I'm creating a project in html and javascript connecting to NodeJS backend, both on the same origin, and I need to check if I can use google auth api (gsi) for authentication. I based my code on the documented info found here.
I've implemented the below code in index.html page:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Google Signin</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta2/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-BmbxuPwQa2lc/FVzBcNJ7UAyJxM6wuqIj61tLrc4wSX0szH/Ev+nYRRuWlolflfl" crossorigin="anonymous">
</head>
<body class="container">
<div class="row mt-5">
<div class="col-sm-6">
<h1>Google Signin</h1>
<hr>
<br>
<!-- TODO: Colocar el Client ID de la cuenta -->
<div id="g_id_onload"
data-client_id="xxxxxxxxx"
data-callback="handleCredentialResponse"
data-auto_prompt="false"
data-auto_select="true">
</div>
<div class="g_id_signin"
data-type="standard"
data-size="large"
data-theme="outline"
data-text="sign_in_with"
data-shape="rectangular"
data-logo_alignment="left">
</div>
<button id="g_id_signout">Sign Out</button>
</div>
</div>
<script src="https://accounts.google.com/gsi/client" async defer></script>
<script src="./js/auth.js"></script>
<script>
// this is only for sending google token to the backend for storing
// and to get the user email
function handleCredentialResponse(response) {
const body = { id_token: response.credential }
fetch('http://localhost:8080/api/auth/google', {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify(body)
})
.then( r=> r.json() )
.then( resp =>{
console.log(resp )
localStorage.setItem('email', resp.usuario.correo )
window.location = 'chat.html'
})
.catch( console.warn )
}
const button = document.getElementById('g_id_signout');
button.onclick = async() => {
console.log(google.accounts.id)
google.accounts.id.disableAutoSelect()
google.accounts.id.revoke(localStorage.getItem('email'), done => {
console.log('consent revoked');
localStorage.clear()
location.reload()
});
}
</script>
</body>
</html>When I run the application I can get access to the Google SignIn button and the dialog to choose the account. Console shows the user info got from Google:
Considering I could get signed in, I clicked on sign out button to check this functionality, however I met into this issue:
Error 400 trying to run revoke and message "The specified user is not signed in". I double-checked my Client Id into the google cloud console > Credentials > MyProject > OAuth 2.0 Client Id section. I can't find related info in internet.
Sometimes I get this other error when I try to get signed out:
Thanks for your help.