Verify Google access token retrieved by Android application with Node.JS server

Question

I am trying to build a client-server application where the client is an Android application and the server is written in Node.JS with Express.JS framework. I am having problem with one of my main functionalities, that is the Login functionality using a Google account to login.

I have read that the best practice is for the client to retrieve the access token offered by Google and send it to the server so that it can be verified and so that it can retrieve information about the user to store it into the database.

My problem is when verifying the access token on the server side. So far I have used 3 different modules, each having a problem.

1. passport-google-id-token [1] this module only verifies the token to see if it is valid or not. It does not retrieve information about the user
2. passport-google-token [2] this module verifies the token and retrieves information about the user. When using this module I am receiving an error at the start of the server when initializing the constructor thus I cannot use this module any further
3. passport-google-plus-token [3] this module returns a 500 error code when trying to verify the token.

My question to you is as follow. Are there any more modules that can verify the access token given by Google and retrieve information about the user? If so which ones?

Thanks

[1] https://www.npmjs.com/package/passport-google-id-token

[2] https://www.npmjs.com/package/passport-google-token

[3] https://www.npmjs.com/package/passport-google-plus-token

Answer 1

I have found the solution by using passport-google-token [1] by importing the GoogleTokenStrategy as described in [2].

[1] https://www.npmjs.com/package/passport-google-token

[2] Node.JS verify Google Authentication token