Skip to content

Instantly share code, notes, and snippets.

@mangege
Last active June 2, 2016 08:41
Show Gist options
  • Save mangege/ff9a41ff2898cf19f88070e2945519c7 to your computer and use it in GitHub Desktop.
Save mangege/ff9a41ff2898cf19f88070e2945519c7 to your computer and use it in GitHub Desktop.
require 'net/http'
require 'json'
# 此类只是检测 token 是否有效
# 如果前端有传 user_id 和 email 过来,其值还需与接口返回的值对比
class AuthTokenUtil
class << self
=begin
失败返回 nil
成功返回接口的Hash类型的结果
{
"iss": "accounts.google.com",
"at_hash": "0kr8WiGO6gHjNr8KK3Ytzw",
"aud": "23877399802-ipuambh5ipvmvdrfn2mejda1sqj04ugj.apps.googleusercontent.com",
"sub": "117295336048775744994",
"email_verified": "true",
"azp": "23877399802-ipuambh5ipvmvdrfn2mejda1sqj04ugj.apps.googleusercontent.com",
"hd": "test.com",
"email": "test@test.com",
"iat": "1460704932",
"exp": "1460708532",
"name": "Jesse Cao",
"given_name": "test",
"family_name": "test",
"locale": "en",
"alg": "RS256",
"kid": "389bfb4a5514d745da6b7fa8bd916a6e9394242d"
}
https://developers.google.com/identity/sign-in/web/backend-auth#calling-the-tokeninfo-endpoint
sub 为 google user id
aud 为 web_client_id
email 为 email
=end
def check_google_token(id_token, web_client_id)
uri = URI('https://www.googleapis.com/oauth2/v3/tokeninfo')
params = {id_token: id_token}
uri.query = URI.encode_www_form(params)
resp = Net::HTTP.get(uri)
data = JSON.parse(resp)
if !data.has_key?('sub') || data['aud'] != web_client_id
return nil
end
data
end
=begin
失败返回 nil
成功返回接口的Hash类型的结果
{
"data": {
"app_id": "1500260676963708",
"application": "mangege",
"expires_at": 1460710800,
"is_valid": true,
"scopes": [
"email",
"public_profile"
],
"user_id": "222720944757684"
}
}
=end
def check_facebook_token(access_token, app_id, app_secret)
uri = URI('https://graph.facebook.com/v2.6/debug_token')
params = {input_token: access_token, access_token: "#{app_id}|#{app_secret}"}
uri.query = URI.encode_www_form(params)
resp = Net::HTTP.get(uri)
data = JSON.parse(resp)
if !data.has_key?('data') || !data['data'].has_key?('app_id') || data['data']['app_id'].to_s != app_id.to_s
return nil
end
data
end
def run_test
id_token = 'eyJhbGciOiJSUzI1NiIsImtpZCI6IjM4OWJmYjRhNTUxNGQ3NDVkYTZiN2ZhOGJkOTE2YTZlOTM5NDI0MmQifQ.eyJpc3MiOiJhY2NvdW50cy5nb29nbGUuY29tIiwiYXRfaGFzaCI6IjBrcjhXaUdPNmdIak5yOEtLM1l0enciLCJhdWQiOiIyMzg3NzM5OTgwMi1pcHVhbWJoNWlwdm12ZHJmbjJtZWpkYTFzcWowNHVnai5hcHBzLmdvb2dsZXVzZXJjb250ZW50LmNvbSIsInN1YiI6IjExNzI5NTMzNjA0ODc3NTc0NDk5NCIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJhenAiOiIyMzg3NzM5OTgwMi1pcHVhbWJoNWlwdm12ZHJmbjJtZWpkYTFzcWowNHVnai5hcHBzLmdvb2dsZXVzZXJjb250ZW50LmNvbSIsImhkIjoib2NlYW53aW5nLmNvbSIsImVtYWlsIjoiamVzc2UuY2FvQG9jZWFud2luZy5jb20iLCJpYXQiOjE0NjA3MDQ5MzIsImV4cCI6MTQ2MDcwODUzMiwibmFtZSI6Ikplc3NlIENhbyIsImdpdmVuX25hbWUiOiJKZXNzZSIsImZhbWlseV9uYW1lIjoiQ2FvIiwibG9jYWxlIjoiZW4ifQ.H3OGXsLXmT4QyJNhl2POdJYu5lcMjTlLDWFXZG0IsmySO-_2BkLVpJbJkCKMXmPQg61X0NpO_LEFMRLPxi-Iuf1gElHTJHPJgcd0Jdyr1LEK5ICG_mJN2ebbZxef1TkpombdJxApybMKe-pjh0Vmzmv6JykwsC6ulTrSmYqPAiRIgIRa9B5Dg3dWCpIEuwoPYjl-LpEWUer-Ko1nuRXN75-jOiD6XH1xLBNEDf0AwEVU7CK1U93JGOUf3l_kFSB0Vx7kRHpJ9VVEUvlxAAn0ER6L-LaZ4njzpeaRrtuFvoktW90xt54o34cY9uEIETumrTKnaTiEzCzUL0L8wkeyvA'
web_client_id = '23877399802-ipuambh5ipvmvdrfn2mejda1sqj04ugj.apps.googleusercontent.com'
puts self.check_google_token(id_token, web_client_id).inspect
access_token = 'EAAVUeqi4jXwBAFgQrjEc1rfHe2pwqaNmCjJd2gLFOsati3IgVeiFFt1udjU9JrkP04hot0YbMm6VZCHLXdA90LBTrlIyniNXsXIW46EuEFfEFXVFOoBZCSIFNHp3SQF22CJHbiW6bjbCzUuoPhFeNhBnDU6L8cG60wKZAWByQZDZD'
app_id = '1500260676963708'
app_secret = '018f0e4ee844e4a06f2854dc31242a10'
puts self.check_facebook_token(access_token, app_id, app_secret)
end
end
end
AuthTokenUtil.run_test if __FILE__ == $0
<!DOCTYPE html>
<html>
<head>
<title>Facebook Login JavaScript Example</title>
<meta charset="UTF-8">
</head>
<body>
<script>
// This is called with the results from from FB.getLoginStatus().
function statusChangeCallback(response) {
console.log('statusChangeCallback');
console.log(response);
// The response object is returned with a status field that lets the
// app know the current login status of the person.
// Full docs on the response object can be found in the documentation
// for FB.getLoginStatus().
if (response.status === 'connected') {
// Logged into your app and Facebook.
testAPI();
} else if (response.status === 'not_authorized') {
// The person is logged into Facebook, but not your app.
document.getElementById('status').innerHTML = 'Please log ' +
'into this app.';
} else {
// The person is not logged into Facebook, so we're not sure if
// they are logged into this app or not.
document.getElementById('status').innerHTML = 'Please log ' +
'into Facebook.';
}
}
// This function is called when someone finishes with the Login
// Button. See the onlogin handler attached to it in the sample
// code below.
function checkLoginState() {
FB.getLoginStatus(function(response) {
statusChangeCallback(response);
});
}
window.fbAsyncInit = function() {
FB.init({
appId : '1500260676963708',
cookie : true, // enable cookies to allow the server to access
// the session
xfbml : true, // parse social plugins on this page
version : 'v2.2' // use version 2.2
});
// Now that we've initialized the JavaScript SDK, we call
// FB.getLoginStatus(). This function gets the state of the
// person visiting this page and can return one of three states to
// the callback you provide. They can be:
//
// 1. Logged into your app ('connected')
// 2. Logged into Facebook, but not your app ('not_authorized')
// 3. Not logged into Facebook and can't tell if they are logged into
// your app or not.
//
// These three cases are handled in the callback function.
FB.getLoginStatus(function(response) {
statusChangeCallback(response);
});
};
// Load the SDK asynchronously
(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = "//connect.facebook.net/en_US/sdk.js";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));
// Here we run a very simple test of the Graph API after login is
// successful. See statusChangeCallback() for when this call is made.
function testAPI() {
console.log('Welcome! Fetching your information.... ');
FB.api('/me', function(response) {
console.log(response);
console.log('Successful login for: ' + response.name);
document.getElementById('status').innerHTML =
'Thanks for logging in, ' + response.name + '!';
});
}
</script>
<!--
Below we include the Login Button social plugin. This button uses
the JavaScript SDK to present a graphical Login button that triggers
the FB.login() function when clicked.
-->
<fb:login-button scope="public_profile,email" onlogin="checkLoginState();">
</fb:login-button>
<div id="status">
</div>
</body>
</html>
<!DOCTYPE html>
<html>
<head>
<title>Gooogle Login JavaScript Example</title>
<meta charset="UTF-8">
<meta name="google-signin-client_id" content="23877399802-ipuambh5ipvmvdrfn2mejda1sqj04ugj.apps.googleusercontent.com">
<script src="https://apis.google.com/js/platform.js" async defer></script>
</head>
<body>
<script>
function onSignIn(googleUser) {
var profile = googleUser.getBasicProfile();
console.log('ID: ' + profile.getId()); // Do not send to your backend! Use an ID token instead.
console.log('Name: ' + profile.getName());
console.log('Image URL: ' + profile.getImageUrl());
console.log('Email: ' + profile.getEmail());
var id_token = googleUser.getAuthResponse().id_token;
console.log('Id Token: ' + id_token);
}
</script>
<div class="g-signin2" data-onsuccess="onSignIn"></div>
<p>hello</p>
</body>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment