Merge pull request #182 from funkymrrogers/master

Google UI changes
This commit is contained in:
Jehiah Czebotar 2015-12-16 20:20:48 -05:00
commit beebf4dff9

View File

@ -40,13 +40,18 @@ The provider can be selected using the `provider` configuration value.
For Google, the registration steps are: For Google, the registration steps are:
1. Create a new project: https://console.developers.google.com/project 1. Create a new project: https://console.developers.google.com/project
2. Under "APIs & Auth", choose "Credentials" 2. Choose the new project from the top right project dropdown (only if another project is selected)
3. Now, choose "Create new Client ID" 3. In the project Dashboard center pane, choose **"Enable and manage APIs"**
* The Application Type should be **Web application** and click **Configure Consent Screen** 4. In the left Nav pane, choose **"Credentials"**
* Fill out the appropriate details on the Consent Screen page and hit **Save** 5. In the center pane, choose **"OAuth consent screen"** tab. Fill in **"Product name shown to users"** and hit save.
* On the next screen, leaving **Web Application** checked, enter your domain in the Authorized Javascript Origins `https://internal.yourcompany.com` 6. In the center pane, choose **"Credentials"** tab.
* Enter the correct Authorized Redirect URL `https://internal.yourcompany.com/oauth2/callback` * Open the **"New credentials"** drop down
* NOTE: `oauth2_proxy` will _only_ callback on the path `/oauth2/callback` * Choose **"OAuth client ID"**
* Choose **"Web application"**
* Application name is freeform, choose something appropriate
* Authorized JavaScript origins is your domain ex: `https://internal.yourcompany.com`
* Authorized redirect URIs is the location of oath2/callback ex: `https://internal.yourcompany.com/oauth2/callback`
* Choose **"Create"**
4. Take note of the **Client ID** and **Client Secret** 4. Take note of the **Client ID** and **Client Secret**
It's recommended to refresh sessions on a short interval (1h) with `cookie-refresh` setting which validates that the account is still authorized. It's recommended to refresh sessions on a short interval (1h) with `cookie-refresh` setting which validates that the account is still authorized.