passport-google-oauth2
passport-google-oauth2 copied to clipboard
mstade
refreshToken
Hi! I am not able to access the refreshToken inside the 'new Strategy' callback function. When logging in it does ask for offline access, and everything works, except for accessing the refreshtoken.
@natanbr yes, here what I'm currently doing:
const passportGoogle = require('passport-google-oauth').OAuth2Strategy;
const computeConnectedUser = strategy => (req, accessToken, refreshToken, profile, done) => done(false, { strategy, accessToken, refreshToken, ...profile });
const googleStrategy = new passportGoogle({
clientID: googleConfig.clientID,
clientSecret: googleConfig.clientSecret,
callbackURL: googleConfig.callbackURL,
profileFields: googleConfig.profileFields,
passReqToCallback: true,
}, computeConnectedUser('google'));
passport.use(googleStrategy);
router.all(googleConfig.connectURL, passport.authenticate('google', { authType: 'rerequest', accessType: 'offline', prompt: 'consent', includeGrantedScopes: true, scope: googleConfig.scope }));
router.all(googleConfig.callbackURL, passport.authenticate('google', { failureRedirect: googleConfig.connectURL, session: false }), oauthed);
Thanks a lot! @damianobarbati The reason it didn't work for me is that I set the params in the strategy I had to set them for the connection URL
This is the working code:
router.get('/:provider', // ConnectionURL
(req, res, next)=> {
passport.authenticate(`${req.params.provider}`, { authType: 'rerequest', accessType: 'offline', prompt: 'consent', includeGrantedScopes: true })(req, res, next);
}
);
@damianobarbati I'm not sure exactly what you're doing which is making it work for you...
My own implementation is pretty minimal and still my refreshToken is undefined :/
const GoogleStrategy = require('passport-google-oauth2').Strategy;
passport.use(new GoogleStrategy({
clientID: "whatever",
clientSecret: "whatever",
callbackURL: "http://localhost:3000/api/auth/google/callback",
passReqToCallback: true
},
(request, accessToken, refreshToken, profile, done) => {
process.nextTick(() => {
console.log(refreshToken); //<-------undefined :(
done(null, null, refreshToken);
});
}
));
//...the auth route:
app.get("/api/auth/google/:id", (req, res, next) => {
passport.authenticate("google", {
session: false,
state: req.params.id,
scope: ["https://www.googleapis.com/auth/plus.login"]
})(req, res, next);
});
//...the callback
app.get("/api/auth/google/callback", (req, res, next) => {
passport.authenticate("google", (err, user, refreshToken) => {
console.log(refreshToken); //<------ still undefined
})(req, res, next);
});
I'm not sure what I'm doing wrong, this is almost exactly how it is in the readme (only difference being that I'm handling redirection myself). I get the accessToken just fine but the refresh token is nowhere to be seen.
@natanbr What do you mean by "I set the params in the strategy"? @damianobarbati What exactly did you change in your code which made it work? @sdemoor Did you get it to work?
@AdityaAnand1 double check the following => accessType: 'offline', prompt: 'consent'
@damianobarbati Ahh, that did it! I didn't realize that was the extra options bits. Thank you! (I didn't see anything like this in the docs though 😕)
Here's my working connect route for future lost souls:
app.get("/api/auth/google/:id", (req, res, next) => {
passport.authenticate("google", {
accessType: 'offline',
prompt: 'consent',
session: false,
state: req.params.id,
scope:
["https://www.googleapis.com/auth/plus.stream.write",]
})(req, res, next);
});
(I didn't see anything like this in the docs though 😕)
Yeah the docs really could use some work.
