Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
google-oauth-login
Advanced tools
Readme
Google oAuth flow to retrieve access & refresh token
This package can be used to get Google access token and refresh token for an user access token.
Implements a server-Side flow for login with Google, similar to one provided by Facebook or Twitter.
This can be used to get User Access Token to make API calls to Google, like getting access to Google My Business
Clone as a Git repository
git clone https://github.com/knitesh/google-login.git
Install as a node_module
npm i google-oauth-login --save
OR
npm install google-oauth-login --save
To initialize Google oAuth function
new GoogleLogin(config)
where config will be
const config = {
clientId,
clientSecret,
scope,
redirectUri,
}
To get oAuth URl for user consent and login
await google.getGoogleOauthUrl()
To extract code received from Google
await google.getOauthCodeAsync(oAuthParam)
To get access token and refresh token(if accessType = offline)
await google.getAccessTokenAsync(oAuthParam)
const express = require('express')
const GoogleLogin = require('google-oauth-login')
const app = express()
const port = 9000
const google = new GoogleLogin({
clientId:<<your Google oAuth Client Id>,
clientSecret: <<your Google oAuth Client Secret>,
redirectUri: 'http://localhost:9000/google/oauth/callback',
scope: 'https://www.googleapis.com/auth/userinfo.profile',
accessType: 'offline', // to get refresh token pass access type: offline
prompt: 'consent', // to prompt user everytime
})
app.get('/google/oauth', async (req, res) => {
// generate the URL that Googl will use for login and consent dialog
var result = await google.getGoogleOauthUrl()
// redirect the user to consent screen
res.redirect(result)
})
// This is the Authrized redirect URl that needs to be added to oAuth Client Id generation screen
// Google will send the code and related scope as query string to this Url
app.get('/google/oauth/callback', async (req, res) => {
const oAuthParam = {
code: req.query.code,
scope: req.query.scope,
}
// if you just need the code
const code = await google.getOauthCodeAsync(oAuthParam)
// get the access token, token_type so that you can make additional call to google
var result = await google.getAccessTokenAsync(oAuthParam)
// This example just showing result returned in a browers
// You should store this in a secure database and never expose to client app
res.send(JSON.stringify(result))
})
app.get('/', (req, res) => {
const _user = req.session && req.session.user
if (_user) {
res.send(JSON.stringify(_user))
} else {
res.send('Login with Google')
}
})
app.listen(port, () => {
console.log(`Example app listening at http://localhost:${port}`)
})
FAQs
Google oAuth flow to retrieve access & refresh token
The npm package google-oauth-login receives a total of 1 weekly downloads. As such, google-oauth-login popularity was classified as not popular.
We found that google-oauth-login demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.