Google OAuth With Node.js — Without Passport

In this post, you will learn how OAuth integrations work and specifically how you can set up a Google OAuth integration with your own Node.js application.

GitHub repository: https://github.com/tomanagle/google-oauth-tutorial

Note: This guide does not use Passport

How does OAuth work?

Setting up an OAuth integration for the first time can be a little confusing. Luckily, most OAuth integrations, including Google, follow the same flow:

  1. Provide the user with a link to the authentication system that includes what data you’d like the user to give your application access to (scopes), your client ID, and a redirect URL
  2. When the user clicks the link and grants access to your application, they will be redirected back to your application with a security code in the query string
  3. The security code is sent to your application’s server
  4. Your application’s server uses the security code, client ID, and client secret to request an access token & bearer token
  5. The access token and bearer token are used to fetch the user’s profile information on their behalf
  6. The profile information can be used to either verify them against an existing user in your system or create a new user
  7. You finally issue the user a token that will work with your authentication system, probably a JWT

Configuring Google OAuth

This guide uses the googleapis package and provides alternitives for those that do not want to use the package. My suggestion: if you already have thew googleapis package installed, use it. If you do not already have it installed in your application, use the alternitive functions.

The guide will construct a new instance of OAuth and then use two methods from the

  1. Setup a Google OAuth 2.0 application in the developer console
  2. Install the googleapis package
    yarn add googleapis or npm i googleapis
  3. Configure a new Google OAuth 2.0 client

4. Create a function to get the auth URL

If you prefer not to use the googleapis package, use the function below. It will return the same string as above. After you have the URL, you can add it to your client application and remove this function altogether.

When the user clicks the link generated by the function above, they will give permission to your application and be redirected to the URL that you specified as the 3rd argument in oauth2Client.

5. Create a function that fetches the bearer token with the code, then fetches the user’s profile.

The above function calls the getToken method from the googleapis package. If you are not using the googleapis package, use the below function to fetch the required id_token and access_token.

6. Now that we have the user’s profile information, we can write a function that will check if the user exists, create them if they don’t, and issue a JWT.

How you do this part will depend on your authentication system and database.

To see a complete working version of the code, along with other OAuth integrations, you can clone my NextJS, NestJS GraphQL starter pack: https://github.com/tomanagle/NextJS-NestJS-GraphQL-Starter

GitHub repository: https://github.com/tomanagle/google-oauth-tutorial

Video guide

Documentation

Using OAuth 2.0 to Access Google APIS: https://developers.google.com/identity/protocols/oauth2

googleapis NPM package: https://www.npmjs.com/package/googleapis

Update 31/01/2010 — Added alternative code so you don’t ned to use the googleapis package.

I am a full stack JavaScript developer, living in Melbourne, Australia. My preferred stack is Mongoose, TypeScript, Node.js, React & GraphQL.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store