Google authentication for website using oAuth2.0 - node.js

I'm new to the concept of maintaining user accounts in a website. I read from this Google developers page that Google provides an authentication and an authorization service. I'm only interested in maintaining accounts on my website that users can log into using their Google account username and password. I have an Express.js server.
I've spent hours reading about this online and stumbled upon one thing: the passport-google-oauth module can be used to do this. But I was unable to find how to get this working with the latest version of Express. Please help.
I would also like to know how to create a project on the Google Developers Console so that the users do not need Google+ accounts to use oauth2 (to get the Client id and secret).

Related

Unable to setup Custom Scan using Web Security Centre Google Account Authentication in GCP

I am trying to setup Web Security Centre for my Google AppEngine App.
I tried using Google as well as Non-Google Account for Authentication where I provided Username and Password but it errors out saying
Could not sign in using the provided username and password
I tried below things:
Tried creating a test account vikash-security#gmail.com (in compliant with google naming convention) in my gmail and using the same for authentication. (this user had same domain name as my company's)
Created a test user with different domain name and used it for the authentication.
Both the above users have access to my Google App.
Both of the way did not work and throws the same error. Can anyone help me out with the same?
Google enforces a real name policy on G+ accounts. Your test account may be blocked from G+ if the name does not look real. at [1]. It will only work if the Google account you provided should have been G+ verified (with proper G+ setup), but still need to retry after the first failed attempt and it eventually will work.
There are few issues related to this and if this is a bug it will be resolved soon.
I raised this concern with the Google support team and got to know that there was issue from their end and they got this fixed and now my web security custom scan is working with non-google authentication.

Ability for Admin to Link Social Media to a User's Account

I'm faced with the current dilemma. My application flow is as follows:
Admin logs in
Has to select a list of clients
The selected Client data is then loaded in
Admin should now be able to Link Facebook, for example, to that
client's account with their credentials on a click of a button. Same
would apply for other social media accounts that the user has. The
reason that's important is the app then goes and fetches data from
their social media, such as Facebook Insights.
Is there a way I could achieve is ? I was thinking maybe Auth0 but I had a look on their documentation and it seems I could do it but only if Admin was the one linking his own social media account to his account. Can't really see a way where he could link other accounts to the Client's account currently selected.
I'm working with a React-Redux, Express and MongoDB app.
Even a push in the direct direction would be greatly appreciated.
This is certainly achievable using Auth0 - take a look at the Link Accounts API (User) - you want to use the second option using an API v2 token
See sample here that illustrates how this might work using Node.js.
You could possibly rework this to your technology stack pretty easily. Since you are using a Management Token you'd want that to remain server side (Express) and the react/redux app could make ajax calls via the Express Server side component - which in turn calls out to the Auth0 endpoint to perform the user search / linking actions.

using OAuth in node application

I am developing an application which is only going to be required to be used by a few people within the organisation. It is being developed using Yeoman and expressJS.
What i need to do is only authenticate a few users to use their google accounts as they require access to google calendars etc which they currently share within their organisation. The only difference is that it will be used within the application.
The users will need to login but trying to find out how i can use their google accounts to login and colloborate?
I only want to limit it to certain users.
Hope someone can assist.
Regards
Passport.js is a popular choice of authentication/authorisation library. You can easily integrate it with express. It has a strategy for google account using OAuth as passport-google-oauth.
I have never used it, but it seems very straightforward.
If you have ever used the google API the examples seem easy to understand.
https://github.com/google/google-api-nodejs-client/

How to programmatically login to a site that uses Google as auth

I'm currently trying to figure out how to log in to a Jabbr site with a NodeJS that only authenticates with Google accounts.
Is there some simple way to do this? I've tried using the njabbr package but it doesn't currently doesn't support Google authentication. Most of what I've googled was about implementing login on a server and I've looked into google-api-nodejs-client but it doesn't make much sense to me when all I want to do is to log in with a client.

Access Google Apps Mail

I have to build an web-app for Google Apps market place where my app would enable Google Apps user to access and backup their Google Apps email to my server.
While I have a good knowledge with PHP and etc, with no prior knowledge to Google Apps development, I have been reading developers.google.com documentation since last couple of days and everything seems to start confusion with each-other now with SAML, Oauth2, OpenId, SSO etc, and Google Apps Mail and Gmail itself. So far, I have done helloworld app from the documentation that accesses the calendar and uses SSO for it.
I wish if you could point me to the right direction about how I should proceed to accessing the mail of the Google Apps user.
Since you wish to use the Google Apps Marketplace, you'll want to use 2-legged OAuth 1.0 with your application. OAuth 1.0 is officially deprecated but it's still the only supported authentication method to Google Accounts for the Marketplace.
Instructions for authenticating to Gmail IMAP via 2-legged OAuth 1.0 are available at:
https://developers.google.com/gmail/oauth_protocol
Seems like you are in the right place already - if you are going through the main developers.google.com documentation, that's where it should be.
I have had a look through their documentation, and found this though: Mail PHP API Overview
A quote from the above link/documentation:
App Engine applications can send email messages on behalf of the app's
administrators, and on behalf of users with Google Accounts. Apps can
receive email at various addresses. Apps send messages using the Mail
service and receive messages in the form of HTTP requests initiated by
App Engine and posted to the app.
More information:
Getting Started - Introduction - Google App Engine
Tutorial - Hello, World! - Google App Engine
Installing the PHP SDK - Google App Engine
EDIT
As I mentioned in the comments below, after further searching, I found this documentation for Google Data Apps APIs which should be helpful (the page currently 404s, but I've sent off a message to Google, so hopefully it should be fixed soon).
There is also a depreciated version of OAuth 1.0 that you could use to authenticate Gmail with IMAP/SMTP, using standard "three-legged" or non-standard "two-legged" OAuth.

Resources