stackoom
  简体   繁体   中英

Trying to use Google Oauth2 with Passportjs in Graphql-Yoga Server

 原文  2019-09-08 12:13:30       node.js/ authentication/ passport.js/ graphql-js/ passport-google-oauth

Question

I thought I followed all of the docs correctly to implement this, however, I am getting a TokenError: Bad Request that has the error message invalid_grant .

My server is super simple: 

require('dotenv').config();
import createServer from './createServer';

const passport = require('passport');
const GoogleStrategy = require('passport-google-oauth20').Strategy;

const server = createServer();

passport.use(
  new GoogleStrategy(
    {
      clientID: process.env.GOOGLE_CLIENT_ID,
      clientSecret: process.env.GOOGLE_CLIENT_SECRET,
      callbackURL: 'http://localhost:4000/auth/callback',
    },
    (accessToken, refreshToken, profile, cb) => {
      console.log(accessToken);
      console.log(refreshToken);
      console.log(profile);

      cb(null, profile);
    },
  ),
);

server.express.use(
  '/auth',
  passport.authenticate('google', {
    scope: ['email', 'profile'],
    session: false,
  }),
);

server.express.use(
  '/auth/callback',
  passport.authenticate('google', {
    successRedirect: 'http://localhost:3000/authenticate',
    failureRedirect: 'http://localhost:3000/authenticate',
  }),
);

server.start(
  {
    cors: {
      credentials: true,
      origin: 'http://localhost:3000',
    },
  },
  () => console.log('Server is running on http://localhost:4000'),
);

Is this a problem with the way that I have setup Google in the cloud platform? I can't figure out where I went wrong. My callback is correctly setup. I'm not sure where else to look for a mistake?

Another thing that is confusing is that the GoogleStategy is console logging the user profile and the access token that is returned. I am guessing that the error comes when the callback route tries to verify the code from the URL. Can anyone point me in a direction to look to better troubleshoot this? Thanks in advance.

1 answers

solution1
 0 ACCPTED  2019-09-11 09:46:54

I found a solution that works for me, but I am still unclear if it is "best-practice" or not. I would love someone with more GraphQL experience to chime in.

I followed the directions in the docs to authenticate in the front-end: https://developers.google.com/identity/sign-in/web/backend-auth

Then I wrote a query called isAuthenticated on the back-end that I can use to verify the token. 

async isAuthenticated(_: any, { token }) {
    if(!token) {
      return null;
    }

    const ticket = await client.verifyIdToken({
      idToken: token,
      audience: process.env.GOOGLE_CLIENT_ID,
    });

    return payload;
  },

I use a React component to check the token in localStorage before rendering any protected routes. This is working for me.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Graphql error on subfields with graphql-yoga passportjs google oauth2 strategy Defining a Mutation argument in graphql-yoga Implementing pagination with Mongoose and graphql-yoga Using Prisma GraphQL-Yoga as an Express/Node application: how can I call GraphQL mutations server-side? how to import schema and resolvers in graphql-yoga/node? Is it possible to output logs in JSON format for graphql-yoga? How to setup passport.js with graphql-yoga (prisma) How to implement clean Next.js URL in graphql-yoga Type as property resolves as null with graphql-yoga and prisma
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM