As per the latest circular, google plus oauth is depreciated. As per my understanding, i should be concerned only if i am using plus.me in my code.
My code:
google = oauth.remote_app(
'google',
consumer_key=app.config.get('GOOGLE_ID'),
consumer_secret=app.config.get('GOOGLE_SECRET'),
request_token_params={
'scope': ['https://www.googleapis.com/auth/userinfo.email'],
'access_type': 'offline',
'approval_prompt':'force'
},
base_url='https://www.googleapis.com/oauth2/v1/',
request_token_url=None,
access_token_method='POST',
access_token_url='https://accounts.google.com/o/oauth2/token',
authorize_url='https://accounts.google.com/o/oauth2/auth',
)
However, i can still see openid in my google developer console. Scopes for Google APIs
- profile
- openid
Also, API response is returning scope as plus.me
Response from google auth: {
u'access_token': u'ya29.GluoFWy',
u'id_token'hbGciYA',
u'expires_in': 3600,
u'token_type': u'Bearer',
u'scope': u'https://www.googleapis.com/auth/userinfo.email
https://www.googleapis.com/auth/plus.me',
u'refresh_token': u'1/jgwO0w'}
I have checked that i am not accessing plus.me anywhere. I am really confused if i need code changes or not.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 叛逆 的文章《how to remove openid since google auth is deprecia》','https://www.manongdao.com/article-711619.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}