Get access token on server side javascript (nodejs) using google authorization code received from client side
Google APIs Node.js Client library offers oauth2Client.getToken(code, cb)
which gives access token (and optionally refresh token) in exchange of the authorization code :
oauth2Client.getToken(code, function (err, tokens) {
// Now tokens contains an access_token and an optional refresh_token. Save them.
if (!err) {
oauth2Client.setCredentials(tokens);
}
});
An official example is available at https://github.com/google/google-api-nodejs-client/tree/master/samples which includes oauth2.js
, an helper for the oauth part
You can also find a complete example on this site by Paul Shan, it's a nodejs example using Google APIs Node.js Client. Edit ClientId
and ClientSecret
, run this sample and go to http://127.0.0.1:8081
var http = require('http');
var express = require('express');
var Session = require('express-session');
var google = require('googleapis');
var plus = google.plus('v1');
var OAuth2 = google.auth.OAuth2;
const ClientId = "YOUR_CLIENT_ID";
const ClientSecret = "YOUR_CLIENT_SECRET";
const RedirectionUrl = "http://localhost:8081/oauthCallback";
var app = express();
app.use(Session({
secret: 'raysources-secret-19890913007',
resave: true,
saveUninitialized: true
}));
function getOAuthClient() {
return new OAuth2(ClientId, ClientSecret, RedirectionUrl);
}
function getAuthUrl() {
var oauth2Client = getOAuthClient();
// generate a url that asks permissions for Google+ and Google Calendar scopes
var scopes = [
'https://www.googleapis.com/auth/plus.me'
];
var url = oauth2Client.generateAuthUrl({
access_type: 'offline',
scope: scopes,
//use this below to force approval (will generate refresh_token)
//approval_prompt : 'force'
});
return url;
}
app.use("/oauthCallback", function(req, res) {
var oauth2Client = getOAuthClient();
var session = req.session;
var code = req.query.code;
oauth2Client.getToken(code, function(err, tokens) {
console.log("tokens : ", tokens);
// Now tokens contains an access_token and an optional refresh_token. Save them.
if (!err) {
oauth2Client.setCredentials(tokens);
session["tokens"] = tokens;
res.send(`
<html>
<body>
<h3>Login successful!!</h3>
<a href="/details">Go to details page</a>
<body>
<html>
`);
} else {
res.send(`
<html>
<body>
<h3>Login failed!!</h3>
</body>
</html>
`);
}
});
});
app.use("/details", function(req, res) {
var oauth2Client = getOAuthClient();
oauth2Client.setCredentials(req.session["tokens"]);
var p = new Promise(function(resolve, reject) {
plus.people.get({ userId: 'me', auth: oauth2Client }, function(err, response) {
console.log("response : ", response);
resolve(response || err);
});
}).then(function(data) {
res.send(`<html><body>
<img src=${data.image.url} />
<h3>Hello ${data.displayName}</h3>
</body>
</html>
`);
})
});
app.use("/", function(req, res) {
var url = getAuthUrl();
res.send(`
<html>
<body>
<h1>Authentication using google oAuth</h1>
<a href=${url}>Login</a>
</body>
</html>
`)
});
var port = 8081;
var server = http.createServer(app);
server.listen(port);
server.on('listening', function() {
console.log(`listening to ${port}`);
});
Related videos on Youtube
Nishan
Updated on September 15, 2022Comments
-
Nishan over 1 year
i have gone through this documentation :- https://developers.google.com/identity/sign-in/web/server-side-flow
At the last step it receives the authorization code and after that it shows the example of receiving access token and refresh token using java or python libraries, but i cant find any similar example in nodejs. How can i replicate the same example using nodejs? Can't i just send a post or get request to some google oauth api and receive the access token using authorization code?
Thanks in advance :)
-
ngLover over 5 yearscan you reply on this thread? stackoverflow.com/questions/52727646/…
-
KidBilly over 5 yearsOr this one? stackoverflow.com/questions/54097179/…
-
Caleb Gates about 5 yearsI received "Cannot read property 'OAuth2' of undefined" which I fixed by adding {} to google.
var {google} = require('googleapis');
per examples found in googles documentation. github.com/googleapis/google-api-nodejs-client -
Jahir over 3 yearsI am getting a 400 response with 'invalid_grant'
-
James Batchelor about 2 yearsI had to change
app.use("/path", ...)
toapp.get
for it to work