Authenticate to Google API with Node JS
I wrote this library to get user information, hope this helps.
'use strict'
const { google } = require('googleapis')
const credentials = require('../configs/config').google
class googleApi {
constructor(){
const {client_id, client_secret, redirectUri } = credentials;
this.oAuth2Client = new google.auth.OAuth2(client_id, client_secret, redirectUri)
}
generateUrl(scopes){
const url = this.oAuth2Client.generateAuthUrl({
access_type: 'offline',
scope: scopes.join(' ')
})
return url;
}
async getUserInfo(code){
const credentials = await this.oAuth2Client.getToken(code)
this.oAuth2Client.setCredentials(credentials.tokens);
const plus = google.plus({
version: 'v1',
auth: this.oAuth2Client,
});
const data = await plus.people.get({userId: 'me'});
return data;
}
}
module.exports = new googleApi();
and this is the implementation:
'use strict'
const googleApi = require('../libs/google');
exports.requestGmailAuth = function (req, res, next){
let url = googleApi.generateUrl(scopes)
res.redirect(url);
}
exports.getGmailUserInfo = async function (req, res, next){
const qs = new url.URL(req.url, 'http://localhost:3000').searchParams;
let code = qs.get('code')
if(!code){
next(new Error('No code provided'))
}
googleApi.getUserInfo(code)
.then(function(response){
res.send(response.data)
}).catch(function(e){
next(new Error(e.message))
})
}
these are the routes:
app.get('/request/gmail/auth', user.requestGmailAuth)
app.get('/get/gmail/user', user.getGmailUserInfo)
When /request/gmail/auth receives a request it redirects to consent page then the consent page redirects to /get/gmail/user with the "code" parameter.
try this snipet and if the problem persists check your client id and client secret, and also make sure that you have google plus api enabled in your developer dashboard.
The Dummy's Guide to 3-legged Google OAuth.
Literally everything you need to know is on this single page https://developers.google.com/identity/protocols/OAuth2WebServer . Read it twice and you'll be an OAuth ninja. In summary, it says ...
- Construct an accounts.google.com URL with 4 query params :-
client_id
to identify your appscope
to say what permissions you're asking forredirect_uri
to tell Google where to redirect the user's browser with the resultresponse_type=code
to say you want an Auth Code
- redirect the user's browser to that URL
- Have a sip of coffee while the user logs in, chooses his Google account, and grants permission, until eventually ...
- The user's browser gets redirected back to your app's
redirect_uri
, with a query param ofcode
which is the one-time Auth Code - Post the Auth Code to Google's token endpoint
- Parse the JSON response to get the Access Token
- Use the Access Token in a "authorization: bearer access_token" http header for your subsequent Google API requests
If you go to https://developers.google.com/oauthplayground/ you can run through the steps online to see what the various URLs and responses look like.