-1
我有一个谷歌Oauth,将使用户授权当用户转到我的网页,但我只希望他们必须授权应用程序我可以访问和刷新令牌,当他们去某个页面输入一个谷歌的API信息。谷歌正在授权他们的任何路线,他们在任何想法如何阻止this.Ruby不会让我在这个任何一条路线。如何让我的谷歌oauth只尝试和授权在某一路线上的应用程序
def user_credentials
# Build a per-request oauth credential based on token stored in
session
# which allows us to use a shared API client.
@authorization ||= (
auth = settings.authorization.dup
auth.redirect_uri = to('/oauth2callback')
auth.update_token!(session)
auth
)
end
configure do
Google::Apis::ClientOptions.default.application_name = 'Get Login
info for Google Ad Exchange'
Google::Apis::ClientOptions.default.application_version = '1.0.0'
client_secrets = Google::APIClient::ClientSecrets.load
authorization = client_secrets.to_authorization
authorization.scope =
'https://www.googleapis.com/auth/adexchange.seller.readonly'
set :authorization, authorization
end
before do
# Ensure user has authorized the app
unless user_credentials.access_token || request.path_info =~
/^\/oauth2/
redirect to('/oauth2authorize')
end
end
after do
# Serialize the access/refresh token to the session and credential
store.
# We could potentially need to pull back the client_id and
client_secret as well and add them to the dynamo database.
# session[:client_id] = user_credentials.client_id
# session[:client_secret] = user_credentials.client_secret
session[:access_token] = user_credentials.access_token
session[:refresh_token] = user_credentials.refresh_token
session[:expires_in] = user_credentials.expires_in
session[:issued_at] = user_credentials.issued_at
end
get '/oauth2authorize' do
# Request authorization
redirect user_credentials.authorization_uri.to_s, 303
end
get '/oauth2callback' do
# Exchange token
user_credentials.code = params[:code] if params[:code]
user_credentials.fetch_access_token!
redirect to('/')
end
请按照Ruby编码准则缩进您的代码。它可以帮助我们帮助你。你有行被包装并且是语法错误。我建议修复这些问题,因为它们是为了解决问题。 “[mcve]”和链接的页面有帮助。 –