After authenticating with Google, the gem redirects to proceed_to, providing
a Google ID token in flash[:google_sign_in][:id_token] or an OAuth authorizaton code grant error
in flash[:google_sign_in][:error]. Your application decides what to do with it:
(The above example assumes the user has already signed up for your service and that you’re storing their Google user ID
in the User#google_id attribute.)
For security reasons, the proceed_to URL you provide to google_sign_in_button is required to reside on the same
origin as your application. This means it must have the same protocol, host, and port as the page where
google_sign_in_button is used. We enforce this before redirecting to the proceed_to URL to guard against
open redirects.
GoogleSignIn::Identity
The GoogleSignIn::Identity class decodes and verifies the integrity of a Google ID token. It exposes the profile
information contained in the token via the following instance methods:
name
email_address
user_id: A string that uniquely identifies a single Google user. Use this, not email_address, to associate a
Google user with an application user. A Google user’s email address may change, but their user_id will remain constant.
email_verified?
avatar_url
locale
hosted_domain: The user’s hosted G Suite domain, provided only if they belong to a G Suite.
given_name: The user's given name.
family_name: The user's last name.
Security
For information on our security response procedure, see SECURITY.md.
Maintenance
Short of patching critical security issues, this gem is now considered done, and will not see any further feature development or minor bug fixes. Feel free to fork this work under the MIT license and continue the feature development under a different name.
License
Google Sign-In for Rails is released under the MIT License.
Google is a registered trademark of Google LLC. This project is not operated by or in any way affiliated with Google LLC.
请发表评论