-->

how to remove openid since google auth is deprecia

2019-04-13 16:55发布

问题:

As per the latest circular, google plus oauth is depreciated. As per my understanding, i should be concerned only if i am using plus.me in my code.

My code:

google = oauth.remote_app(
    'google',
    consumer_key=app.config.get('GOOGLE_ID'),
    consumer_secret=app.config.get('GOOGLE_SECRET'),
    request_token_params={
        'scope': ['https://www.googleapis.com/auth/userinfo.email'],
            'access_type': 'offline',
            'approval_prompt':'force'
    },
    base_url='https://www.googleapis.com/oauth2/v1/',
    request_token_url=None,
    access_token_method='POST',
    access_token_url='https://accounts.google.com/o/oauth2/token',
    authorize_url='https://accounts.google.com/o/oauth2/auth',
)

However, i can still see openid in my google developer console. Scopes for Google APIs

  • email
  • profile
  • openid

Also, API response is returning scope as plus.me

Response from google auth: {
u'access_token': u'ya29.GluoFWy', 
u'id_token'hbGciYA', 
u'expires_in': 3600, 
u'token_type': u'Bearer', 
u'scope': u'https://www.googleapis.com/auth/userinfo.email
https://www.googleapis.com/auth/plus.me', 
u'refresh_token': u'1/jgwO0w'}

I have checked that i am not accessing plus.me anywhere. I am really confused if i need code changes or not.