stackoom
  简体   繁体   中英

How to Login with Google?

 原文  2017-02-09 06:36:13       javascript/ node.js/ oauth-2.0/ google-oauth/ axios

Question

I am trying to implement a google oauth 2.0 login without using any libraries in my Node.js application.

I have created an app on the Google API console with the redirect url as http://localhost:3000 . During login my response_type is code which returns a one-time use code that needs to be exchanged with the token_endpoint as described here . The exchange is done on my node.js server with the following snippet. 

 axios({ url: 'https://www.googleapis.com/oauth2/v4/token', method: 'post', data: { code: code, client_id: sso.clientId, client_secret: sso.clientSecret, redirect_uri: sso.redirect_uri, grant_type: 'authorization_code', } }) .then((response) => { console.log(response.data); }) .catch(function(err) { console.log(err.response.data); });
But this is is sending me back an error response of 

{ "error": "unsupported_grant_type", "error_description": "Invalid grant_type: " }

instead of the user token.

Please help me identify the issue.

I tried doing a POSTMAN query as well with the same payload in the raw with content-type set to application/json , and it gave me the same error.

2 answers

solution1
 0 ACCPTED  2017-02-09 06:47:32

You need to use params in place of your data while making your exchange call through axios, revised block will be like

params: {
    code: code,
    client_id: sso.clientId,
    client_secret: sso.clientSecret,
    redirect_uri: sso.redirect_uri,
    grant_type: 'authorization_code',
}

Hope this helps!

solution2
 0  2022-07-13 20:56:57

If you only need authentication I would use this, no registration needed. https://www.npmjs.com/package/azauth 5 min work , super simple.

solution3
 -1  2017-03-08 05:56:27

NEVER include things like a clientSecret in GET parameters. This can lead to serious security issues !

The google doc is very clear about how to send the data ;

As a POST body - as always in OAuth2 : https://developers.google.com/identity/protocols/OAuth2WebServer - Step 5, REST code sample

They must be sent as a string but in the POST body / data :

The string is the urlencoded parameters like

code=4/P7q7W91a-oMsCeLvIaQm6bTrgtp7&
client_id=your_client_id&
client_secret=your_client_secret&
redirect_uri=https://yourOauth2redirectUrl.example.com/code&
grant_type=authorization_code

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to handle google login for a widget How to implement Google Plus Login API How to login through api from Google Script? How to reproduce google login form effect How to post the 'Username' of a JS google login form? how to set force login to google javascript api? how to use google spreadsheet as login database in blogger? Google Apps Script - how to login and fetch data? google+ login - how to hide the clientid? How do I change the UI after a login with Google Chrome Extensions?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM