Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Question] send id_token from google js api credential to callback #450

Open
arpu opened this issue Nov 5, 2023 · 7 comments
Open

[Question] send id_token from google js api credential to callback #450

arpu opened this issue Nov 5, 2023 · 7 comments

Comments

@arpu
Copy link

arpu commented Nov 5, 2023

Hi,

tested some options with the newer google api from https://developers.google.com/identity/gsi/web/reference/js-reference?hl=en

the response is jwtToken
credential

How i understand the omniauth-google-oauth2 i need to POST the id_token= the JWToken ?

and set the server option provider_ignores_state: true ( found in the README )

but i get

self.access_token = access_token.refresh! if access_token.expired?
 ^^^^^^^^^: NoMethodError, undefined method `expired?' for nil:NilClass

any idea?

@zquestz
Copy link
Owner

zquestz commented Nov 5, 2023

There is a JS example at:

https://github.com/zquestz/omniauth-google-oauth2/blob/master/examples/config.ru

I believe you will want to pass access_token.

@arpu
Copy link
Author

arpu commented Nov 5, 2023

Hi @zquestz

Thanks, this example just works with the code response from the google

but not with the newer credential
using POST params like

const req = {"access_token": response.credential}

error is :

(google_oauth2) Authentication failure! invalid_credentials: OAuth2::Error, Invalid Value
 {
"error_description": "Invalid Value"
 }

setting the header for axios
axios.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest'; does not change the error

@arpu
Copy link
Author

arpu commented Nov 5, 2023

if i am right the new credentials should be confirmend with

  payload = Google::Auth::IDTokens.verify_oidc(params[:credential], aud: ENV['GOOGLE_CLIENT_ID'])

described in this blog post https://patrickkarsh.medium.com/how-to-add-google-one-touch-authentication-to-a-ruby-on-rails-application-6ac8776c4190

@lhguerra
Copy link

How is this now? Is there a working example of js implementation? Also, the script in the readme is of a legacy google lib that has lost support already
Captura de Tela 2024-08-14 às 16 21 14

@zquestz
Copy link
Owner

zquestz commented Sep 16, 2024

There is no working example right now. Would definitely be open to a PR to update the docs and client side JS implementation.

@lhguerra
Copy link

Please forgive me if I'm getting this wrong, but are you seriously asking the person who can't get it to work to update the docs on how to get it working?

@zquestz
Copy link
Owner

zquestz commented Sep 16, 2024

Please forgive me if I'm getting this wrong, but are you seriously asking the person who can't get it to work to update the docs on how to get it working?

No, just saying the docs could use a new example and letting people who read this thread know it would be nice to get it updated.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants