0

我已将django social auth配置为仅从谷歌电子邮件中获取,但谷歌显示此屏幕提醒应用程序用户性别、出生日期、图片、语言将被收集:

在此处输入图像描述

我的 django-social-auth 配置如下:

WHITE_LISTED_DOMAINS = [ 'some_domain', ]
GOOGLE_WHITE_LISTED_DOMAINS = WHITE_LISTED_DOMAINS
SOCIAL_AUTH_EXTRA_DATA = False    
#LOGIN_ERROR_URL    = '/login-error/' Not set
#SOCIAL_AUTH_DEFAULT_USERNAME = 'new_social_auth_user' Not set
#GOOGLE_CONSUMER_KEY          = '' Not set
#GOOGLE_CONSUMER_SECRET       = '' Not set
#GOOGLE_OAUTH2_CLIENT_ID      = '' Not set
#GOOGLE_OAUTH2_CLIENT_SECRET  = '' Not set
SOCIAL_AUTH_USERNAME_IS_FULL_EMAIL = False
SOCIAL_AUTH_PROTECTED_USER_FIELDS = ['email',]

INSTALLED_APPS = (
    'django.contrib.auth',
     ...
    'social_auth',
)

我该怎么做才能避免这个谷歌消息?

已编辑

我已经转移到 GoogleOauth2 身份验证并继承和更改谷歌后端:

from social_auth.backends.google import *

GOOGLE_OAUTH2_SCOPE = ['https://www.googleapis.com/auth/userinfo.email',]

class GoogleOAuth2(BaseOAuth2):
    """Google OAuth2 support"""
    AUTH_BACKEND = GoogleOAuth2Backend
    AUTHORIZATION_URL = 'https://accounts.google.com/o/oauth2/auth'
    ACCESS_TOKEN_URL = 'https://accounts.google.com/o/oauth2/token'
    REVOKE_TOKEN_URL = 'https://accounts.google.com/o/oauth2/revoke'
    REVOKE_TOKEN_METHOD = 'GET'
    SETTINGS_SECRET_NAME = 'GOOGLE_OAUTH2_CLIENT_SECRET'
    SCOPE_VAR_NAME = 'GOOGLE_OAUTH_EXTRA_SCOPE'
    DEFAULT_SCOPE = GOOGLE_OAUTH2_SCOPE
    REDIRECT_STATE = False

    print DEFAULT_SCOPE  #<------ to be sure

    def user_data(self, access_token, *args, **kwargs):
        """Return user data from Google API"""
        return googleapis_profile(GOOGLEAPIS_PROFILE, access_token)

    @classmethod
    def revoke_token_params(cls, token, uid):
        return {'token': token}

    @classmethod
    def revoke_token_headers(cls, token, uid):
        return {'Content-type': 'application/json'}

但谷歌仍然要求提供个人资料数据,个人资料仍在范围内:

https://accounts.google.com/o/oauth2/auth?response_type=code&scope=https://www.googleapis.com/auth/userinfo.email+https://www.googleapis.com/auth/userinfo。配置文件&redirect_uri= ...

如果我手动修改社交身份验证代码而不是继承,则运行良好:

def get_scope(self):
    return ['https://www.googleapis.com/auth/userinfo.email',]

我的代码有什么问题?

4

2 回答 2

1

这是因为 google 后端使用的默认范围设置为(电子邮件和个人资料信息),它在此处定义。为了避免这种情况,您可以创建自己的 google 后端来设置所需的范围,然后使用该后端而不是内置的后端。例子:

from social_auth.backends.google import GoogleOAuth2

class SimplerGoogleOAuth2(GoogleOAuth2):
    DEFAULT_SCOPE = ['https://www.googleapis.com/auth/userinfo.email']
于 2013-09-07T19:34:42.607 回答
1

那些不知道如何添加 AUTHENTICATION_BACKENDS 的人,如果使用 Omab 建议的方式,您需要在 setting.py 文件中添加新定义的后端:

AUTHENTICATION_BACKENDS = (
    'app_name.file_name.class_name',  #ex: google_auth.views.SimplerGoogleOAuth2
    # 'social_core.backends.google.GoogleOAuth2', # comment this as no longer used
    'django.contrib.auth.backends.ModelBackend',
)

要了解如何创建类 SimplerGoogleOAuth2 ,请查看 Omab 的答案。

于 2020-04-08T05:50:45.093 回答