Adds options for online access and no prompts on future access when logging in via Google

[ddrager]

Under existing code, you can not set certain options for the oAuth client as they are hard coded in this library. Specifically, access_type = online and approval_prompt = force. This forces the client to accept offline access every time they try to log in via Google (via this library).

The changes allow these settings to be specified in the options.

var opts = {
  REDIRECT_URL: '/googleauth', // must match google app redirect URI from step 2.8
  handler: require('./google_oauth_handler.js'), // your handler
  access_type: 'online', // options: offline, online
  approval_prompt: 'auto', // options: always, auto
  scope: 'https://www.googleapis.com/auth/plus.profile.emails.read' // ask for their email address
};

It also allows you to pass the google client IDs via the options, which I think is a more transparent way to do this. You could specify:

var opts = {
  REDIRECT_URL: '/googleauth', // must match google app redirect URI from step 2.8
  google_client_id: process.env.GOOGLE_CLIENT_ID,
  google_client_secret: process.env.GOOGLE_CLIENT_SECRET,
  handler: require('./google_oauth_handler.js'), // your handler
  access_type: 'online', // options: offline, online
  approval_prompt: 'auto', // options: always, auto
  scope: 'https://www.googleapis.com/auth/plus.profile.emails.read' // ask for their email address
};

[ddrager]

Looks like test fails because no .env file for GOOGLE_ secrets.

[nelsonic]

@ddrager thanks for creating this PR to open the discussion around the feature. 👍 We need to investigate why the tests are failing on CI.

[ddrager]

It looks to be failing because there is no .env in the repo for the test to complete. Should I create a default test google credentials to get this to pass without them?

I think it would fail the test right now without the pull request.

[nelsonic]

@ddrager thanks for checking. we can easily test if the existing build fails (before this PR) by re-running the last-stable build on Travis... https://travis-ci.org/dwyl/hapi-auth-google/builds/153042416

1. Locate the last stable build:

2. Re-start the last stable build on master

3. Confirm build still passes:

@ddrager it appears that the existing master still passes when we re-run the build...

[nelsonic]

@ddrager were you able to get this running on your localhost?

[ddrager]

Yes, this is all running locally fine.

I think the issue is that there is no ability to set the environmental variables for me. I see on your (successful) Travis build they are set:

Setting environment variables from repository settings
$ export PORT=8000
$ export GOOGLE_CLIENT_ID=[secure]
$ export GOOGLE_CLIENT_SECRET=[secure]
$ export JWT_SECRET=[secure]

But in mine they are not:

Setting environment variables from repository settings
$ export PORT=8000

I am not sure how to change the repository settings on Travis or perhaps I do not have proper permissions to do so, in order to run the test successfully.

[nelsonic]

@ddrager ah... I see... Travis-CI have updated their system to only allow "secure" environment variables to be loaded by people who are members of an organisation... dang...! let's see if we can fix this.

[nelsonic]

@ddrager this looks good. I'm going to merge it in despite the fact that Travis-CI is failing (because of the environment variables) and Codecov will give lower branch coverage because of the conditional execution branches... I will release a new version of the plugin with your changes shortly. thanks again for the PR with this improvement! 👍

[nelsonic]

@ddrager your changes/improvements have been published in hapi-auth-google@16.0.0 on NPM.