CODEWITHSUNDEEP
passport.jsactions-on-google
Muhammad Zumair
Muhammad Zumair

Reputation: 303

Account Linking with my own OAuth server in Actions on Google

I am using "OAuth and Google Sign-In" and "Authorization code flow" in Account Linking of my actions on google app. I have written my own server using Passport js with the implementation of Google authentication in it and deployed it to Heroku. I tested it in the Browser and it works fine and successfully provide Access Token and Refresh Token, but the problem I am facing is when I integrate it with my action on google app it perform the authentication correctly and did not send the accessToken back to my app, I did not understand what should I put in the "Token URL" field. below is the code of server.

passport.use(new GoogleStrategy({
    // authorizationURL: 'https://accounts.google.com/o/oauth2/auth',
    // tokenURL: 'https://www.googleapis.com/oauth2/v3/token',
    clientID: keys.googleClientID,
    clientSecret: keys.googleClientSecret,
    callbackURL: '/auth/google/callback'
  },
  (accessToken, refreshToken, profile, done) => {
    return done(null, {
      token: accessToken
    })
  }
));

app.get(
  '/auth/google',
  passport.authenticate('google', {
    scope: ['profile', 'email']
  })
);

app.get('/auth/google/callback',
  passport.authenticate('google', {
    failureRedirect: '/login'
  }),
  function(req, res) {
    console.log(req.user.token)
    res.send(req.user.token)
  });

app.get('/', (req, res) => {
  res.send('<h1>Hello express</h1>');
});

and here is the client information of my Google Assistant app. enter image description here

Upvotes: 2

Views: 412

Answers (1)

Prisoner
Prisoner

Reputation: 50701

While I don't know for sure, it looks like you have mixed up your Authorization URL and your Token URL.

The Authorization URL is one where users will be presented a login screen and will ultimately redirect to the Redirect URI at Google with a temporary auth code.

Google will take the auth code and call your Token URL to get the auth token and refresh token. Later, it will also use this URL to exchange the refresh token for a new auth token.

Generally, passport.js is used to create a login screen for an OAuth service, which is the opposite of what the Assistant needs. So it isn't clear why you're using it.

It also isn't clear why you're using OAuth at all if you are just expecting the user to log into their Google account to get their profile and email - you can get this using Google Sign In for Assistant.

Even if you need additional scopes to access other Google resources, Google Sign In for Assistant is likely the way to go. See https://stackoverflow.com/a/50932537/1405634

Upvotes: 1

Related Questions