UNPKG

passport-google-oidc-token

Version:

Google ID token authentication strategy for Passport.

github.com/ChrisEdson/passport-google-oidc-token

ChrisEdson/passport-google-oidc-token

106 lines (105 loc) 3.32 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
import { Request } from 'express'; import { OAuth2Client } from 'google-auth-library'; import { Profile as PassportProfile } from 'passport'; interface StrategyOptions { clientID: string; } export interface Profile extends PassportProfile { id: string; username?: string; name?: { givenName: string; middleName?: string; familyName: string; }; photos: { value: string; }[]; emails: { value: string; verified: boolean; }[]; displayName: string; _json: any; } export interface StrategyOptionsWithRequest extends StrategyOptions { passReqToCallback: true; } declare type Info = { message: string; }; declare type DoneCallback = (error: Error | null, user: any | undefined, options: Info | undefined) => void; declare type VerifyArgs = [ idToken: string, profile: Profile, doneCallback: DoneCallback ]; export declare type VerifyFunction = (...args: VerifyArgs) => void; export declare type VerifyFunctionWithRequest = (req: Request, ...args: VerifyArgs) => void; /** * `GoogleOIDCTokenStrategy` constructor. * * The Google OIDC token strategy authenticates using the Google Auth Library * * Applications must supply a `verify` callback which accepts an `accessToken`, * `refreshToken` and service-specific `profile`, and then calls the `cb` * callback supplying a `user`, which should be set to `false` if the * credentials are not valid. If an exception occurred, `err` should be set. * * @param {Object} options * @param {Function} verify * @example * passport.use(new GoogleOIDCTokenStrategy( * { * clientID: '123456789', * }, * (accessToken, refreshToken, profile, cb) => { * User.findOrCreate({ googleId: profile.id }, cb); * } * ); */ export default class GoogleOIDCTokenStrategy { client: OAuth2Client; clientId: string; name: string; _verify: VerifyFunction | VerifyFunctionWithRequest; _passReqToCallback: boolean; error: (err: Error | unknown) => void; fail: (info: Info | undefined) => void; success: (user: any, info: Info | undefined) => void; constructor(options: StrategyOptionsWithRequest, verify: VerifyFunctionWithRequest); constructor(options: StrategyOptions, verify: VerifyFunction); /** * Authenticate request using Google Auth Library * @param {Object} req */ authenticate(req: Request): Promise<void>; /** * This method handles searhing the value of provided field in body, query, and header. * * @param {Object} req http request object * @param {String} field * @returns {String} field's value in body, query, or headers */ private lookup; /** * Parse profile. * * Parses user profiles as fetched from Google's OpenID Connect-compatible user * info endpoint. * * The amount of detail in the profile varies based on the scopes granted by the * user. The following scope values add additional data: * * `profile` - basic profile information * `email` - email address * * References: * - https://developers.google.com/identity/protocols/OpenIDConnect * * @param {object} payload * @return {object} */ private static parseProfile; } export {};