1.6.4 • Published 4 years ago

@jungroup/vue-google-oauth2 v1.6.4

Weekly downloads
7
License
MIT
Repository
github
Last release
4 years ago

vue-google-oauth2

Handling Google sign-in and sign-out for Vue.js applications.

This package is updated to support detection of disabled cookies. This causes issues when users try to login in incognito mode, and the iframe fails to load. This includes an extra flag, cookiesDisabled to check when the plugin is initializing. An external window is used to grab an authCode instead of the regular iframe in these disabled environments, and is passed back in same method outlined below ($gAuth.getAuthCode()).

Forked repo readme:

npm bundle size GitHub vue-google-oauth2

We support TypeScript and Nuxt. 😎 For Vue3 applications, please refer to here

Front-end Demo

Installation

Installation with npm

npm install vue-google-oauth2

Installation with yarn

yarn add vue-google-oauth2

Initialization

//src/main.js
import GAuth from 'vue-google-oauth2'
const gauthOption = {
  clientId: 'CLIENT_ID.apps.googleusercontent.com',
  scope: 'profile email',
  prompt: 'select_account'
}
Vue.use(GAuth, gauthOption)

Please Don't use plus.login scope. It will be deprecated.

Initialization for Nuxt

  1. creates plug-in file for nuxt

    // plugins/vue-google-oauth2.js
    // file name can be changed to whatever you want
    import Vue from 'vue'
    import GAuth from 'vue-google-oauth2'
    
    const gauthOption = {
      clientId: 'CLIENT_ID.apps.googleusercontent.com',
      scope: 'profile email',
      prompt: 'select_account'
    }
    Vue.use(GAuth, gauthOption)
  2. adds plugin to nuxt config file

    ...
    plugins: [
      ...
      './plugins/vue-google-oauth2'
    ],
    
    ...

Options

PropertyTypeRequiredDescription
clientIdStringRequired.The app's client ID, found and created in the Google Developers Console.
scopeStringOptional.Default value is profile email. Full list of scopes.
promptStringOptional.This value using for authCode. The possible values are select_account or consent. Default value is select_account. To get refresh token from auth code, use consent.
fetch_basic_profileBooleanOptional.If set to true, email profile openid will be automatically added as scope. Default value is true.

Methods

PropertyDescriptionType
GoogleAuthreturn of gapi.auth2.getAuthInstance()Object
isAuthorizedWhether or not you have authBoolean
isInitWhether or not api initBoolean
isLoadedWhether or not api init. will be deprecated.Function
signInfunction for sign-inFunction
getAuthCodefunction for getting authCodeFunction
signOutfunction for sign-outFunction

Usages

Getting authorization code

The authCode that is being returned is the one-time code that you can send to your backend server, so that the server can exchange for its own access_token and refresh_token.

The access_token and refresh_token can be saved in backend storage for reuse and refresh. In this way, you can avoid exposing your api key or secret key whenever you need to use various google APIs.

const authCode = await this.$gAuth.getAuthCode()
const response = await this.$http.post('http://your-backend-server-api-to-use-authcode', { code: authCode, redirect_uri: 'postmessage' })

Sign-in: Directly get back the access_token and id_token

const googleUser = await this.$gAuth.signIn()
// googleUser.getId() : Get the user's unique ID string.
// googleUser.getBasicProfile() : Get the user's basic profile information.
// googleUser.getAuthResponse() : Get the response object from the user's auth session. access_token and so on
this.isSignIn = this.$gAuth.isAuthorized

refer to google signIn reference : GoogleUser

Sign-out

Handling Google sign-out

const response = await this.$gAuth.signOut()

Extra - Directly get access_token and refresh_token on Server-side

To get access_token and refresh_token in server side, the data for redirect_uri should be postmessage. postmessage is magic value for redirect_uri to get credentials without actual redirect uri.

Curl

curl -d "client_id=YOUR_CLIENT_ID&\
  client_secret=YOUR_CLIENT_SECRET&\
  redirect_uri=postmessage&\
  grant_type=authorization_code&\
  code=YOUR_AUTH_CODE" https://accounts.google.com/o/oauth2/token

Sample Code

Additional Help

FAQ

The failure of initialization happens

You can check the brower console to check errors which occur during initialization. The most of errors are from inproper setting of google oauth2 credentials setting in Google Developer Console. After changing the settings, you have to do hard refresh to clear your caches.

Type Errors

Follow the documentation provided here to add $gAuth as a property for preventing lint errors.