Google OAuth API to get user's email address?

Question

I am playing with Google\'s OAuth 2.0 Playground using my own personal Google account, but I cannot seem to recover my Gmail address using the playground.

The scope

Answer 1

You'll want to add the https://www.googleapis.com/auth/userinfo.email scope or replace https://www.googleapis.com/oauth2/v2/userinfo with it. If you're using the HTML example they provide, you can list multiple scopes separated by a space.

<span
  class="g-signin"
  data-callback="signInCallback"
  data-clientid="{{ plus_id }}"
  data-cookiepolicy="single_host_origin"
  data-requestvisibleactions="http://schemas.google.com/AddActivity"
  data-scope="https://www.googleapis.com/auth/plus.login   
  https://www.googleapis.com/auth/userinfo.email">
</span>

Answer 2

https://developers.google.com/gmail/api/v1/reference/users/getProfile

For gmails api, add this to nodejs code:

function getUsersEmail (auth) {
  const gmail = google.gmail({version: 'v1', auth})
  gmail.users.getProfile({
    userId: 'me'
  }, (err, {data}) => {
    if (err) return console.log('The API returned an error: ' + err)
    console.log(data.emailAddress)
  })
}

Gmails api: https://developers.google.com/gmail/api/guides/

Answer 3

I have been following Prisoner's answer right above, and it helped me... until I received the email from Google Developers about how Google+ API will be shutdown on March 7, 2019.

I scrounged around and found this solution to get the email using an id_token that is returned when you authorize an app with the email scope on your developer console.

From Google Sign-in for Websites:

To validate an ID token in PHP, use the Google API Client Library for PHP. Install the library (for example, using Composer):

composer require google/apiclient

Then, call the verifyIdToken() function. For example:

require_once 'vendor/autoload.php';

// Get $id_token via HTTPS POST.

$client = new Google_Client(['client_id' => $CLIENT_ID]);  // Specify the CLIENT_ID of the app that accesses the backend
$payload = $client->verifyIdToken($id_token);
if ($payload) {
  $userid = $payload['sub'];
  // If request specified a G Suite domain:
  //$domain = $payload['hd'];
} else {
  // Invalid ID token
}

This will return an array that contains the user information, that also contains the email of the user who logged in. Hope this helps anyone else.

Answer 4

This is actually a bit of a challenge as Google does not provide an email by default. You must specifically request it from Google Plus.

const scope = [
  'https://www.googleapis.com/auth/plus.me', // request access here
  'https://www.googleapis.com/auth/userinfo.email',
];

auth.generateAuthUrl({
  access_type: 'offline',
  prompt: 'consent',
  scope: scope,
});

const plus = google.plus({ version: 'v1', auth });
const me = await plus.people.get({ userId: 'me' });
const userEmail = me.data.emails[0].value;

There is a full version in this blog post I wrote: https://medium.com/@jackscott/how-to-use-google-auth-api-with-node-js-888304f7e3a0

Answer 5

For signing in with Google using OAuth 2.0, there's no need to make a separate request to get user's email.

When Google calls the callback URL, it provides a code in the query string that you could use to exchange for access token and ID token. The ID token is a JWT that contains identity information about the user, which includes the email address.

See more information here: https://developers.google.com/identity/protocols/oauth2/openid-connect