Gathering detailed insights and metrics for passport-google-oauth1
Gathering detailed insights and metrics for passport-google-oauth1
Google (OAuth 1.0) authentication strategy for Passport.
Installations
npm install passport-google-oauth1Developer Guide
BETA
Typescript
No
Module System
CommonJS
Node Version
4.2.1
NPM Version
2.14.7
Score
98.4
Supply Chain
98.9
Quality
74.7
Maintenance
100
Vulnerability
100
License
Releases
Unable to fetch releases
Languages
2
JavaScript
Makefile
JavaScript (97.27%)
Makefile (2.73%)
Developer
jaredhanson
Download Statistics
Total Downloads
18,426,135
Last Day
5,092
Last Week
69,996
Last Month
258,041
Last Year
2,631,896
GitHub Statistics
MIT License
5 Stars
14 Commits
1 Forks
4 Watchers
1 Branches
2 Contributors
Updated on Feb 20, 2025
Bundle Size
22.32 kB
Minified
6.89 kB
Minified + Gzipped
Maintainers
1
Package Meta Information
Latest Version
1.0.0
Package Id
passport-google-oauth1@1.0.0
Size
4.61 kB
NPM Version
2.14.7
Node Version
4.2.1
Published on
Feb 04, 2016
Total Downloads
Cumulative downloads
Total Downloads
18,426,135
Dependencies
1
Dev Dependencies
4
DEPRECATED: On April 20, 2015, Google's support for OAuth 1.0 was officially deprecated and is no longer supported. You are encouraged to migrate to OAuth 2.0 and passport-google-oauth20 as soon as possible.
passport-google-oauth1
Passport strategy for authenticating with Google using the OAuth 1.0a API.
This module lets you authenticate using Google in your Node.js applications. By plugging into Passport, Google authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express.
Install
$ npm install passport-google-oauth1
Usage
Create an Application
Before using passport-google-oauth1, you must register your domain with Google.
If you have not already done so, a new domain can be added at Google Accounts.
Your domain will be issued an OAuth Consumer Key and OAuth Consumer Secret,
which need to be provided to the strategy.
Configure Strategy
The Google authentication strategy authenticates users using a Google account
and OAuth tokens. The consumer key and consumer secret obtained when
registering a domain are supplied as options when creating the strategy. The
strategy also requires a verify callback, which receives the access token and
corresponding secret as arguments, as well as profile which contains the
authenticated user's Google profile. The verify callback must call cb
providing a user to complete authentication.
passport.use(new GoogleStrategy({
consumerKey: 'www.example.com',
consumerSecret: GOOGLE_CONSUMER_SECRET,
callbackURL: "http://127.0.0.1:3000/auth/google/callback"
},
function(token, tokenSecret, profile, cb) {
User.findOrCreate({ googleId: profile.id }, function (err, user) {
return cb(err, user);
});
}
));
Authenticate Requests
Use passport.authenticate(), specifying the 'google' strategy, to
authenticate requests.
For example, as route middleware in an Express application:
app.get('/auth/google',
passport.authenticate('google', { scope: 'https://www.google.com/m8/feeds' }));
app.get('/auth/google/callback',
passport.authenticate('google', { failureRedirect: '/login' }),
function(req, res) {
// Successful authentication, redirect home.
res.redirect('/');
});
Examples
Developers using the popular Express web framework can refer to an example as a starting point for their own web applications. The example shows how to authenticate users using Twitter. However, because both Twitter and Google use OAuth 1.0, the code is similar. Simply replace references to Twitter with corresponding references to Google.
Contributing
Tests
The test suite is located in the test/ directory. All new features are
expected to have corresponding test cases. Ensure that the complete test suite
passes by executing:
1$ make test
Coverage
All new feature development is expected to have test coverage. Patches that increse test coverage are happily accepted. Coverage reports can be viewed by executing:
1$ make test-cov 2$ make view-cov
Support
Funding
This software is provided to you as open source, free of charge. The time and effort to develop and maintain this project is dedicated by @jaredhanson. If you (or your employer) benefit from this project, please consider a financial contribution. Your contribution helps continue the efforts that produce this and other open source software.
Funds are accepted via PayPal, Venmo, and other methods. Any amount is appreciated.
License
Copyright (c) 2012-2016 Jared Hanson <http://jaredhanson.net/>
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
Found 1/14 approved changesets -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 1 are checked with a SAST tool
Score
3
/10
Last Scanned on 2025-06-09
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More