defmodule Ueberauth.Strategy.Google.OAuth do @moduledoc """ OAuth2 for Google. Add `client_id` and `client_secret` to your configuration: config :ueberauth, Ueberauth.Strategy.Google.OAuth, client_id: System.get_env("GOOGLE_APP_ID"), client_secret: System.get_env("GOOGLE_APP_SECRET") """ use OAuth2.Strategy @defaults [ strategy: __MODULE__, site: "https://accounts.google.com", authorize_url: "/o/oauth2/v2/auth", token_url: "https://www.googleapis.com/oauth2/v4/token" ] @doc """ Construct a client for requests to Google. This will be setup automatically for you in `Ueberauth.Strategy.Google`. These options are only useful for usage outside the normal callback phase of Ueberauth. """ def client(opts \\ []) do config = Application.get_env(:ueberauth, __MODULE__, []) json_library = Ueberauth.json_library() @defaults |> Keyword.merge(config) |> Keyword.merge(opts) |> resolve_values() |> generate_secret() |> OAuth2.Client.new() |> OAuth2.Client.put_serializer("application/json", json_library) end @doc """ Provides the authorize url for the request phase of Ueberauth. No need to call this usually. """ def authorize_url!(params \\ [], opts \\ []) do opts |> client |> OAuth2.Client.authorize_url!(params) end def get(token, url, headers \\ [], opts \\ []) do [token: token] |> client |> put_param("client_secret", client().client_secret) |> OAuth2.Client.get(url, headers, opts) end def get_access_token(params \\ [], opts \\ []) do case opts |> client |> OAuth2.Client.get_token(params) do {:error, %OAuth2.Response{body: %{"error" => error}} = response} -> description = Map.get(response.body, "error_description", "") {:error, {error, description}} {:error, %OAuth2.Error{reason: reason}} -> {:error, {"error", to_string(reason)}} {:ok, %OAuth2.Client{token: %{access_token: nil} = token}} -> %{"error" => error, "error_description" => description} = token.other_params {:error, {error, description}} {:ok, %OAuth2.Client{token: token}} -> {:ok, token} end end # Strategy Callbacks def authorize_url(client, params) do OAuth2.Strategy.AuthCode.authorize_url(client, params) end def get_token(client, params, headers) do client |> put_param("client_secret", client.client_secret) |> put_header("Accept", "application/json") |> OAuth2.Strategy.AuthCode.get_token(params, headers) end defp resolve_values(list) do for {key, value} <- list do {key, resolve_value(value)} end end defp resolve_value({m, f, a}) when is_atom(m) and is_atom(f), do: apply(m, f, a) defp resolve_value(v), do: v defp generate_secret(opts) do if is_tuple(opts[:client_secret]) do {module, fun} = opts[:client_secret] secret = apply(module, fun, [opts]) Keyword.put(opts, :client_secret, secret) else opts end end end