Added Google as an oauth provider and refactorings #114
Conversation
Routes are now less provider dependent. github.clj deprecated in favor provider-agnostic oauth.clj Indentation changes according to https://github.com/bbatsov/clojure-style-guide
profiles.sample.clj
Outdated
| :embedly-key "embedly api key" | ||
| ;; for avatar and file uploads | ||
| ;; :aws-domain | ||
| "braid.mysite.com" |
There was a problem hiding this comment.
looks like the key here is commented out but not the value
| :on-click (fn [e] | ||
| (.preventDefault e) | ||
| ; must use dispatch-sync | ||
| ; b/c dispatch triggers pop-up blocker |
There was a problem hiding this comment.
These should probably be ";;" comments so they're aligned with the code (I see that the were single-; before, but if we're fixing the indent, should do this as well)
src/braid/core/server/api/github.clj
Outdated
| [braid.core.server.util :refer [map->query-str ->transit transit->form]]) | ||
| (:import | ||
| (org.apache.commons.codec.binary Base64))) | ||
| (ns braid.core.server.api.github) |
There was a problem hiding this comment.
Presumably this file should just be deleted?
src/braid/core/server/api/oauth.clj
Outdated
| (org.apache.commons.codec.binary Base64))) | ||
|
|
||
| (defn- config-oauth-get [key provider] | ||
| (let [oauth-paramater-list (-> config :oauth-provider-list edn/read-string)] |
There was a problem hiding this comment.
should be parameter list, not paramater list?
src/braid/core/server/api/oauth.clj
Outdated
| [code state provider] | ||
| (let [info (transit->form (Base64/decodeBase64 state))] | ||
| (when (and (map? info) | ||
| ; TODO: use spec to validate state when we can use 1.9 |
There was a problem hiding this comment.
change comment to ";;" & fix indent
src/braid/core/server/api/oauth.clj
Outdated
| :data (->> [::nonce ::sent-at ::register? ::group-id] | ||
| (map info) | ||
| string/join)}) | ||
| ; Was the request from the last 30 minutes? |
There was a problem hiding this comment.
change comment to ";;" & fix indent
src/braid/core/server/api/oauth.clj
Outdated
| [code state provider] | ||
| (let [info (transit->form (Base64/decodeBase64 state))] | ||
| (when (and (map? info) | ||
| ; TODO: use spec to validate state when we can use 1.9 |
There was a problem hiding this comment.
change comment to ";;" & fix indent
| [braid.core.server.routes.helpers :refer [current-user error-response edn-response]] | ||
| [braid.core.server.s3 :as s3] | ||
| [braid.core.server.sync :as sync])) | ||
| (:require [braid.core.common.util :refer [valid-email? valid-nickname?]] |
There was a problem hiding this comment.
We're trying to incrementally change the ns form to be like this; could you change this to a newline after the :require?
| @@ -1,6 +1,7 @@ | |||
| (ns braid.core.server.routes.client | |||
| (:require | |||
| [braid.core.server.api.github :as github] | |||
There was a problem hiding this comment.
Can this require be removed now (does the github ns contain anything anymore)?
| ;; for link info extraction | ||
| :embedly-key "embedly api key" | ||
| ;; for oauth | ||
| {:oauth-provider-list {:github {:auth-uri "https://github.com/login/oauth/authorize?" |
There was a problem hiding this comment.
This should be unwrapped (:oauth-provider-list ..., not {:oauth-provider-list ...)
|
Something we'll have to figure out for this...this puts a nested map in the env for Simple solution: Something we've done for other things with the same issue is pass the map in as a string and have the place where the value is used call More complicated but probably ultimately better solution: Switch to using config instead of environ for config things (we've used it for other projects & I generally like it). |
| (if-let [{:keys [access_token]} (oauth/exchange-token code state provider)] | ||
| (let [email (oauth/email-address access_token provider) | ||
| user (user/user-with-email email)] | ||
| (def access_token access_token) |
There was a problem hiding this comment.
This line should probably be deleted?
|
This could also use a bit of documentation as to what exactly one has to do in the Google developer console -- I assume one needs the "People" API enabled to get the email address? |
|
This isn't working for me; when I try to register with the Google OAuth, things fail in the handler because the email is null -- presumably there's some specific API I need to enable on the Google Dev console to make this work? |
|
Environ already reads the map from profiles as a string so there's edn/read-string in the parsing logic already. The bigger pain is having to enter that map as a string on the console, so maybe a file name with that map being expected is a better solution. What do you think @jamesnvc? And yes, People API needs to be enabled for the project. |
|
I wonder if it might make more sense to just have env keys for, e.g. |
|
Ah, and trying to get this working, the error message from Google API call seems to indicate that the Google+ API needs to be enabled for the key. This should probably be documented somewhere...maybe in the module docstring? EDIT: or maybe there's something else I'm missing? I added the Google+ API to a test app, but when I try to use the Google button to register on Braid, it fails & I can see the response from google is: Not sure why this is happening...@eipplusone what did you have to do to get it working for you? |
|
Let me write/test it with config changes. I don't think the request makes it to the right api endpoint. It's just a guess though, I haven't seen this error. |
Routes are now less provider dependent.
github.clj deprecated in favor provider-agnostic oauth.clj.
Indentation changes according to https://github.com/bbatsov/clojure-style-guide.
In order to test the changes on would need to register on https://console.developers.google.com/apis/credentials.