lib/assent/strategies/google.ex

defmodule Assent.Strategy.Google do
  @moduledoc """
  Google OpenID Connect strategy.

  In the normalized user response a `hd` ("Hosted Domain") field is
  included in user parameters and can be used to limit access to users
  belonging to a particular hosted domain.

  ## Usage

      config = [
        client_id: "REPLACE_WITH_CLIENT_ID",
        client_secret: "REPLACE_WITH_CLIENT_SECRET",
        redirect_uri: "http://localhost:4000/auth/callback"
      ]

  To get the refresh token, it's necessary to pass `access_type: "offline"` in
  the authorization request:

      config = [
        client_id: "REPLACE_WITH_CLIENT_ID",
        client_secret: "REPLACE_WITH_CLIENT_SECRET",
        authorization_params: [
          access_type: "offline",
          scope: "email profile"
        ]
      ]

  See `Assent.Strategy.OAuth2` for more.
  """
  use Assent.Strategy.OIDC.Base

  @impl true
  def default_config(_config) do
    [
      base_url: "https://accounts.google.com/",
      authorization_params: [scope: "email profile"],
      client_authentication_method: "client_secret_post"
    ]
  end
end