Reputation: 49
Authenticating Google Gmail API using access and refresh token
I have searched for an answer to this specifically but can't seem to find it. Apologies if it's a repeat.
I have the access token and the refresh token and want to send the emails using these tokens. The tokens are generated using the passport.js library and I am storing them in the DB along with other profile data. Like this
passport.use(new GoogleStrategy({
clientID: process.env.GOOGLE_APP_CLIENT_ID,
clientSecret: process.env.GOOGLE_APP_CLIENT_SECRET,
callbackURL: process.env.GOOGLE_APP_CALLBACK_URL,
passReqToCallback: true
},(request:any,accessToken: string, refreshToken: string, profile: any, done: any)=>{
//save credentials in database
}));
Now using the access token and the refresh token I want to access the Gmail API. Contrary to the example (https://developers.google.com/gmail/api/quickstart/nodejs) provided by Google. In which they are providing the Oauth client created from executing Oauth2 flow.
What is needed is something like this
const gmail = google.gmail({version: 'v1', auth:{accessToken,refreshToken});
Upvotes: 0
Views: 3134
Answers (1)
Reputation: 3725
In summary: Pretty much what DalmTo said in his comment. You need to also add the client ID, secret and redirect URL.
Explanation: It may be a little hard to see but the sample that you provided does show how to authenticate with locally stored information. I'll try to simplify it.
The most relevant parts are under the authorize() function:
//first create a google.auth.OAuth2 object
//for this you still have to use your app's client_id, client_secret and redirect_uri
const oAuth2Client = new google.auth.OAuth2(
client_id, client_secret, redirect_uris[0]);
The sample app creates a token.json file that it uses to reauthenticate. It's just a simple object with the tokens (there are a couple additional fields which I removed since they are not relevant to this):
{
"access_token":"ya29...",
"refresh_token":"1//..."
}
Then the sample shows that you have to call setCredentials() on the oAuth2Client object using this token file that was created.
oAuth2Client.getToken(code, (err, token) => {
if (err) return console.error('Error retrieving access token', err);
oAuth2Client.setCredentials(token);
Then once you have set the credentials to the oAuth2Client object you can use it to authorize the API:
const gmail = google.gmail({version: 'v1', oAuth2Client});
The sample works with a locally stored file, but since you store the tokens in your database in your case it might look more like this:
//get the tokens from somewhere in your database
const tokens = {
"access_token" : ACCESS_TOKEN,
"refresh_token" : REFRESH_TOKEN
}
const oAuth2Client = new google.auth.OAuth2(
process.env.GOOGLE_APP_CLIENT_ID,
process.env.GOOGLE_APP_CLIENT_SECRET,
process.env.GOOGLE_APP_CALLBACK_URL
);
oAuth2Client.setCredentials(tokens);
const gmail = google.gmail({version: 'v1', oAuth2Client});
You'll probably also need to handle reauthorization in case that the refresh token has expired or the user has revoked access but I hope this gives you a general idea.
More info: Google API's Node.js Client
Upvotes: 1
Related Questions
- Google OAuth getting new access token with refresh token
- How to get new access token from refresh token with googleapis npm package
- Getting error on using refreshToken for googleAPI to get new access token
- Gmail API's access token expiration and creation
- Gmail, nodemailer, OATH2 refresh token not working
- Using google oauth2 node library, can't get new access token with refresh token
- Gmail Api access token not changing after expiration - but access still works
- Gmail authentication in NodeJS
- Nodejs Google OAuth API refreshaccesstoken()
- XOAuth2 gmail for client ID, Client Secret and Refresh Token for node mailer