activeadminにおけるGoogle認証（omniauth-google-oauth2）導入手順 ref: http://qiita.com/yhirano55/items/35723893461717302940

.env

GOOGLE_CLIENT_ID=**********YOUR_CLIENT_ID**********
GOOGLE_CLIENT_SECRET=**********GOOGLE_CLIENT_SECRET**********

admin_user.rb

class AdminUser < ActiveRecord::Base

  devise :database_authenticatable, :omniauthable, :trackable, :validatable

  with_options presence: true do
    validates :email # whitelistでフィルタする場合、inclusionやformatのvalidationを追加
    validates :provider
    validates :uid, uniqueness: { scope: :provider }
  end

  # こちらは、ほぼ公式wiki通りに書いているが、パスワード認証しないなら、常時falseでよい
  # Devise override to ignore the password requirement if the user is authenticated
  def password_required?
    return false if provider.present?
    super
  end

  class << self
    def from_omniauth(auth)
      admin_user = where(email: auth.info.email).first || where(auth.slice(:provider, :uid).to_h).first || new
      admin_user.tap { |this| this.update_attributes(provider: auth.provider, uid: auth.uid, email: auth.info.email) }
    end
  end
end

devise.rb

config.omniauth :google_oauth2, ENV['GOOGLE_CLIENT_ID'], ENV['GOOGLE_CLIENT_SECRET'], scope: "email"

file4.sh

$ bundle exec rails g migration change_columns_in_admin_users

file6.sh

$ bundle exec rake db:migrate

Gemfile

gem 'dotenv-rails', require: 'dotenv/rails-now'

new.html.erb

<div id="login">
  <h2><%= render_or_call_method_or_proc_on(self, active_admin_application.site_title) %> <%= title t('active_admin.devise.login.title') %></h2>
  <div style="text-align: center">
    <%- if devise_mapping.omniauthable? %>
      <%- resource_class.omniauth_providers.each do |provider| %>
        <%= button_to(
              t('active_admin.devise.links.sign_in_with_omniauth_provider', provider: provider.to_s.titleize),
              omniauth_authorize_path(resource_name, provider)) %><br />
      <% end -%>
    <% end -%>
  </div>
</div>

omniauth_callbacks_controller.rb

class AdminUsers::OmniauthCallbacksController < Devise::OmniauthCallbacksController

  def all
    admin_user = AdminUser.from_omniauth(auth_hash)

    if admin_user.persisted?
      flash.notice = "Signed in!"
      sign_in_and_redirect admin_user
    else
      flash.notice = "We couldn't sign you in because: " + admin_user.errors.full_messages.to_sentence
      redirect_to new_admin_user_session_url
    end
  end

  # providerを追加したら、aliasも追加
  # 追加予定ないなら、#all => #google_oauth2 に変更する感じ
  alias_method :google_oauth2, :all

  private

  def auth_hash
    request.env["omniauth.auth"]
  end
end

routes.rb

Rails.application.routes.draw do
  devise_config = ActiveAdmin::Devise.config
  devise_config[:controllers][:omniauth_callbacks] = 'admin_users/omniauth_callbacks'
  devise_for :admin_users, devise_config
  ActiveAdmin.routes(self)
  #...

YYYYMMDDHHMMSS_change_columns_in_admin_users.rb

class ChangeColumnsInAdminUsers < ActiveRecord::Migration
  def change
    add_column :admin_users, :provider, :string
    add_column :admin_users, :uid,      :string

    add_index :admin_users, [:provider, :uid], unique: true

    # パスワード認証を廃止するため、以下は削除（共存させる場合は残す）
    remove_column :admin_users, :reset_password_token,   :string
    remove_column :admin_users, :reset_password_sent_at, :datetime
    remove_column :admin_users, :remember_sent_at,       :datetime
  end
end