使用NestJS和PassportJS时没有刷新令牌

Question

使用NestJS和PassportJS时没有刷新令牌

oauthpassport.jsgoogle-oauthdropbox-apinestjs

5

我在我的NestJS应用程序中实现了Google和Dropbox身份验证，使用了两种不同的策略。

问题是我永远无法获得refresh_token与access_token一起。我已经尝试从我的Google / Dropbox帐户中删除已授予的应用程序，但没有成功。

import { Injectable } from '@nestjs/common';
import { PassportStrategy } from '@nestjs/passport';
import { Strategy } from 'passport-google-oauth2';
import { AuthService } from './auth.service';
import { OauthUser } from './oauth-user.entity';
import { UserService } from '../user/user.service';
import { ConfigService } from '../config/config.service';
import { CloudProvider } from '../shared/enums/cloud-service.enum';

@Injectable()
export class GoogleStrategy extends PassportStrategy(Strategy, 'google') {

  constructor(private readonly authService: AuthService,
              private readonly userService: UserService,
              private readonly configService: ConfigService) {
    super({
      clientID: configService.get('OAUTH_GOOGLE_ID'),
      clientSecret: configService.get('OAUTH_GOOGLE_SECRET'),
      callbackURL: configService.get('OAUTH_GOOGLE_CALLBACK'),
      passReqToCallback: true,
      scope: ['email', 'profile', 'https://www.googleapis.com/auth/drive.file'],
      accessType: 'offline',
      prompt: 'consent',
      session: false,
    });
  }

  async validate(request: any, accessToken: string, refreshToken: string, oauthUser: OauthUser) {
    console.log('accessToken', accessToken) // <- this one is good
    console.log('refreshtoken', refreshToken) // <- always undefined
    oauthUser.provider = CloudProvider.GOOGLE;
    return this.userService.getOrCreate(oauthUser, accessToken).then(() => {
      return this.authService.getJwtForUser(oauthUser).then(jwt => {
        return { jwt };
      });
    });
  }

}

- Flobesst

1

我无法与Google API通话，但请注意，Dropbox API目前不使用刷新令牌。 - Greg

1个回答

网页内容由stack overflow 提供, 点击上面的

可以查看英文原文，
原文链接

- Данил Дубовик · Accepted Answer

import { Injectable } from '@nestjs/common';
import { PassportStrategy } from '@nestjs/passport';
import { Strategy, VerifyCallback } from 'passport-google-oauth20';

import { IUserProfile } from './interfaces/user.interface';

@Injectable()
export class GoogleStrategy extends PassportStrategy(Strategy) {
  constructor() {
    super({
      clientID: process.env.GOOGLE_CLIENT_ID,
      clientSecret: process.env.GOOGLE_CLIENT_SECRET,
      callbackURL: process.env.GOOGLE_CB_URL,
      scope: ['email', 'profile'],
    });
  }

  authorizationParams(): { [key: string]: string; } {
    return ({
      access_type: 'offline'
    });
  };

  async validate(
    accessToken: string,
    refreshToken: string,
    profile: IUserProfile,
    done: VerifyCallback,
  ): Promise<void> {
    const { emails } = profile;
    console.log(accessToken, refreshToken);
    done(null, {email: emails[0].value, accessToken});
  }
}