-
Notifications
You must be signed in to change notification settings - Fork 67
Home
This library implements AuthSub proxy authentication.
First, get the user to follow the following URL:
Contacts::Google.authentication_url('http://mysite.com/invite')
After he authenticates successfully, Google will redirect him back to the target URL (specified as argument above) and provide the token GET parameter. Use it to create a new instance of this class and request the contact list:
gmail = Contacts::Google.new(params[:token],'example@gmail.com')
contacts = gmail.contacts
#-> [ ['Fitzgerald', 'fubar@gmail.com', 'fubar@example.com'],
['William Paginate', 'will.paginate@gmail.com'], ...
]
Contacts::Google.authentication_url(target, options = {})
-
:scope
— the AuthSub scope in which the resulting token is valid (default:http://www.google.com/m8/feeds/
) -
:secure
— boolean indicating whether the token will be secure (default: false) -
:session
— boolean indicating if the token can be exchanged for a session token (default: false)
gmail = Contacts::Google.new(user_id, token)
User ID is the Gmail address and the token is a string provided by Google as a result of proxy authentication.
gmail.contacts(options = {})
-
:limit
— use a large number to fetch a bigger contact list (default: 200) -
:offset
— 0-based value, can be used for pagination -
:order
— currently the only value support by Google is"lastmodified"
-
:descending
— boolean -
:updated_after
— string or time-like object, use to only fetch contacts that were updated after this date
The basic token that you will get after the user has authenticated on Google is valid for only one request. However, you can specify that you want a session token which doesn’t expire:
Contacts::Google.authentication_url('http://mysite.com/invite', :session => true)
When the user authenticates, he will be redirected back with a token which still isn’t a session token, but can be exchanged for one!
token = Contacts::Google.sesion_token(params[:token])
Now you have a permanent token. Store it with other user data so you can query the API on his behalf without him having to authenticate on Google every time.