问题描述

我在nodejs应用程序中使用Passport.js和passport-google-oauth20来通过"Google策略"进行身份验证.我刚从Google收到一封电子邮件，表明我使用了Google+ API的"plus.people.get"，因此将不推荐使用.我应该改变点什么吗?我不直接使用此API调用，但是Passport可以吗?

I use Passport.js and passport-google-oauth20 in my nodejs aplication for authenticating with a "Google Strategy".I just received an email from Google indicating that I use "plus.people.get" from the Google+ API and that it will be deprecated.Should I change something? I do not use directly this API call but maybe Passport does?

推荐答案

是的，Passport的Google OAuth策略当前使用Google+ API端点来检索用户的个人资料信息.

Yes the Google OAuth strategy for Passport currently uses the Google+ API endpoints for retrieving the user's profile information.

如果您在 https://console.developers.google上的Google控制台上禁用了Google+ API集成.com/apis/dashboard ，则Google的登录将不适用于您的应用程序.从Google传回的错误包含以下消息:

If you disable the Google+ API integration from Google console on https://console.developers.google.com/apis/dashboard then the sign-in with Google will not work for your application. The error received back from Google contains this message:

要在禁用Google+ API的情况下使您的应用正常运行，您必须使用以下策略选项:

In order for your application to work properly having Google+ API disabled, you have to use this strategy option:

userProfileURL: 'https://www.googleapis.com/oauth2/v3/userinfo'

像这个例子:

var GoogleStrategy = require('passport-google-oauth20').Strategy;

passport.use(new GoogleStrategy({
    clientID: GOOGLE_CLIENT_ID,
    clientSecret: GOOGLE_CLIENT_SECRET,
    callbackURL: "http://www.example.com/auth/google/callback",
    userProfileURL: 'https://www.googleapis.com/oauth2/v3/userinfo'
  },
  function(accessToken, refreshToken, profile, cb) {
           ...
  }
));

这篇关于Google+末尾是否弃用了Passport.js中的Google策略?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！