django社交身份验证限制用户数据

问题描述 投票:0回答:2

我已将django social auth's配置为仅从Google接收电子邮件,但是Google显示此屏幕,提醒应用程序用户将收集性别,出生日期,图片,语言:

<< img src =“ https://image.soinside.com/eyJ1cmwiOiAiaHR0cHM6Ly9pLnN0YWNrLmltZ3VyLmNvbS9LRUFQeS5wbmcifQ==” alt =“在此处输入图像描述”>“ >>

我的django-social-auth配置如下:

WHITE_LISTED_DOMAINS = [ 'some_domain', ]
GOOGLE_WHITE_LISTED_DOMAINS = WHITE_LISTED_DOMAINS
SOCIAL_AUTH_EXTRA_DATA = False    
#LOGIN_ERROR_URL    = '/login-error/' Not set
#SOCIAL_AUTH_DEFAULT_USERNAME = 'new_social_auth_user' Not set
#GOOGLE_CONSUMER_KEY          = '' Not set
#GOOGLE_CONSUMER_SECRET       = '' Not set
#GOOGLE_OAUTH2_CLIENT_ID      = '' Not set
#GOOGLE_OAUTH2_CLIENT_SECRET  = '' Not set
SOCIAL_AUTH_USERNAME_IS_FULL_EMAIL = False
SOCIAL_AUTH_PROTECTED_USER_FIELDS = ['email',]

INSTALLED_APPS = (
    'django.contrib.auth',
     ...
    'social_auth',
)

如何避免出现此Google邮件?

编辑

我已经转到GoogleOauth2身份验证并继承和更改了Google后端:

from social_auth.backends.google import *

GOOGLE_OAUTH2_SCOPE = ['https://www.googleapis.com/auth/userinfo.email',]

class GoogleOAuth2(BaseOAuth2):
    """Google OAuth2 support"""
    AUTH_BACKEND = GoogleOAuth2Backend
    AUTHORIZATION_URL = 'https://accounts.google.com/o/oauth2/auth'
    ACCESS_TOKEN_URL = 'https://accounts.google.com/o/oauth2/token'
    REVOKE_TOKEN_URL = 'https://accounts.google.com/o/oauth2/revoke'
    REVOKE_TOKEN_METHOD = 'GET'
    SETTINGS_SECRET_NAME = 'GOOGLE_OAUTH2_CLIENT_SECRET'
    SCOPE_VAR_NAME = 'GOOGLE_OAUTH_EXTRA_SCOPE'
    DEFAULT_SCOPE = GOOGLE_OAUTH2_SCOPE
    REDIRECT_STATE = False

    print DEFAULT_SCOPE  #<------ to be sure

    def user_data(self, access_token, *args, **kwargs):
        """Return user data from Google API"""
        return googleapis_profile(GOOGLEAPIS_PROFILE, access_token)

    @classmethod
    def revoke_token_params(cls, token, uid):
        return {'token': token}

    @classmethod
    def revoke_token_headers(cls, token, uid):
        return {'Content-type': 'application/json'}

但是Google仍然要求提供个人资料数据,个人资料仍在范围内:

https://accounts.google.com/o/oauth2/auth?response_type=code&scope=https://www.googleapis.com/auth/userinfo.email+https://www.googleapis.com/auth/userinfo.profile&redirect_uri= ...

如果我手动修改社交身份验证代码而不是继承,则运行正常:

def get_scope(self):
    return ['https://www.googleapis.com/auth/userinfo.email',]

我的代码怎么了?

我已将django社交身份验证配置为仅从Google电子邮件中获取,但google显示此屏幕,提醒应用程序用户将收集性别,出生日期,图片,语言:我的django-social -...

django django-socialauth
2个回答
1
投票

这是因为google后端上使用的默认范围设置为该范围(电子邮件和个人资料信息),因此定义为here。为了避免这种情况,您可以创建自己的Google后端,该后端仅设置所需的范围,然后使用该后端而不是内置的后端。示例:

from social_auth.backends.google import GoogleOAuth2

class SimplerGoogleOAuth2(GoogleOAuth2):
    DEFAULT_SCOPE = ['https://www.googleapis.com/auth/userinfo.email']
0
投票

那些不知道如何添加AUTHENTICATION_BACKENDS的人,如果使用Omab建议的方式,则需要在setting.py文件中添加新定义的后端:

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.