Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Missing scope error on Google authentication callback using Node.js/Passport

This error occurs on Heroku (production) only, not on local. I have tried both:

passport.authenticate('google', { scope: 'https://www.googleapis.com/auth/plus.login https://www.googleapis.com/auth/analytics.readonly' })

And,

passport.authenticate('google', { scope: ['profile', 'email'] })

Whether the scope is an array, or a space-delimited string.

When I go to the Google authentication link, scope IS in the URL. There is no difference in the one generated in my live production app.

But I still get:

Error 400

Error: invalid_request

Missing required parameter: scope
like image 510
Gary Avatar asked Feb 20 '15 13:02

Gary


People also ask

What does passport authenticate () do?

In this route, passport. authenticate() is middleware which will authenticate the request. By default, when authentication succeeds, the req. user property is set to the authenticated user, a login session is established, and the next function in the stack is called.

Should I use passport JS for authentication?

Passport is a popular, modular authentication middleware for Node. js applications. With it, authentication can be easily integrated into any Node- and Express-based app. The Passport library provides more than 500 authentication mechanisms, including OAuth, JWT, and simple username and password based authentication.

What is Passport authentication in node JS?

Passport is authentication middleware for Node.js. Extremely flexible and modular, Passport can be unobtrusively dropped in to any Express-based web application. A comprehensive set of strategies support authentication using a username and password, Facebook, Twitter, and more.


1 Answers

I take it you are using the Passport Google OAuth, not just the Passport Google (OpenId) module?

If you are using the OAuth passport, the authentication with Google requires an extra scope parameter.

Pass as a string, you must pass 'openid' as the 1st word, eg: For example, if you wanted per-file access to a user’s Google Drive,

openid profile email https://www.googleapis.com/auth/drive.file

Source(s):

https://developers.google.com/identity/protocols/OpenIDConnect#scope-param https://developers.google.com/+/api/oauth#login-scopes

like image 183
Sharry Avatar answered Oct 12 '22 04:10

Sharry