Is the Google Strategy in Passport.js deprecated with the end of Google+

Question

I use Passport.js and passport-google-oauth20 in my nodejs aplication for authenticating with a \"Google Strategy\". I just received an email from Google indicating that I use \

Answer 1

Yes the Google OAuth strategy for Passport currently uses the Google+ API endpoints for retrieving the user's profile information.

If you disable the Google+ API integration from Google console on https://console.developers.google.com/apis/dashboard then the sign-in with Google will not work for your application. The error received back from Google contains this message:

GooglePlusAPIError: Access Not Configured. Google+ API has not been used in project xxxxxx before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/plus.googleapis.com/overview?project=xxxxxx then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.

In order for your application to work properly having Google+ API disabled, you have to use this strategy option:

userProfileURL: 'https://www.googleapis.com/oauth2/v3/userinfo'

like in this example:

var GoogleStrategy = require('passport-google-oauth20').Strategy;

passport.use(new GoogleStrategy({
    clientID: GOOGLE_CLIENT_ID,
    clientSecret: GOOGLE_CLIENT_SECRET,
    callbackURL: "http://www.example.com/auth/google/callback",
    userProfileURL: 'https://www.googleapis.com/oauth2/v3/userinfo'
  },
  function(accessToken, refreshToken, profile, cb) {
           ...
  }
));