Security News
New Proposed CISA Mandate Would Require Critical Infrastructure to Report Ransom Payments Within 24 Hours
CISA has proposed a set of new rules that would require critical infrastructure to report cyber incidents and ransom payments.
google-oauth-login
Advanced tools
Google oAuth flow to retrieve access & refresh token
Weekly downloads
Readme
Google oAuth flow to retrieve access & refresh token
This package can be used to get Google access token and refresh token for an user access token.
Implements a server-Side flow for login with Google, similar to one provided by Facebook or Twitter.
This can be used to get User Access Token to make API calls to Google, like getting access to Google My Business
Clone as a Git repository
git clone https://github.com/knitesh/google-login.git
Install as a node_module
npm i google-oauth-login --save
OR
npm install google-oauth-login --save
To initialize Google oAuth function
new GoogleLogin(config)
where config will be
const config = {
clientId,
clientSecret,
scope,
redirectUri,
}
To get oAuth URl for user consent and login
await google.getGoogleOauthUrl()
To extract code received from Google
await google.getOauthCodeAsync(oAuthParam)
To get access token and refresh token(if accessType = offline)
await google.getAccessTokenAsync(oAuthParam)
const express = require('express')
const GoogleLogin = require('google-oauth-login')
const app = express()
const port = 9000
const google = new GoogleLogin({
clientId:<<your Google oAuth Client Id>,
clientSecret: <<your Google oAuth Client Secret>,
redirectUri: 'http://localhost:9000/google/oauth/callback',
scope: 'https://www.googleapis.com/auth/userinfo.profile',
accessType: 'offline', // to get refresh token pass access type: offline
prompt: 'consent', // to prompt user everytime
})
app.get('/google/oauth', async (req, res) => {
// generate the URL that Googl will use for login and consent dialog
var result = await google.getGoogleOauthUrl()
// redirect the user to consent screen
res.redirect(result)
})
// This is the Authrized redirect URl that needs to be added to oAuth Client Id generation screen
// Google will send the code and related scope as query string to this Url
app.get('/google/oauth/callback', async (req, res) => {
const oAuthParam = {
code: req.query.code,
scope: req.query.scope,
}
// if you just need the code
const code = await google.getOauthCodeAsync(oAuthParam)
// get the access token, token_type so that you can make additional call to google
var result = await google.getAccessTokenAsync(oAuthParam)
// This example just showing result returned in a browers
// You should store this in a secure database and never expose to client app
res.send(JSON.stringify(result))
})
app.get('/', (req, res) => {
const _user = req.session && req.session.user
if (_user) {
res.send(JSON.stringify(_user))
} else {
res.send('Login with Google')
}
})
app.listen(port, () => {
console.log(`Example app listening at http://localhost:${port}`)
})
FAQs
Google oAuth flow to retrieve access & refresh token
The npm package google-oauth-login receives a total of 1 weekly downloads. As such, google-oauth-login popularity was classified as not popular.
We found that google-oauth-login demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
CISA has proposed a set of new rules that would require critical infrastructure to report cyber incidents and ransom payments.
Security News
Redis is no longer OSS, breaking its explicit commitment to remain under the BSD 3-Clause License forever. This has angered contributors who are now working to fork the software.
Product
Socket AI now enables 'AI detected potential malware' alerts by default, ensuring users benefit from AI-powered state-of-the-art malware detection without needing to opt-in.