-1
我有一個谷歌Oauth,將使用戶授權當用戶轉到我的網頁,但我只希望他們必須授權應用程序我可以訪問和刷新令牌,當他們去某個頁面輸入一個谷歌的API信息。谷歌正在授權他們的任何路線,他們在任何想法如何阻止this.Ruby不會讓我在這個任何一條路線。如何讓我的谷歌oauth只嘗試和授權在某一路線上的應用程序
def user_credentials
# Build a per-request oauth credential based on token stored in
session
# which allows us to use a shared API client.
@authorization ||= (
auth = settings.authorization.dup
auth.redirect_uri = to('/oauth2callback')
auth.update_token!(session)
auth
)
end
configure do
Google::Apis::ClientOptions.default.application_name = 'Get Login
info for Google Ad Exchange'
Google::Apis::ClientOptions.default.application_version = '1.0.0'
client_secrets = Google::APIClient::ClientSecrets.load
authorization = client_secrets.to_authorization
authorization.scope =
'https://www.googleapis.com/auth/adexchange.seller.readonly'
set :authorization, authorization
end
before do
# Ensure user has authorized the app
unless user_credentials.access_token || request.path_info =~
/^\/oauth2/
redirect to('/oauth2authorize')
end
end
after do
# Serialize the access/refresh token to the session and credential
store.
# We could potentially need to pull back the client_id and
client_secret as well and add them to the dynamo database.
# session[:client_id] = user_credentials.client_id
# session[:client_secret] = user_credentials.client_secret
session[:access_token] = user_credentials.access_token
session[:refresh_token] = user_credentials.refresh_token
session[:expires_in] = user_credentials.expires_in
session[:issued_at] = user_credentials.issued_at
end
get '/oauth2authorize' do
# Request authorization
redirect user_credentials.authorization_uri.to_s, 303
end
get '/oauth2callback' do
# Exchange token
user_credentials.code = params[:code] if params[:code]
user_credentials.fetch_access_token!
redirect to('/')
end
請按照Ruby編碼準則縮進您的代碼。它可以幫助我們幫助你。你有行被包裝並且是語法錯誤。我建議修復這些問題,因爲它們是爲了解決問題。 「[mcve]」和鏈接的頁面有幫助。 –