google_sign_in

What's Changed

• Make compatible with Rails 7 by @terracatta in https://github.com/basecamp/google_sign_in/pull/58

Full Changelog: https://github.com/basecamp/google_sign_in/compare/v1.2.0...v1.2.1

Bring released gem in line with latest source.

• Upgrades to a newer Google token endpoint to fix that ID tokens sometimes didn’t contain name or avatar URL data even when it was available (095bbcf)

• Prepends routes instead of appending them to accommodate catch-all routes (52f71b3)

• Adds GoogleSignIn::Identity#hosted_domain (#15)
• Increases the size of the OAuth state token, which protects against cross-site request forgery, on Google’s recommendation (c2a122a)

• Generates a local form to keep Rails UJS from handling redirects to Google (5338fbee)

• Avoids logging authorization codes from request parameters (605f35f)

Switches from Google’s JS Platform Library to server-side OAuth 2.0 (#13). This fixes signing in with third-party cookies disabled, or with a tracker-blocker restricting Google’s JS.

• Previous versions of this gem required setting GoogleSignIn::Identity.client_id in an initializer. Instead, you’ll now provide an OAuth 2.0 client ID and client secret. See the README for details.

• The google_sign_in helper has been replaced by google_sign_in_button:

  <%= google_sign_in_button 'Sign in with my Google account', proceed_to: create_login_url %>
  
  <%= google_sign_in_button image_tag('google_logo.png', alt: 'Google'), proceed_to: create_login_url %>
  
  <%= google_sign_in_button proceed_to: create_login_url do %>
    Sign in with my <%= image_tag('google_logo.png', alt: 'Google') %> account
  <% end %>
  

  The proceed_to argument is required. After authenticating with Google, the gem redirects to proceed_to, providing a Google ID token in flash[:google_sign_in_token]. See the README for examples.

• <%= yield :head %> is no longer required. The gem no longer injects a <script> tag that loads the Google Platform Library.