failed to fetch user profile InternalOAuthError

jaredhanson / passport-google-oauth

Google authentication strategies for Passport and Node.js.

https://www.passportjs.org/packages/passport-google-oauth/?utm_source=github&utm_medium=referral&utm_campaign=passport-google-oauth&utm_content=about

MIT License

776 stars 327 forks source link

failed to fetch user profile InternalOAuthError #91

Open Zane-XY opened 9 years ago

Zane-XY commented 9 years ago

It seems this strategy asks for more scopes than I've specified in:

router.get('/auth/google',
    passport.authenticate('google', {scope: ['email', 'https://mail.google.com/']}),
    function (req, res) {
        // The request will be redirected to Google for authentication, so this
        // function will not be called.
    });

I saw in a related issue, people suggested to enable google+ api in developer console, but in my case, I need user to login using a company managed Gmail (gmail enterprise), it doesn't have a google+ service, this is what google plus returns for my enterprise google account:

Google+ is not available in a (an) organization (xxx.com). Please request this service, contact your administrator to ensure that your organization can use more than one user.

I have no problems login using my personal google account, but it fails when login using enterprise gmail account, is there anyway to disable the google+ scope, it doesn't make sense to force using google+ scope.?

peterbraden commented 9 years ago

As a workaround to fix this you can monkey patch the strategy:

GoogleStrategy.prototype.userProfile = function(token, done) {
  done(null, {})
}

johnzeng commented 9 years ago

You should not require the default 'email', the default 'email' means plus.emails.You can use another scope instead:

app.get('/auth/google',
 passport.authenticate('google', { scope: [
       'https://www.googleapis.com/auth/userinfo.profile',
       'https://www.googleapis.com/auth/userinfo.email'
       ] }),
   function(req, res){
     // The request will be redirected to Google for authentication, so this
     // function will not be called.
   });

This will not ask your user to register a google plus service. But YOU NEED TO ENABLE GOOGLE+ API IN DEVELOPER CONSOLE AS WELL. You got to know that your app need to request for google+ api doesn't means your user have to register google+.I use organization mail ,too, so I think this will help.

markhealey commented 9 years ago

This fixed it for me -- along with waiting a few minutes for the Google Console change to roll out.

YOU NEED TO ENABLE GOOGLE+ API IN DEVELOPER CONSOLE

teebu commented 4 years ago

using this fixed my error:

scope: ['https://www.googleapis.com/auth/plus.login',
            'https://www.googleapis.com/auth/userinfo.email']

NewtonKamau commented 4 years ago

Using this solved my issue

userProfileURL: "https://www.googleapis.com/oauth2/v3/userinfo"

and

app.get("/auth/google", passport.authenticate('google', { scope: ["profile"] }) );

valiantlynx commented 2 years ago

i had the same problem i just continues and wrote the whole code from passports documentation `app.get('/auth/google', passport.authenticate('google', { scope: ['profile'] }));

app.get('/auth/google/callback', passport.authenticate('google', { failureRedirect: '/login' }), function(req, res) { // Successful authentication, redirect home. res.redirect('/'); });` and it works if i dont have the secong app.get() i dont get errors but just pending.

panch8 commented 1 year ago

i had the same issue none of this solutions worked until i reduce my connection speed to mobile 4g, after that problem was solved even returning to fast speed WIFI .... dont undesrtand sincerely. =)