Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Missing scope error on Google authentication callback using Node.js/Passport

Tags:

javascript

node.js

heroku

passport.js

This error occurs on Heroku (production) only, not on local. I have tried both:

passport.authenticate('google', { scope: 'https://www.googleapis.com/auth/plus.login https://www.googleapis.com/auth/analytics.readonly' })

And,

passport.authenticate('google', { scope: ['profile', 'email'] })

Whether the scope is an array, or a space-delimited string.

When I go to the Google authentication link, scope IS in the URL. There is no difference in the one generated in my live production app.

But I still get:

Error 400

Error: invalid_request

Missing required parameter: scope
like image 510
Gary Avatar asked Feb 20 '15 13:02

Gary

People also ask

What does passport authenticate () do?

In this route, passport. authenticate() is middleware which will authenticate the request. By default, when authentication succeeds, the req. user property is set to the authenticated user, a login session is established, and the next function in the stack is called.

Should I use passport JS for authentication?

Passport is a popular, modular authentication middleware for Node. js applications. With it, authentication can be easily integrated into any Node- and Express-based app. The Passport library provides more than 500 authentication mechanisms, including OAuth, JWT, and simple username and password based authentication.

What is Passport authentication in node JS?

Passport is authentication middleware for Node.js. Extremely flexible and modular, Passport can be unobtrusively dropped in to any Express-based web application. A comprehensive set of strategies support authentication using a username and password, Facebook, Twitter, and more.

1 Answers

I take it you are using the Passport Google OAuth, not just the Passport Google (OpenId) module?

If you are using the OAuth passport, the authentication with Google requires an extra scope parameter.

Pass as a string, you must pass 'openid' as the 1st word, eg: For example, if you wanted per-file access to a user’s Google Drive, 

openid profile email https://www.googleapis.com/auth/drive.file

Source(s):

https://developers.google.com/identity/protocols/OpenIDConnect#scope-param https://developers.google.com/+/api/oauth#login-scopes

like image 183
Sharry Avatar answered Oct 12 '22 04:10

Sharry
Sign in to Comment

Related questions

Google chrome Upload Speed vs Firefox
(Webpack) How to chunk dynamic module dependencies
Is JavaScript compiled to machine code when executed in a Web Browser Environment?
Migrating from Webpack 1.x to 2.x
Using `instanceof` on objects created with constructors from deep npm dependencies
Apollo Client (React): Handling unexpected errors
Automatic swimlane layout in mxgraph
Electron GUI with C# backend
Can Axios differentiate between "no network" and "network disconnected"
Stitch images and data from coupled microscopy/spectroscopy into panoramic in Photoshop or R
use `mapActions` or `mapGetters` with Vuex 4 and Vue 3
Sharing a typescript library in a monorepo
Add a link stylesheet dynamically in the <head> [closed]
How to detect HTTP status from JavaScript
Algorithm to get changes between two arrays
lightweight alternative to jquery-ui autocomplete plugin? [closed]
Trigger/invoke a Chrome extension from a web page
How to use id-aes256-GCM with Node.JS crypto? "TypeError: DecipherFinal fail"
Clone element with all its events
Storing large file in chromecast memory

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!