From b0e2fbf782e0ea623e761d346e297f39630de1ac Mon Sep 17 00:00:00 2001
From: Michael Snoyman <michael@snoyman.com>
Date: Thu, 27 Nov 2014 14:08:18 +0200
Subject: [PATCH] Google OAuth authentication #40

---
 Foundation.hs              | 12 +++++++++---
 Settings.hs                | 12 ++++++++++++
 config/settings.yml-sample |  3 +++
 3 files changed, 24 insertions(+), 3 deletions(-)

diff --git a/Foundation.hs b/Foundation.hs
index 73e6b49..11b2ed6 100644
--- a/Foundation.hs
+++ b/Foundation.hs
@@ -6,7 +6,7 @@ import           Data.Slug (safeMakeSlug, HasGenIO (getGenIO), randomSlug, Slug,
 import qualified Database.Persist
 import           Model
 import qualified Settings
-import           Settings (widgetFile, Extra (..))
+import           Settings (widgetFile, Extra (..), GoogleAuth (..))
 import           Settings.Development (development)
 import           Settings.StaticFiles
 import qualified System.Random.MWC as MWC
@@ -15,7 +15,7 @@ import           Text.Jasmine (minifym)
 import           Types
 import           Yesod.Auth
 import           Yesod.Auth.BrowserId
-import           Yesod.Auth.GoogleEmail
+import           Yesod.Auth.GoogleEmail2
 import           Yesod.Core.Types (Logger, GWData)
 import           Yesod.Default.Config
 import           Yesod.Default.Util (addStaticContentExternal)
@@ -218,7 +218,13 @@ instance YesodAuth App where
                 Just _  -> getHandle (cnt + 1)
 
     -- You can add other plugins like BrowserID, email or OAuth here
-    authPlugins _ = [authBrowserId def, authGoogleEmail]
+    authPlugins app =
+        authBrowserId def : google
+      where
+        google =
+            case googleAuth $ appExtra $ settings app of
+                Nothing -> []
+                Just GoogleAuth {..} -> [authGoogleEmail gaClientId gaClientSecret]
 
     authHttpManager = httpManager
 instance YesodAuthPersist App
diff --git a/Settings.hs b/Settings.hs
index 882f97a..8d3b83e 100644
--- a/Settings.hs
+++ b/Settings.hs
@@ -68,6 +68,7 @@ data Extra = Extra
     { storeConfig :: !BlobStoreConfig
     , hackageRoot :: !HackageRoot
     , adminUsers  :: !(HashSet Text)
+    , googleAuth  :: !(Maybe GoogleAuth)
     }
     deriving Show
 
@@ -76,6 +77,7 @@ parseExtra _ o = Extra
     <$> o .: "blob-store"
     <*> (HackageRoot <$> o .: "hackage-root")
     <*> o .:? "admin-users" .!= mempty
+    <*> o .:? "google-auth"
 
 data BlobStoreConfig = BSCFile !FilePath
                      | BSCAWS !FilePath !Text !Text !Text !Text
@@ -95,3 +97,13 @@ instance FromJSON BlobStoreConfig where
             <*> o .: "secret"
             <*> o .: "bucket"
             <*> o .:? "prefix" .!= ""
+
+data GoogleAuth = GoogleAuth
+    { gaClientId :: !Text
+    , gaClientSecret :: !Text
+    }
+    deriving Show
+instance FromJSON GoogleAuth where
+    parseJSON = withObject "GoogleAuth" $ \o -> GoogleAuth
+        <$> o .: "client-id"
+        <*> o .: "client-secret"
diff --git a/config/settings.yml-sample b/config/settings.yml-sample
index 9f2eccc..e0ba0c7 100644
--- a/config/settings.yml-sample
+++ b/config/settings.yml-sample
@@ -5,6 +5,9 @@ Default: &defaults
   hackage-root: http://hackage.fpcomplete.com
   admin-users:
   - fpcomplete
+  # google-auth:
+    # client-id: foo
+    # client-secret: bar
 
 Development:
   <<: *defaults