recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Tighten scope requests with Google OAuth

Summary: We currently make a ludicrously gigantic permission request to do Google auth (read/write access to the entire address book), since I couldn't figure out how to do a more narrowly tailored request when I implemented it. @csilvers pointed me at some much more sensible APIs; we can now just ask for user ID, name, and email address.

Test Plan: Created a new account via Google Oauth. Linked/unlinked an existing account. Verified diagnostics page still works correctly. Logged in with a pre-existing Google account created with the old API (to verify user IDs are the same through both methods).

Reviewers: btrahan, vrana, csilvers, Makinde

Reviewed By: csilvers

CC: aran

Differential Revision: https://secure.phabricator.com/D2378

epriestley 6a043284 5604a662

+14 -28
+14 -27
src/applications/auth/oauth/provider/google/PhabricatorOAuthProviderGoogle.php
··· 71 71 } 72 72 73 73 public function getUserInfoURI() { 74 - return 'https://www.google.com/m8/feeds/contacts/default/full'; 74 + return 'https://www.googleapis.com/oauth2/v1/userinfo'; 75 75 } 76 76 77 77 public function getMinimumScope() { 78 - // This is the Google contacts API, which is apparently the best way to get 79 - // the user ID / login / email since Google doesn't apparently have a 80 - // more generic "user.info" sort of call (or, if it does, I couldn't find 81 - // it). This is sort of terrifying since it lets Phabricator read your whole 82 - // address book and possibly your physical address and such, so it would 83 - // be really nice to find a way to restrict this scope to something less 84 - // crazily permissive. But users will click anything and the dialog isn't 85 - // very scary, so whatever. 86 - return 'https://www.google.com/m8/feeds'; 78 + $scopes = array( 79 + 'https://www.googleapis.com/auth/userinfo.email', 80 + 'https://www.googleapis.com/auth/userinfo.profile', 81 + ); 82 + 83 + return implode(' ', $scopes); 87 84 } 88 85 89 86 public function setUserData($data) { 90 - // SimpleXMLElement will throw if $data is unusably malformed, which to 91 - // us is just a provider issue 92 - try { 93 - $xml = new SimpleXMLElement($data); 94 - } catch (Exception $e) { 95 - throw new PhabricatorOAuthProviderException(); 96 - } 87 + $data = json_decode($data, true); 88 + $this->validateUserData($data); 97 89 98 - $id = (string)$xml->id; 99 - $this->userData = array( 100 - 'id' => $id, 101 - 'email' => (string)$xml->author[0]->email, 102 - 'real' => (string)$xml->author[0]->name, 90 + // Guess account name from email address, this is just a hint anyway. 91 + $data['account'] = head(explode('@', $data['email'])); 103 92 104 - // Guess account name from email address, this is just a hint anyway. 105 - 'account' => head(explode('@', $id)), 106 - ); 93 + $this->userData = $data; 107 94 return $this; 108 95 } 109 96 110 97 public function retrieveUserID() { 111 - return $this->userData['id']; 98 + return $this->userData['email']; 112 99 } 113 100 114 101 public function retrieveUserEmail() { ··· 130 117 } 131 118 132 119 public function retrieveUserRealName() { 133 - return $this->userData['real']; 120 + return $this->userData['name']; 134 121 } 135 122 136 123 public function getExtraAuthParameters() {
-1
src/applications/auth/oauth/provider/google/__init__.php
··· 7 7 8 8 9 9 phutil_require_module('phabricator', 'applications/auth/oauth/provider/base'); 10 - phutil_require_module('phabricator', 'applications/auth/oauth/provider/exception'); 11 10 phutil_require_module('phabricator', 'infrastructure/env'); 12 11 13 12 phutil_require_module('phutil', 'utils');