How to access user email information without requesting scope userinfo.profile

Question

Currently, I'm only interested to know user's email based on their credentials.

public static Userinfoplus getUserInfo(Credential credentials)
{
    Oauth2 userInfoService =
        new Oauth2.Builder(httpTransport, JSON_FACTORY, credentials).setApplicationName("JStock").build();
    Userinfoplus userInfo = null;
    try {
        userInfo = userInfoService.userinfo().get().execute();
    } catch (IOException e) {
        System.err.println("An error occurred: " + e);
    }
    if (userInfo != null && userInfo.getId() != null) {
        return userInfo;
    } else {
        return null;
    }
}

System.out.println(getUserInfo(credential).getEmail());

However, to make the above code work, I need to include https://www.googleapis.com/auth/userinfo.profile too

Set<String> scopes = new HashSet<String>();
scopes.add("https://www.googleapis.com/auth/userinfo.email");
scopes.add("https://www.googleapis.com/auth/userinfo.profile");
scopes.add(DriveScopes.DRIVE_APPDATA);

I'm not interested in View basic information about your account (https://www.googleapis.com/auth/userinfo.profile). However, if I were remove userinfo.profile, getUserInfo will always return null.

Is there any way to further slim down the scope?

Answer 1

Looks like you are using deprecated scopes. (see here: https://developers.google.com/+/api/oauth#login-scopes)

You might want to try the updated ones. You can also test this on Google's OAuth2 playground: https://developers.google.com/oauthplayground/

It seems to work ok with just email as the scope, but also seems to be inclusive of the profile (something very common BTW).