passport-google-oauth-jwt

NPM Version NPM Downloads Coverage Status Build Status

Passport strategy for authentication with Google that meets the Migrating to Google Sign-In Guide.

The strategy will get access_token, refresh_token and email (with right scopes) of signed-in account by parsing JWT returned from Google OAuth. It does not get full Google profile, but it does not require Google + API enabled in Google Developer's Console. If you want to get a full one, please consider using passport-google-oauth.

Install

$ npm install passport-google-oauth-jwt

Usage

Configurate Strategy

var GoogleStrategy = require('passport-google-oauth-jwt').GoogleOauthJWTStrategy;

passport.use(new GoogleStrategy({
	clientId: GOOGLE_CLIENT_ID,
	clientSecret: GOOGLE_CLIENT_SECRET
}, function verify(accessToken, loginInfo, refreshToken, done) {
	User.findOrCreate({
		googleEmail: loginInfo.email
	}, function (err, user) {
		return done(err, user);
	});
}));

Authentication Requests

Use passport.authentication(), specifying the 'google-oauth-jwt' strategy, to authenticate requests.

For example, as route middleware in an Express application:

app.get('/auth/google', passport.authenticate('google-oauth-jwt', {
	callbackUrl: 'http://localhost:3000/auth/google/callback',
	scope: 'email'
}));

app.get('/auth/google/callback', passport.authenticate('google-oauth-jwt', {
	callbackUrl: 'http://localhost:3000/auth/google/callback'
}), function onAuthenticate(req, res) {
	// Successful authentication, redirect home
	res.redirect('/');
});

Examples

For a complete, working example, refer to the example.

$ npm install
$ npm start

Tests

$ npm install
$ npm test

License

The MIT License