I'm using passport-google-oauth20 with NestJS and I don't understand why the validate method takes access and refresh tokens as arguments. I haven't seen any examples of how to use them. Everything seems to be working fine and the library seems to be doing all the work for me. So what are they for and how can I use them? And how to implement logic related to them ?
Understanding the Purpose of Access and Refresh Tokens in passport-google-oauth20 with NestJS
338 Views Asked by meditativeUser At
1
There are 1 best solutions below
Related Questions in JAVASCRIPT
- Using Puppeteer to scrape a public API only when the data changes
- inline SVG text (js)
- An array of images and a for loop display the buttons. How to assign each button to open its own block by name?
- Storing the preferred font-size in localStorage
- Simple movie API request not showing up in the console log
- Authenticate Flask rest API
- Deploying sveltekit app with gunjs on vercel throws cannot find module './lib/text-encoding'
- How to request administrator rights?
- mp4 embedded videos within github pages website not loading
- Scrimba tutorial was working, suddenly stopped even trying the default
- In Datatables, start value resets to 0, when column sorting
- How do I link two models in mongoose?
- parameter values only being sent to certain columns in google sheet?
- Run main several times of wasm in browser
- Variable inside a Variable, not updating
Related Questions in NESTJS
- Unable to call datastore using GCP service account key json
- Initialise with out constructor
- Method "add a job" is never awaited
- Nest.js can't resolve dependencies of the external library's Reflector dependency
- nestjs , stream question, i dont know my code would synchronization or asynchronous
- How to use interceptors with services in nestjs
- how to serialize body with user role in dto in nestjs
- Nest.js service structure for API integration
- Universal login page appearence changed after I integrated server part
- i got an error for PartialType is not working for updateDto
- FB Developer app , need to create a user_access_token by using server api
- Nest JS TypeORM inject service
- openbim-components with node js
- Typeorm datasource.query() excess parameters
- Nest JS providers mock issue
Related Questions in PASSPORT.JS
- The "local" function in passport.authenticate is not being invoked for some reason
- Unable to save session with passport.js after signing up
- Implementing a login system using react and passport local
- Trouble Sending JWT from Backend to Frontend after Google OAuth Login
- How to solve user.get is not a function error?
- Must the fetch method request correspond to the server side http method
- nestjs Login sessions require session support
- passport-spotify accessToken undefined in session
- Express doesn't redirect to react-router root path after successful MongoDB save - fails silently - how to redirect successfully?
- local Passport and express backend works when using postman but not when using react and react-query frontend
- Error 401 on Angular-NestJs page when refreshing token with Auth0
- NestJS Local Auth Guard always returning 401 Unauthorized
- Google authentication is redirecting to http version of my site
- Nest can't resolve dependencies of the UserService (?). Please make sure that the argument "UserRepository" at index [0]
- After redirection from the server, a 'Cross-Origin Request Blocked' error is encountered in Next 14
Related Questions in PASSPORT-GOOGLE-OAUTH
- Google authentication is redirecting to http version of my site
- i am using google o auth 2 for sign up in my application but after successful login if refresh page i am getting this error, can someone tell me
- how to correctly install tokens for authorization via Google in nestjs
- Trouble Integrating Google OAuth Authentication API Nest using PassportJS with React Frontend
- Can't logout from app that uses Passport.js, passport-google-oauth20
- Unauthorized 401 Error Even When User Being Signed In - Passport-Google-OAuth2
- Google Sign in 2FA verification redirecting to wrong place
- Session parameters are not being persisted in passport js using google strategy
- Callback not redirecting to success route
- Passport JS Google OAuth20 Strategy Typescript Error
- Unknown authentication strategy "google" from using passport
- Google authentication with passport in node.js. How to generate my own jwt token after successful login?
- How to set cookies inside passport-google-oauth callback?
- PassportJS `logout()` request stuck pending
- Google APIs Refresh Token Limitations
Related Questions in NESTJS-PASSPORT
- how to get raw jwt token in passport-jwt @nestjs/passport strategy?
- NestJS passport validate with more options other than user and password
- How to get user data from session passport js?
- NestJS Guard fails, action still executes
- passport strategy is not invoking while using passport-oauth2 in nestjs
- Nestjs BasicStrategy doesnt accept empty password
- NestJS - Passport JWT strategy does not attach user to request object
- NestJS - Multi third party auth provider
- How to pass dynamic configuration values to super method of Passport Bearer Strategy NestJs
- Performace issue with NestJs Application with Scale. Global gurads taking too long to process
- Optimal Authentication Approach for a NestJS, GraphQL, and Vue.js SaaS Application
- NestJS 9.4.0 crashes while creating Fastify app
- what is the difference between AuthGuard('local') and PassportStrategy(Strategy,'local')
- Set a custom request property after successful authentication in passport
- NestJs with GraphQl: Roles Guard req.user is undefined
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
For a basic approach, yeah, that's the case. That's how the passport integrations are generally written.
Just what it sounds like, access to the OAuth server. They are used when you want to get more data from the OAuth source than what the passport strategy has already gotten for you. This could be calendar data, games data, profile pictures, etc if the OAuth grants give you access to those APIs.
Well, it would be pretty silly for an OAuth provider to just hand out a token and say "No matter what, just come with that token and we'll give you some data" wouldn't it? Refresh tokens are for refreshing your access token when the access token expires. Now, refresh tokens expire as well, but usually have a much longer shelf life than access token, think weeks vs hours, but it also all depends on the OAuth provider.
If you don't need more data, don't worry about them, you can safely ignore them, they'll live in memory and be gone before you know it. If you do need more data, take care and properly store them in a database to allow you to get them later.
Also, I'd suggest you read up on OAuth flows, as they'll help make sense of what all these tokens do for you in more depth.