django social auth限制用户数据

Question

我已将django social auth's配置为仅从谷歌电子邮件中获取，但谷歌显示此屏幕警告应用程序用户将收集性别，出生日期，图片，语言：

我的django-social-auth配置如下：

WHITE_LISTED_DOMAINS = [ 'some_domain', ]
GOOGLE_WHITE_LISTED_DOMAINS = WHITE_LISTED_DOMAINS
SOCIAL_AUTH_EXTRA_DATA = False    
#LOGIN_ERROR_URL    = '/login-error/' Not set
#SOCIAL_AUTH_DEFAULT_USERNAME = 'new_social_auth_user' Not set
#GOOGLE_CONSUMER_KEY          = '' Not set
#GOOGLE_CONSUMER_SECRET       = '' Not set
#GOOGLE_OAUTH2_CLIENT_ID      = '' Not set
#GOOGLE_OAUTH2_CLIENT_SECRET  = '' Not set
SOCIAL_AUTH_USERNAME_IS_FULL_EMAIL = False
SOCIAL_AUTH_PROTECTED_USER_FIELDS = ['email',]

INSTALLED_APPS = (
    'django.contrib.auth',
     ...
    'social_auth',
)

如何避免此google消息？

EDITED

我已转移到GoogleOauth2身份验证并继承和更改Google后端：

from social_auth.backends.google import *

GOOGLE_OAUTH2_SCOPE = ['https://www.googleapis.com/auth/userinfo.email',]

class GoogleOAuth2(BaseOAuth2):
    """Google OAuth2 support"""
    AUTH_BACKEND = GoogleOAuth2Backend
    AUTHORIZATION_URL = 'https://accounts.google.com/o/oauth2/auth'
    ACCESS_TOKEN_URL = 'https://accounts.google.com/o/oauth2/token'
    REVOKE_TOKEN_URL = 'https://accounts.google.com/o/oauth2/revoke'
    REVOKE_TOKEN_METHOD = 'GET'
    SETTINGS_SECRET_NAME = 'GOOGLE_OAUTH2_CLIENT_SECRET'
    SCOPE_VAR_NAME = 'GOOGLE_OAUTH_EXTRA_SCOPE'
    DEFAULT_SCOPE = GOOGLE_OAUTH2_SCOPE
    REDIRECT_STATE = False

    print DEFAULT_SCOPE  #<------ to be sure

    def user_data(self, access_token, *args, **kwargs):
        """Return user data from Google API"""
        return googleapis_profile(GOOGLEAPIS_PROFILE, access_token)

    @classmethod
    def revoke_token_params(cls, token, uid):
        return {'token': token}

    @classmethod
    def revoke_token_headers(cls, token, uid):
        return {'Content-type': 'application/json'}

但谷歌仍在询问个人资料数据，个人资料仍在范围内：

  

https://accounts.google.com/o/oauth2/auth?response_type=code&scope=https://www.googleapis.com/auth/userinfo.email+https://www.googleapis.com/auth/userinfo.profile&redirect_uri= ...

如果我手动修改社交验证代码而不是继承，则运行正常：

def get_scope(self):
    return ['https://www.googleapis.com/auth/userinfo.email',]

我的代码出了什么问题？

Answer 1

那是因为谷歌后端使用的默认范围设置为（电子邮件和个人资料信息），它定义为here。为了避免您可以创建自己的谷歌后端，只需设置所需的范围，然后使用该后端而不是内置的后端。例如：

from social_auth.backends.google import GoogleOAuth2

class SimplerGoogleOAuth2(GoogleOAuth2):
    DEFAULT_SCOPE = ['https://www.googleapis.com/auth/userinfo.email']

Answer 2

不知道如何在AUTHENTICATION_BACKENDS中添加的人，如果使用Omab建议的方式，则需要在setting.py文件中添加新定义的后端：

AUTHENTICATION_BACKENDS = (
    'app_name.file_name.class_name',  #ex: google_auth.views.SimplerGoogleOAuth2
    # 'social_core.backends.google.GoogleOAuth2', # comment this as no longer used
    'django.contrib.auth.backends.ModelBackend',
)

要了解如何创建类SimplerGoogleOAuth2 ，请检查Omab的答案。