passport-google-oauth-jwt
Passport strategy for authentication with Google that meets the Migrating to Google Sign-In Guide.
The strategy will get access_token, refresh_token and email (with right scopes) of signed-in account by parsing JWT returned from Google OAuth. It does not get full Google profile, but it does not require Google + API enabled in Google Developer's Console. If you want to get a full one, please consider using passport-google-oauth.
Install
$ npm install passport-google-oauth-jwt
Usage
Configurate Strategy
var GoogleStrategy = require('passport-google-oauth-jwt').GoogleOauthJWTStrategy; passport.use(new GoogleStrategy({ clientId: GOOGLE_CLIENT_ID, clientSecret: GOOGLE_CLIENT_SECRET}, function verify(accessToken, loginInfo, refreshToken, done) { User.findOrCreate({ googleEmail: loginInfo.email }, function (err, user) { return done(err, user); });}));
Authentication Requests
Use passport.authentication()
, specifying the 'google-oauth-jwt'
strategy, to authenticate requests.
For example, as route middleware in an Express application:
app.get('/auth/google', passport.authenticate('google-oauth-jwt', { callbackUrl: 'http://localhost:3000/auth/google/callback', scope: 'email'})); app.get('/auth/google/callback', passport.authenticate('google-oauth-jwt', { callbackUrl: 'http://localhost:3000/auth/google/callback'}), function onAuthenticate(req, res) { // Successful authentication, redirect home res.redirect('/');});
Examples
For a complete, working example, refer to the example.
$ npm install
$ npm start
Tests
$ npm install
$ npm test