Authenticate to Google API with Node JS

Question

What I have so far is the app redirects to the consent page. The user accepts, then I\'m redirected back to localhost with a valid authorization code. From what I understa

Answer 1

The Dummy's Guide to 3-legged Google OAuth.

Literally everything you need to know is on this single page https://developers.google.com/identity/protocols/OAuth2WebServer . Read it twice and you'll be an OAuth ninja. In summary, it says ...

1. Construct an accounts.google.com URL with 4 query params :-
   1. client_id to identify your app
   2. scope to say what permissions you're asking for
   3. redirect_uri to tell Google where to redirect the user's browser with the result
   4. response_type=code to say you want an Auth Code
2. redirect the user's browser to that URL
3. Have a sip of coffee while the user logs in, chooses his Google account, and grants permission, until eventually ...
4. The user's browser gets redirected back to your app's redirect_uri, with a query param of code which is the one-time Auth Code
5. Post the Auth Code to Google's token endpoint
6. Parse the JSON response to get the Access Token
7. Use the Access Token in a "authorization: bearer access_token" http header for your subsequent Google API requests

If you go to https://developers.google.com/oauthplayground/ you can run through the steps online to see what the various URLs and responses look like.

Answer 2

I wrote this library to get user information, hope this helps.

'use strict'

const { google } = require('googleapis')
const credentials = require('../configs/config').google

class googleApi {
    constructor(){
        const {client_id, client_secret, redirectUri } = credentials;
        this.oAuth2Client = new google.auth.OAuth2(client_id, client_secret, redirectUri)
    }

    generateUrl(scopes){
        const url = this.oAuth2Client.generateAuthUrl({
            access_type: 'offline',
            scope: scopes.join(' ')
        })
        return url;
    }

    async getUserInfo(code){
        const credentials = await this.oAuth2Client.getToken(code)
        this.oAuth2Client.setCredentials(credentials.tokens);
        const plus = google.plus({
            version: 'v1',
            auth: this.oAuth2Client,
        });
        const data = await plus.people.get({userId: 'me'});
        return data;
    }
}

module.exports = new googleApi();

and this is the implementation:

'use strict'
const googleApi = require('../libs/google');

exports.requestGmailAuth = function (req, res, next){
    let url = googleApi.generateUrl(scopes)
    res.redirect(url);
}

exports.getGmailUserInfo = async function (req, res, next){
    const qs = new url.URL(req.url, 'http://localhost:3000').searchParams;
    let code = qs.get('code')
    if(!code){
        next(new Error('No code provided'))
    }
    googleApi.getUserInfo(code)
        .then(function(response){
            res.send(response.data)
        }).catch(function(e){
            next(new Error(e.message))
    })
}

these are the routes:

app.get('/request/gmail/auth', user.requestGmailAuth)
app.get('/get/gmail/user', user.getGmailUserInfo)

When /request/gmail/auth receives a request it redirects to consent page then the consent page redirects to /get/gmail/user with the "code" parameter.

try this snipet and if the problem persists check your client id and client secret, and also make sure that you have google plus api enabled in your developer dashboard.