Using the userinfo.email scope in google AUTH_CONFIG

[Lindsey Simon]

Hey there,

First off - THANK YOU! - this is by far the best OAuth GAE shim out there. It's well written and easy to extend.

I want to get my Google users' email address and see how to include the scope bit in my settings, which I've done.

But the simple OAuth handshake doesn't return the email value - so I'm wondering what you think the simplest way is to queue the request and then store email.

I'm thinking of doing so after auth, but wonder if you've already tinkered with doing so and have any ideas.

Thanks!

[alex]

Thanks for kind words!

I think you won't have to queue a separate request. Even if you did,
it wouldn't get you user's email if the initial authorization was only
for "userinfo.profile" scope (it would be a violation of authorization
- scopes wouldn't match and Google will return an auth error).

Taking example app from the repo, I guess the easiest way is to simply
add/change the scope in here:
https://github.com/crhym3/simpleauth/blob/3b71f53aa31927a6290346c9010fe4dde6a25e90/example/secrets.py.template#L39

so it would become this: "https://www.googleapis.com/auth/userinfo.email"

or "https://www.googleapis.com/auth/userinfo.email
https://www.googleapis.com/auth/userinfo.profile"

Google's endpoint expects scopes separated by space, but other
providers might have it different, e.g. facebook:
https://github.com/crhym3/simpleauth/blob/3b71f53aa31927a6290346c9010fe4dde6a25e90/README#L134

Anyway, once the scope is in there during auth flow, then user's email
should be present in "data" arg of _on_signin method:
https://github.com/crhym3/simpleauth/blob/3b71f53aa31927a6290346c9010fe4dde6a25e90/example/handlers.py#L141

Also, it should contain other additional attributes like
"verified_email" (boolean) which indicates if user's email has been
verified, etc.

I didn't include email scope in the example app running on
https://simpleauth.appspot.com only because I didn't want to spook
anyone thinking that I'm collecting email addresses :)


Hope this solves the issue!

> --
> You received this message because you are subscribed to the Google Groups
> "SimpleAuth for GAE" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to gae-simpleaut...@googlegroups.com.
> Visit this group at http://groups.google.com/group/gae-simpleauth?hl=en.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>

[Lindsey Simon]

Ah, interesting.

Ok, I'd updated my settings to include the scope like so:

AUTH_CONFIG = {

  # OAuth 2.0 providers

  'google'      : (GOOGLE_APP_ID, GOOGLE_APP_SECRET,

                  ('https://www.googleapis.com/auth/userinfo.profile '

                   'https://www.googleapis.com/auth/userinfo.email')),

but I didn't see these new fields in my user object and so I wondered if I might need to make some additional API call to get the email info from Google.

I'll experiment some more..

On Tuesday, June 11, 2013 5:51:19 PM UTC-7, Lindsey Simon wrote:

Hey there,

First off - THANK YOU! - this is by far the best OAuth GAE shim out there. It's well written and easy to extend.

I want to get my Google users' email address and see how to include the scope bit in my settings, which I've done.

But the simple OAuth handshake doesn't return the email value - so I'm wondering what you think the simplest way is to queue the request and then store email.

I'm thinking of doing so after auth, but wonder if you've already tinkered with doing so and have any ideas.

Thanks!

[Lindsey Simon]

Do I maybe need to update the USER_ATTRS dict to include these new fields?

[Lindsey Simon]

ah - I think that did the trick =)

[alex]

Cool! Yeah, sorry, forgot to mention USER_ATTRS.

[SInCRO UFES]

I just stumbling upon the same problem, and I wonder what you added in USER_ATTRS that returned the email address?