passport-google-oauth2
passport-google-oauth2 copied to clipboard
jaredhanson
Passport + Google OAuth2 + AWS Cognito
Hi there
I'm getting this
NotAuthorizedException: Invalid login token. Not a valid OpenId Connect identity token.
when trying to use the accessToken you return to create an Identity on Cognito, any ideas?
I found on AWS forum this
UPDATE: Finally figured out the issue. The token I was using was incorrect. It should be id_token that is returned from Google and not the access_token or refresh_token.
any ideas of what that could be or how it could be fixed?
thanks!
Found a solution!
The correct token to use is not the standard accessToken inside the verify function (second argument) of the strategy:
passport.use(new GoogleStrategy({
clientID: GOOGLE_CLIENT_ID,
clientSecret: GOOGLE_CLIENT_SECRET,
callbackURL: CALLBACK_URL,
},
(accessToken, refreshToken, params, profile, done) => {
process.nextTick(() => done(null, {
accessToken,
refreshToken,
idToken: params.id_token,
profile
}))
}
))
you can find the correct token id_token in the params argument.
Hope it helps
I still get this error. I don't see params being passed back in the Google Strategy callback. Any ideas?
passport.use(new GoogleStrategy({ clientID: process.env.CLIENT_ID, clientSecret: process.env.CLIENT_SECRET, callbackURL: "", userProfile:"https://www.googleapis.com/oauth2/userinfo" }, function(accessToken, refreshToken, profile, cb) { User.findOrCreate({ googleId: profile.id }, function (err, user) { return cb(err, user); }); } ));