| Index: appengine/config_service/ui/common/third-party/google-signin-aware.html
|
| diff --git a/appengine/config_service/ui/common/third-party/google-signin-aware.html b/appengine/config_service/ui/common/third-party/google-signin-aware.html
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..e6e731bfad1a7417e19f977e4944c011a4a2f6bd
|
| --- /dev/null
|
| +++ b/appengine/config_service/ui/common/third-party/google-signin-aware.html
|
| @@ -0,0 +1,824 @@
|
| +<!--
|
| +Copyright 2014 Google Inc
|
| +
|
| +Licensed under the Apache License, Version 2.0 (the "License");
|
| +you may not use this file except in compliance with the License.
|
| +You may obtain a copy of the License at
|
| +
|
| + https://www.apache.org/licenses/LICENSE-2.0
|
| +
|
| +Unless required by applicable law or agreed to in writing, software
|
| +distributed under the License is distributed on an "AS IS" BASIS,
|
| +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
| +See the License for the specific language governing permissions and
|
| +limitations under the License.
|
| +-->
|
| +
|
| +<link rel="import" href="../polymer/polymer.html">
|
| +<link rel="import" href="../google-apis/google-js-api.html">
|
| +
|
| +<script>
|
| + (function() {
|
| +
|
| + /**
|
| + * Enum of attributes to be passed through to the login API call.
|
| + * @readonly
|
| + * @enum {string}
|
| + */
|
| + var ProxyLoginAttributes = {
|
| + 'appPackageName': 'apppackagename',
|
| + 'clientId': 'clientid',
|
| + 'cookiePolicy': 'cookiepolicy',
|
| + 'hostedDomain': 'hostedDomain',
|
| + 'openidPrompt': 'prompt',
|
| + 'requestVisibleActions': 'requestvisibleactions'
|
| + };
|
| +
|
| + /**
|
| + * AuthEngine does all interactions with gapi.auth2
|
| + *
|
| + * It is tightly coupled with <google-signin-aware> element
|
| + * The elements configure AuthEngine.
|
| + * AuthEngine propagates all authentication events to all google-signin-aware elements
|
| + *
|
| + * API used: https://developers.google.com/identity/sign-in/web/reference
|
| + *
|
| + */
|
| + var AuthEngine = {
|
| +
|
| + /**
|
| + * oauth2 argument, set by google-signin-aware
|
| + */
|
| + _clientId: null,
|
| +
|
| + get clientId() {
|
| + return this._clientId;
|
| + },
|
| +
|
| + set clientId(val) {
|
| + if (this._clientId && val && val != this._clientId) {
|
| + throw new Error('clientId cannot change. Values do not match. New: ' + val + ' Old:' + this._clientId);
|
| + }
|
| + if (val && val != this._clientId) {
|
| + this._clientId = val;
|
| + this.initAuth2();
|
| + }
|
| + },
|
| +
|
| + /**
|
| + * oauth2 argument, set by google-signin-aware
|
| + */
|
| + _cookiePolicy: 'single_host_origin',
|
| +
|
| + get cookiePolicy() {
|
| + return this._cookiePolicy;
|
| + },
|
| +
|
| + set cookiePolicy(val) {
|
| + if (val) {
|
| + this._cookiePolicy = val;
|
| + }
|
| + },
|
| +
|
| + /**
|
| + * oauth2 argument, set by google-signin-aware
|
| + */
|
| + _appPackageName: '',
|
| +
|
| + get appPackageName() {
|
| + return this._appPackageName;
|
| + },
|
| +
|
| + set appPackageName(val) {
|
| + if (this._appPackageName && val && val != this._appPackageName) {
|
| + throw new Error('appPackageName cannot change. Values do not match. New: ' + val + ' Old: ' + this._appPackageName);
|
| + }
|
| + if (val) {
|
| + this._appPackageName = val;
|
| + }
|
| + },
|
| +
|
| + /**
|
| + * oauth2 argument, set by google-signin-aware
|
| + */
|
| + _requestVisibleActions: '',
|
| +
|
| + get requestVisibleactions() {
|
| + return this._requestVisibleActions;
|
| + },
|
| +
|
| + set requestVisibleactions(val) {
|
| + if (this._requestVisibleActions && val && val != this._requestVisibleActions) {
|
| + throw new Error('requestVisibleactions cannot change. Values do not match. New: ' + val + ' Old: ' + this._requestVisibleActions);
|
| + }
|
| + if (val)
|
| + this._requestVisibleActions = val;
|
| + },
|
| +
|
| + /**
|
| + * oauth2 argument, set by google-signin-aware
|
| + */
|
| + _hostedDomain: '',
|
| +
|
| + get hostedDomain() {
|
| + return this._hostedDomain;
|
| + },
|
| +
|
| + set hostedDomain(val) {
|
| + if (this._hostedDomain && val && val != this._hostedDomain) {
|
| + throw new Error('hostedDomain cannot change. Values do not match. New: ' + val + ' Old: ' + this._hostedDomain);
|
| + }
|
| + if (val)
|
| + this._hostedDomain = val;
|
| + },
|
| +
|
| + /**
|
| + * oauth2 argument, set by google-signin-aware
|
| + */
|
| + _openidPrompt: '',
|
| +
|
| + get openidPrompt() {
|
| + return this._openidPrompt;
|
| + },
|
| +
|
| + set openidPrompt(val) {
|
| + if (typeof val !== 'string') {
|
| + throw new Error(
|
| + 'openidPrompt must be a string. Received ' + typeof val);
|
| + }
|
| + if (val) {
|
| + var values = val.split(' ');
|
| + values = values.map(function(v) {
|
| + return v.trim();
|
| + });
|
| + values = values.filter(function(v) {
|
| + return v;
|
| + });
|
| + var validValues = {none: 0, login: 0, consent: 0, select_account: 0};
|
| + values.forEach(function(v) {
|
| + if (v == 'none' && values.length > 1) {
|
| + throw new Error(
|
| + 'none cannot be combined with other openidPrompt values');
|
| + }
|
| + if (!(v in validValues)) {
|
| + throw new Error(
|
| + 'invalid openidPrompt value ' + v +
|
| + '. Valid values: ' + Object.keys(validValues).join(', '));
|
| + }
|
| + });
|
| + }
|
| + this._openidPrompt = val;
|
| + },
|
| +
|
| + /** Is offline access currently enabled in the google-signin-aware element? */
|
| + _offline: false,
|
| +
|
| + get offline() {
|
| + return this._offline;
|
| + },
|
| +
|
| + set offline(val) {
|
| + this._offline = val;
|
| + this.updateAdditionalAuth();
|
| + },
|
| +
|
| + /** Should we force a re-prompt for offline access? */
|
| + _offlineAlwaysPrompt: false,
|
| +
|
| + get offlineAlwaysPrompt() {
|
| + return this._offlineAlwaysPrompt;
|
| + },
|
| +
|
| + set offlineAlwaysPrompt(val) {
|
| + this._offlineAlwaysPrompt = val;
|
| + this.updateAdditionalAuth();
|
| + },
|
| +
|
| + /** Have we already gotten offline access from Google during this session? */
|
| + offlineGranted: false,
|
| +
|
| + /** <google-js-api> */
|
| + _apiLoader: null,
|
| +
|
| + /** an array of wanted scopes. oauth2 argument */
|
| + _requestedScopeArray: [],
|
| +
|
| + /** _requestedScopeArray as string */
|
| + get requestedScopes() {
|
| + return this._requestedScopeArray.join(' ');
|
| + },
|
| +
|
| + /** Is auth library initalized? */
|
| + _initialized: false,
|
| +
|
| + /** Is user signed in? */
|
| + _signedIn: false,
|
| +
|
| + /** Currently granted scopes */
|
| + _grantedScopeArray: [],
|
| +
|
| + /** True if additional authorization is required */
|
| + _needAdditionalAuth: true,
|
| +
|
| + /** True if have google+ scopes */
|
| + _hasPlusScopes: false,
|
| +
|
| + /**
|
| + * array of <google-signin-aware>
|
| + * state changes are broadcast to them
|
| + */
|
| + signinAwares: [],
|
| +
|
| + init: function() {
|
| + this._apiLoader = document.createElement('google-js-api');
|
| + this._apiLoader.addEventListener('js-api-load', this.loadAuth2.bind(this));
|
| + if (Polymer.Element) {
|
| + document.body.appendChild(this._apiLoader);
|
| + }
|
| + },
|
| +
|
| + loadAuth2: function() {
|
| + gapi.load('auth2', this.initAuth2.bind(this));
|
| + },
|
| +
|
| + initAuth2: function() {
|
| + if (!('gapi' in window) || !('auth2' in window.gapi) || !this.clientId) {
|
| + return;
|
| + }
|
| + var auth = gapi.auth2.init({
|
| + 'client_id': this.clientId,
|
| + 'cookie_policy': this.cookiePolicy,
|
| + 'scope': this.requestedScopes,
|
| + 'hosted_domain': this.hostedDomain
|
| + });
|
| +
|
| + auth['currentUser'].listen(this.handleUserUpdate.bind(this));
|
| +
|
| + auth.then(
|
| + function onFulfilled() {
|
| + // Let the current user listener trigger the changes.
|
| + },
|
| + function onRejected(error) {
|
| + console.error(error);
|
| + }
|
| + );
|
| + },
|
| +
|
| + handleUserUpdate: function(newPrimaryUser) {
|
| + // update and broadcast currentUser
|
| + var isSignedIn = newPrimaryUser.isSignedIn();
|
| + if (isSignedIn != this._signedIn) {
|
| + this._signedIn = isSignedIn;
|
| + for (var i=0; i<this.signinAwares.length; i++) {
|
| + this.signinAwares[i]._setSignedIn(isSignedIn);
|
| + }
|
| + }
|
| + // update and broadcast initialized property the first time the isSignedIn property is set.
|
| + if(!this._initialized) {
|
| + for (var i=0; i<this.signinAwares.length; i++) {
|
| + this.signinAwares[i]._setInitialized(true);
|
| + }
|
| + this._initialized = true;
|
| + }
|
| +
|
| +
|
| + // update granted scopes
|
| + this._grantedScopeArray = this.strToScopeArray(
|
| + newPrimaryUser.getGrantedScopes());
|
| + // console.log(this._grantedScopeArray);
|
| + this.updateAdditionalAuth();
|
| +
|
| + var response = newPrimaryUser.getAuthResponse();
|
| + for (var i=0; i<this.signinAwares.length; i++) {
|
| + this.signinAwares[i]._updateScopeStatus(response);
|
| + }
|
| + },
|
| +
|
| + setOfflineCode: function(code) {
|
| + for (var i=0; i<this.signinAwares.length; i++) {
|
| + this.signinAwares[i]._updateOfflineCode(code);
|
| + }
|
| + },
|
| +
|
| + /** convert scope string to scope array */
|
| + strToScopeArray: function(str) {
|
| + if (!str) {
|
| + return [];
|
| + }
|
| + // remove extra spaces, then split
|
| + var scopes = str.replace(/\ +/g, ' ').trim().split(' ');
|
| + for (var i=0; i<scopes.length; i++) {
|
| + scopes[i] = scopes[i].toLowerCase();
|
| + // Handle scopes that will be deprecated but are still returned with their old value
|
| + if (scopes[i] === 'https://www.googleapis.com/auth/userinfo.profile') {
|
| + scopes[i] = 'profile';
|
| + }
|
| + if (scopes[i] === 'https://www.googleapis.com/auth/userinfo.email') {
|
| + scopes[i] = 'email';
|
| + }
|
| + }
|
| + // return with duplicates filtered out
|
| + return scopes.filter( function(value, index, self) {
|
| + return self.indexOf(value) === index;
|
| + });
|
| + },
|
| +
|
| + /** true if scopes have google+ scopes */
|
| + isPlusScope: function(scope) {
|
| + return (scope.indexOf('/auth/games') > -1)
|
| + || (scope.indexOf('auth/plus.') > -1 && scope.indexOf('auth/plus.me') < 0);
|
| + },
|
| +
|
| + /** true if scopes have been granted */
|
| + hasGrantedScopes: function(scopeStr) {
|
| + var scopes = this.strToScopeArray(scopeStr);
|
| + for (var i=0; i< scopes.length; i++) {
|
| + if (this._grantedScopeArray.indexOf(scopes[i]) === -1)
|
| + return false;
|
| + }
|
| + return true;
|
| + },
|
| +
|
| + /** request additional scopes */
|
| + requestScopes: function(newScopeStr) {
|
| + var newScopes = this.strToScopeArray(newScopeStr);
|
| + var scopesUpdated = false;
|
| + for (var i=0; i<newScopes.length; i++) {
|
| + if (this._requestedScopeArray.indexOf(newScopes[i]) === -1) {
|
| + this._requestedScopeArray.push(newScopes[i]);
|
| + scopesUpdated = true;
|
| + }
|
| + }
|
| + if (scopesUpdated) {
|
| + this.updateAdditionalAuth();
|
| + this.updatePlusScopes();
|
| + }
|
| + },
|
| +
|
| + /** update status of _needAdditionalAuth */
|
| + updateAdditionalAuth: function() {
|
| + var needMoreAuth = false;
|
| + if ((this.offlineAlwaysPrompt || this.offline ) && !this.offlineGranted) {
|
| + needMoreAuth = true;
|
| + } else {
|
| + for (var i=0; i<this._requestedScopeArray.length; i++) {
|
| + if (this._grantedScopeArray.indexOf(this._requestedScopeArray[i]) === -1) {
|
| + needMoreAuth = true;
|
| + break;
|
| + }
|
| + }
|
| + }
|
| + if (this._needAdditionalAuth != needMoreAuth) {
|
| + this._needAdditionalAuth = needMoreAuth;
|
| + // broadcast new value
|
| + for (var i=0; i<this.signinAwares.length; i++) {
|
| + this.signinAwares[i]._setNeedAdditionalAuth(needMoreAuth);
|
| + }
|
| + }
|
| + },
|
| +
|
| + updatePlusScopes: function() {
|
| + var hasPlusScopes = false;
|
| + for (var i = 0; i < this._requestedScopeArray.length; i++) {
|
| + if (this.isPlusScope(this._requestedScopeArray[i])) {
|
| + hasPlusScopes = true;
|
| + break;
|
| + }
|
| + }
|
| + if (this._hasPlusScopes != hasPlusScopes) {
|
| + this._hasPlusScopes = hasPlusScopes;
|
| + for (var i=0; i<this.signinAwares.length; i++) {
|
| + this.signinAwares[i]._setHasPlusScopes(hasPlusScopes);
|
| + }
|
| + }
|
| + },
|
| + /**
|
| + * attached <google-signin-aware>
|
| + * @param {!GoogleSigninAwareElement} aware element to add
|
| + */
|
| + attachSigninAware: function(aware) {
|
| + if (this.signinAwares.indexOf(aware) == -1) {
|
| + this.signinAwares.push(aware);
|
| + // Initialize aware properties
|
| + aware._setNeedAdditionalAuth(this._needAdditionalAuth);
|
| + aware._setInitialized(this._initialized);
|
| + aware._setSignedIn(this._signedIn);
|
| + aware._setHasPlusScopes(this._hasPlusScopes);
|
| + } else {
|
| + console.warn('signinAware attached more than once', aware);
|
| + }
|
| + },
|
| +
|
| + detachSigninAware: function(aware) {
|
| + var index = this.signinAwares.indexOf(aware);
|
| + if (index != -1) {
|
| + this.signinAwares.splice(index, 1);
|
| + } else {
|
| + console.warn('Trying to detach unattached signin-aware');
|
| + }
|
| + },
|
| +
|
| + /** returns scopes not granted */
|
| + getMissingScopes: function() {
|
| + return this._requestedScopeArray.filter( function(scope) {
|
| + return this._grantedScopeArray.indexOf(scope) === -1;
|
| + }.bind(this)).join(' ');
|
| + },
|
| +
|
| + assertAuthInitialized: function() {
|
| + if (!this.clientId) {
|
| + throw new Error("AuthEngine not initialized. clientId has not been configured.");
|
| + }
|
| + if (!('gapi' in window)) {
|
| + throw new Error("AuthEngine not initialized. gapi has not loaded.");
|
| + }
|
| + if (!('auth2' in window.gapi)) {
|
| + throw new Error("AuthEngine not initialized. auth2 not loaded.");
|
| + }
|
| + },
|
| +
|
| + /** pops up sign-in dialog */
|
| + signIn: function() {
|
| + this.assertAuthInitialized();
|
| + var params = {
|
| + 'scope': this.getMissingScopes()
|
| + };
|
| +
|
| + // Proxy specific attributes through to the signIn options.
|
| + Object.keys(ProxyLoginAttributes).forEach(function(key) {
|
| + if (this[key] && this[key] !== '') {
|
| + params[ProxyLoginAttributes[key]] = this[key];
|
| + }
|
| + }, this);
|
| +
|
| + var promise;
|
| + var user = gapi.auth2.getAuthInstance()['currentUser'].get();
|
| + if (!(this.offline || this.offlineAlwaysPrompt)) {
|
| + if (user.getGrantedScopes()) {
|
| + // additional auth, skip multiple account dialog
|
| + promise = user.grant(params);
|
| + } else {
|
| + // initial signin
|
| + promise = gapi.auth2.getAuthInstance().signIn(params);
|
| + }
|
| + } else {
|
| + params.redirect_uri = 'postmessage';
|
| + if (this.offlineAlwaysPrompt) {
|
| + params.approval_prompt = 'force';
|
| + }
|
| +
|
| + // Despite being documented at https://goo.gl/tiO0Bk
|
| + // It doesn't seem like user.grantOfflineAccess() actually exists in
|
| + // the current version of the Google Sign-In JS client we're using
|
| + // through GoogleWebComponents. So in the offline case, we will not
|
| + // distinguish between a first auth and an additional one.
|
| + promise = gapi.auth2.getAuthInstance().grantOfflineAccess(params);
|
| + }
|
| + promise.then(
|
| + function onFulfilled(response) {
|
| + // If login was offline, response contains one string "code"
|
| + // Otherwise it contains the user object already
|
| + var newUser;
|
| + if (response.code) {
|
| + AuthEngine.offlineGranted = true;
|
| + newUser = gapi.auth2.getAuthInstance()['currentUser'].get();
|
| + AuthEngine.setOfflineCode(response.code);
|
| + } else {
|
| + newUser = response;
|
| + }
|
| +
|
| + var authResponse = newUser.getAuthResponse();
|
| + // Let the current user listener trigger the changes.
|
| + },
|
| + function onRejected(error) {
|
| + // Access denied is not an error, user hit cancel
|
| + if ("Access denied." !== error.reason) {
|
| + this.signinAwares.forEach(function(awareInstance) {
|
| + awareInstance.errorNotify(error);
|
| + });
|
| + }
|
| + }.bind(this)
|
| + );
|
| + },
|
| +
|
| + /** signs user out */
|
| + signOut: function() {
|
| + this.assertAuthInitialized();
|
| + gapi.auth2.getAuthInstance().signOut().then(
|
| + function onFulfilled() {
|
| + // Let the current user listener trigger the changes.
|
| + },
|
| + function onRejected(error) {
|
| + console.error(error);
|
| + }
|
| + );
|
| + }
|
| + };
|
| +
|
| + AuthEngine.init();
|
| +
|
| +/**
|
| +`google-signin-aware` is used to enable authentication in custom elements by
|
| +interacting with a google-signin element that needs to be present somewhere
|
| +on the page.
|
| +
|
| +The `scopes` attribute allows you to specify which scope permissions are required
|
| +(e.g do you want to allow interaction with the Google Drive API).
|
| +
|
| +The `google-signin-aware-success` event is triggered when a user successfully
|
| +authenticates. If either `offline` or `offlineAlwaysPrompt` is set to true, successful
|
| +authentication will also trigger the `google-signin-offline-success`event.
|
| +The `google-signin-aware-signed-out` event is triggered when a user explicitly
|
| +signs out via the google-signin element.
|
| +
|
| +You can bind to `isAuthorized` property to monitor authorization state.
|
| +##### Example
|
| +
|
| + <google-signin-aware scopes="https://www.googleapis.com/auth/drive"></google-signin-aware>
|
| +
|
| +
|
| +##### Example with offline
|
| + <template id="awareness" is="dom-bind">
|
| + <google-signin-aware
|
| + scopes="https://www.googleapis.com/auth/drive"
|
| + offline
|
| + on-google-signin-aware-success="handleSignin"
|
| + on-google-signin-offline-success="handleOffline"></google-signin-aware>
|
| + <\/template>
|
| + <script>
|
| + var aware = document.querySelector('#awareness');
|
| + aware.handleSignin = function(response) {
|
| + var user = gapi.auth2.getAuthInstance()['currentUser'].get();
|
| + console.log('User name: ' + user.getBasicProfile().getName());
|
| + };
|
| + aware.handleOffline = function(response) {
|
| + console.log('Offline code received: ' + response.detail.code);
|
| + // Here you would POST response.detail.code to your webserver, which can
|
| + // exchange the authorization code for an access token. More info at:
|
| + // https://developers.google.com/identity/protocols/OAuth2WebServer
|
| + };
|
| + <\/script>
|
| +*/
|
| + Polymer({
|
| +
|
| + is: 'google-signin-aware',
|
| +
|
| + /**
|
| + * Fired when this scope has been authorized
|
| + * @param {Object} result Authorization result.
|
| + * @event google-signin-aware-success
|
| + */
|
| +
|
| + /**
|
| + * Fired when an offline authorization is successful.
|
| + * @param {{code: string}} detail -
|
| + * code: The one-time authorization code from Google.
|
| + * Your application can exchange this for an `access_token` and `refresh_token`
|
| + * @event google-signin-offline-success
|
| + */
|
| +
|
| + /**
|
| + * Fired when this scope is not authorized
|
| + * @event google-signin-aware-signed-out
|
| + */
|
| +
|
| + /**
|
| + * Fired when there is an error during the signin flow.
|
| + * @param {Object} detail The error object returned from the OAuth 2 flow.
|
| + * @event google-signin-aware-error
|
| + */
|
| +
|
| + /**
|
| + * This block is needed so the previous @param is not assigned to the next property.
|
| + */
|
| +
|
| + properties: {
|
| + /**
|
| + * App package name for android over-the-air installs.
|
| + * See the relevant [docs](https://developers.google.com/+/web/signin/android-app-installs)
|
| + */
|
| + appPackageName: {
|
| + type: String,
|
| + observer: '_appPackageNameChanged'
|
| + },
|
| +
|
| + /**
|
| + * a Google Developers clientId reference
|
| + */
|
| + clientId: {
|
| + type: String,
|
| + observer: '_clientIdChanged'
|
| + },
|
| +
|
| + /**
|
| + * The cookie policy defines what URIs have access to the session cookie
|
| + * remembering the user's sign-in state.
|
| + * See the relevant [docs](https://developers.google.com/+/web/signin/reference#determining_a_value_for_cookie_policy) for more information.
|
| + * @default 'single_host_origin'
|
| + */
|
| + cookiePolicy: {
|
| + type: String,
|
| + observer: '_cookiePolicyChanged'
|
| + },
|
| +
|
| + /**
|
| + * The app activity types you want to write on behalf of the user
|
| + * (e.g http://schemas.google.com/AddActivity)
|
| + *
|
| + */
|
| + requestVisibleActions: {
|
| + type: String,
|
| + observer: '_requestVisibleActionsChanged'
|
| + },
|
| +
|
| + /**
|
| + * The Google Apps domain to which users must belong to sign in.
|
| + * See the relevant [docs](https://developers.google.com/identity/sign-in/web/reference) for more information.
|
| + */
|
| + hostedDomain: {
|
| + type: String,
|
| + observer: '_hostedDomainChanged'
|
| + },
|
| +
|
| + /**
|
| + * Allows for offline `access_token` retrieval during the signin process.
|
| + * See also `offlineAlwaysPrompt`. You only need to set one of the two; if both
|
| + * are set, the behavior of `offlineAlwaysPrompt` will override `offline`.
|
| + */
|
| + offline: {
|
| + type: Boolean,
|
| + value: false,
|
| + observer: '_offlineChanged'
|
| + },
|
| +
|
| + /**
|
| + * Works the same as `offline` with the addition that it will always
|
| + * force a re-prompt to the user, guaranteeing that you will get a
|
| + * refresh_token even if the user has already granted offline access to
|
| + * this application. You only need to set one of `offline` or
|
| + * `offlineAlwaysPrompt`, not both.
|
| + */
|
| + offlineAlwaysPrompt: {
|
| + type: Boolean,
|
| + value: false,
|
| + observer: '_offlineAlwaysPromptChanged'
|
| + },
|
| +
|
| + /**
|
| + * The scopes to provide access to (e.g https://www.googleapis.com/auth/drive)
|
| + * and should be space-delimited.
|
| + */
|
| + scopes: {
|
| + type: String,
|
| + value: 'profile',
|
| + observer: '_scopesChanged'
|
| + },
|
| +
|
| + /**
|
| + * Space-delimited, case-sensitive list of strings that
|
| + * specifies whether the the user is prompted for reauthentication
|
| + * and/or consent. The defined values are:
|
| + * none: do not display authentication or consent pages.
|
| + * This value is mutually exclusive with the rest.
|
| + * login: always prompt the user for reauthentication.
|
| + * consent: always show consent screen.
|
| + * select_account: always show account selection page.
|
| + * This enables a user who has multiple accounts to select amongst
|
| + * the multiple accounts that they might have current sessions for.
|
| + * For more information, see "prompt" parameter description in
|
| + * https://openid.net/specs/openid-connect-basic-1_0.html#RequestParameters
|
| + */
|
| + openidPrompt: {
|
| + type: String,
|
| + value: '',
|
| + observer: '_openidPromptChanged'
|
| + },
|
| +
|
| + /**
|
| + * True when the auth library has been initialized, and signedIn property value is set from the first api response.
|
| + */
|
| + initialized: {
|
| + type: Boolean,
|
| + notify: true,
|
| + readOnly: true
|
| + },
|
| +
|
| + /**
|
| + * True if user is signed in
|
| + */
|
| + signedIn: {
|
| + type: Boolean,
|
| + notify: true,
|
| + readOnly: true
|
| + },
|
| +
|
| + /**
|
| + * True if authorizations for *this* element have been granted
|
| + */
|
| + isAuthorized: {
|
| + type: Boolean,
|
| + notify: true,
|
| + readOnly: true,
|
| + value: false
|
| + },
|
| +
|
| + /**
|
| + * True if additional authorizations for *any* element are required
|
| + */
|
| + needAdditionalAuth: {
|
| + type: Boolean,
|
| + notify: true,
|
| + readOnly: true
|
| + },
|
| +
|
| + /**
|
| + * True if *any* element has google+ scopes
|
| + */
|
| + hasPlusScopes: {
|
| + type: Boolean,
|
| + value: false,
|
| + notify: true,
|
| + readOnly: true
|
| + }
|
| + },
|
| +
|
| + attached: function() {
|
| + AuthEngine.attachSigninAware(this);
|
| + },
|
| +
|
| + detached: function() {
|
| + AuthEngine.detachSigninAware(this);
|
| + },
|
| +
|
| + /** pops up the authorization dialog */
|
| + signIn: function() {
|
| + AuthEngine.signIn();
|
| + },
|
| +
|
| + /** signs user out */
|
| + signOut: function() {
|
| + AuthEngine.signOut();
|
| + },
|
| +
|
| + errorNotify: function(error) {
|
| + this.fire('google-signin-aware-error', error);
|
| + },
|
| +
|
| + _appPackageNameChanged: function(newName, oldName) {
|
| + AuthEngine.appPackageName = newName;
|
| + },
|
| +
|
| + _clientIdChanged: function(newId, oldId) {
|
| + AuthEngine.clientId = newId;
|
| + },
|
| +
|
| + _cookiePolicyChanged: function(newPolicy, oldPolicy) {
|
| + AuthEngine.cookiePolicy = newPolicy;
|
| + },
|
| +
|
| + _requestVisibleActionsChanged: function(newVal, oldVal) {
|
| + AuthEngine.requestVisibleActions = newVal;
|
| + },
|
| +
|
| + _hostedDomainChanged: function(newVal, oldVal) {
|
| + AuthEngine.hostedDomain = newVal;
|
| + },
|
| +
|
| + _offlineChanged: function(newVal, oldVal) {
|
| + AuthEngine.offline = newVal;
|
| + },
|
| +
|
| + _offlineAlwaysPromptChanged: function(newVal, oldVal) {
|
| + AuthEngine.offlineAlwaysPrompt = newVal;
|
| + },
|
| +
|
| + _scopesChanged: function(newVal, oldVal) {
|
| + AuthEngine.requestScopes(newVal);
|
| + this._updateScopeStatus(undefined);
|
| + },
|
| +
|
| + _openidPromptChanged: function(newVal, oldVal) {
|
| + AuthEngine.openidPrompt = newVal;
|
| + },
|
| +
|
| + _updateScopeStatus: function(user) {
|
| + var newAuthorized = this.signedIn && AuthEngine.hasGrantedScopes(this.scopes);
|
| + if (newAuthorized !== this.isAuthorized) {
|
| + this._setIsAuthorized(newAuthorized);
|
| + if (newAuthorized) {
|
| + this.fire('google-signin-aware-success', user);
|
| + }
|
| + else {
|
| + this.fire('google-signin-aware-signed-out', user);
|
| + }
|
| + }
|
| + },
|
| +
|
| + _updateOfflineCode: function(code) {
|
| + if (code) {
|
| + this.fire('google-signin-offline-success', {code: code});
|
| + }
|
| + }
|
| + });
|
| + })();
|
| +</script>
|
|
|
Chromium Code Reviews
Issue 2963963003:
config_service: Added google-signin-aware.html for Polymer 2.0. (Closed)
