-
-
Notifications
You must be signed in to change notification settings - Fork 327
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Can't access "expires_in" parameter #23
Comments
There's a 5-argument form of the verify callback, like this:
As to your SO question, Passport doesn't use the access token or refresh token in any way, except to fetch the user profile. If you want to use the refresh token to obtain a new access token, you'll need to do that in your backend processes. |
Thanks Jared! Just made my friday evening. |
I'm trying to get a refreshToken back, but so without luck. I've configured both passport.use(new GoogleStrategy({
clientID: GOOGLE_CLIENT_ID,
clientSecret: GOOGLE_CLIENT_SECRET,
callbackURL: CALLBACK_URL,
scope: ['profile', 'email', 'https://www.googleapis.com/auth/calendar'],
accessType: 'offline',
approvalPrompt: 'force'
},
function(accessToken, refreshToken, params, profile, done) {
// PROBLEM: refreshToken is undefined
profile.auth = {
accessToken: accessToken,
refreshToken: refreshToken,
params: params
};
return done(null, profile);
}
)); What am I overlooking? |
👍 |
I figured out what I did wrong: instead of configuring the Here is a full example that gives a var express = require('express');
var cookieParser = require('cookie-parser');
var session = require('express-session');
var passport = require('passport');
var GoogleStrategy = require('passport-google-oauth').OAuth2Strategy;
var argv = require('yargs').argv;
var PORT = 8082;
var GOOGLE_CLIENT_ID = argv.GOOGLE_CLIENT_ID;
var GOOGLE_CLIENT_SECRET = argv.GOOGLE_CLIENT_SECRET;
var app = express();
app.use(cookieParser());
app.use(session({
secret: 'keyboard cat',
resave: true,
saveUninitialized: true
}));
app.use(passport.initialize());
app.listen(PORT);
console.log('Server listening at http://localhost:' + PORT);
passport.use(new GoogleStrategy({
clientID: GOOGLE_CLIENT_ID,
clientSecret: GOOGLE_CLIENT_SECRET,
callbackURL: 'http://localhost:' + PORT + '/auth/callback',
scope: ['profile', 'email']
},
function(accessToken, refreshToken, params, profile, done) {
console.log('accessToken', accessToken);
console.log('refreshToken', refreshToken);
console.log('params', params);
console.log('profile', profile);
return done(null, profile);
}
));
app.get('/', function (req, res) {
if (req.session.user) {
res.send('<html><body><pre>' +
JSON.stringify(req.session.user._json, null, 2) +
'</pre></body></html>')
}
else {
res.send('<html><body><a href="/auth">Login</a></body></html>')
}
});
app.get('/auth',
passport.authenticate('google', {
session: false,
accessType: 'offline',
approvalPrompt: 'force'
}));
app.get('/auth/callback',
passport.authenticate('google', { session: false, failureRedirect: '/' }),
function(req, res) {
req.session.user = req.user;
res.redirect('/');
}); |
i am able to get the refresh token but it is not a valid refresh token when i try to using it to fetch a new access token using the token api of google its responding invalid refresh token refresh token is not valid. passport.use(new GoogleStarategy({
clientID: process.env.GOOGLE_AUTH_CLIENTID,
clientSecret: process.env.GOOGLE_AUTH_CLIENT_SECRET,
accessType: 'offline',
callbackURL: uris.GOOGLE_CALLBACK_URL,
}, async (accessToken, refreshToken, params, profile, cb) => {
console.log({refreshToken})
return cb(null, result)
}));
authRoutes.route('/login/google').get(passport.authenticate('google', {
scope: ["profile", "email"],
session:false,approvalPrompt:
'force',accessType: 'offline'}));
authRoutes.route('/google/callback').get(passport.authenticate('google', {
session:false,
failureMessage: 'cannot login please try agin later',
failureRedirect: uris.FAILURE_GOOGLE_LOGIN_URL,
successRedirect: uris.SUCCESS_GOOGLE_LOGIN_URL
}), (req,res) => {
// console.log("callback",req)
// res.send().json(req)
}); |
Unless I'm missing something, in addition to an access token, a refresh token, and a profile the verify function should also have expires_in as a parameter.
From https://developers.google.com/accounts/docs/OAuth2UserAgent#handlingtheresponse
"Other parameters included in the response include expires_in and token_type. These parameters describe the lifetime of the token in seconds, and the kind of token that is being returned."
The text was updated successfully, but these errors were encountered: