Skip to content
On this page

Pre-release

You are looking at the website for the fully functional Feathers v5 (Dove) pre-release. Check out what's new, and please let us know about any issues or questions . The current v4 documentation can be found at crow.docs.feathersjs.com.

Google

To enable Google login, add the app id, app secret and scope property to config/default.json:

js
{
  "authentication": {
    "oauth": {
      "google": {
        "key": "<App ID>",
        "secret": "<App Secret>",
        "scope": ["openid"]
      }
    }
  }
}
{
  "authentication": {
    "oauth": {
      "google": {
        "key": "<App ID>",
        "secret": "<App Secret>",
        "scope": ["openid"]
      }
    }
  }
}

According to the documentation of Google: "The scope value must begin with the string openid and then include profile or email or both.".

To also request the email address, add the string "email" to the array of the 'scope' property:

js
{
  "authentication": {
    "oauth": {
      "google": {
        "key": "<App ID>",
        "secret": "<App Secret>",
        "scope": ["openid", "email"],
        "nonce": true
      }
    }
  }
}
{
  "authentication": {
    "oauth": {
      "google": {
        "key": "<App ID>",
        "secret": "<App Secret>",
        "scope": ["openid", "email"],
        "nonce": true
      }
    }
  }
}

The property 'nonce', according to the documentation: "A random value generated by your app that enables replay protection.".

Application client and secret

The client id (App ID) and secret can be acquired by creating a OAuth client ID:

  1. Click on 'OAuth client ID' Creating OAuth client ID - step 1
  2. Select 'web application', fill in the information and click 'Create' Creating OAuth client ID - step 2

Important: Fill in the callback url, in a default Feathers setup it will be /oauth/google/callback.

  1. Replace <App ID> and <App Secret> with the id and secret of the created OAuth client ID application
js
{
  "authentication": {
    "oauth": {
      "google": {
        "key": "<client-id>.apps.googleusercontent.com",
        "secret": "<client-secret>",
        "scope": ["openid", "email"],
        "nonce": true
      }
    }
  }
}
{
  "authentication": {
    "oauth": {
      "google": {
        "key": "<client-id>.apps.googleusercontent.com",
        "secret": "<client-secret>",
        "scope": ["openid", "email"],
        "nonce": true
      }
    }
  }
}

Note: Use the generated credentials of the OAuth client ID.

Note: <client-id> will be replaced by a string similar to 481298021138-hv27glb811ocr7pdon5lsg8hh5a6pgjv.apps.googleusercontent.com.

Note: <client-secret> will be replaced by a string similar to XkWl0witdP4ogeNIgyOi-CeS.

Using the data returned from the Google App through a custom OAuth Strategy

In src/authentication.js:

js
const axios = require('axios');
const { OAuthStrategy } = require('@feathersjs/authentication-oauth');

class GoogleStrategy extends OAuthStrategy {
  async getEntityData(profile) {

    // this will set 'googleId'
    const baseData = await super.getEntityData(profile);

    // this will grab the picture and email address of the Google profile
    return {
      ...baseData,
      profilePicture: profile.picture,
      email: profile.email
    };
  }
}

module.exports = app => {
  const authentication = new AuthenticationService(app);

  authentication.register('jwt', new JWTStrategy());
  authentication.register('local', new LocalStrategy());
  authentication.register('google', new GoogleStrategy());

  app.use('/authentication', authentication);
  app.configure(expressOauth());
};
const axios = require('axios');
const { OAuthStrategy } = require('@feathersjs/authentication-oauth');

class GoogleStrategy extends OAuthStrategy {
  async getEntityData(profile) {

    // this will set 'googleId'
    const baseData = await super.getEntityData(profile);

    // this will grab the picture and email address of the Google profile
    return {
      ...baseData,
      profilePicture: profile.picture,
      email: profile.email
    };
  }
}

module.exports = app => {
  const authentication = new AuthenticationService(app);

  authentication.register('jwt', new JWTStrategy());
  authentication.register('local', new LocalStrategy());
  authentication.register('google', new GoogleStrategy());

  app.use('/authentication', authentication);
  app.configure(expressOauth());
};

Important: googleId, profilePicture and email are properties that should exist on the database model!

Released under the MIT License.