Google OpenID Deprecation

[anasqadrei]

As stated here: https://developers.google.com/accounts/docs/OpenID
Google is deprecating OpenID and OAuth(early version). I think their plans is to migrate to Google+ sign in protocols. Are Google+ protocols supported yet by passportjs?

[matthew-b-payne]

Good question, I was wondering the same thing.

Google's text "
Sign-in services - To simplify sign-in, Google is making the following changes:

• We will no longer support OAuth 2.0 login (early version) on Sept. 1, 2014. (Feb. 2014)
• We have deprecated and will shut down OpenID 2.0 on April 20, 2015, after a migration period. (Feb. 2014)
• We have closed registration to new clients of OpenID 2.0 and OAuth 1.0 in May 2014. (May 2014)
• Google+ Sign-In can be configured to be OpenID Connect compliant, and we will continue to support OpenID Connect at the protocol level. (Dec. 2013)
  "

Is passport-google-oauth count as (early version) or is this the version that will be supported later?

[palamccc]

Yesterday I added passport-google to my project and it worked fine in localhost, when i moved to production , got a surprise that Google is not supporting any new domains for openID :-(

I request you to display a very big warning in readme.md about this. This module can't be used for any new projects. And also update passportjs.org tutorials, about this depreciation.

Relevant Links,

• https://developers.google.com/accounts/docs/OpenID
• https://developers.google.com/+/api/auth-migration#timetable

[sanderpick]

Try passport-google-oauth instead.

[palamccc]

@sanderpick Yes, I'm moving to google-oauth, But i want the module author to put some sort of warning. I followed passport.js tutorial and everything worked in localhost domain and got upset when it didn't work on production domain. I don't want the same thing to happen to other users.

[chrisallenlane]

I think you just spared me a headache, @sanderpick. Much appreciated.

[ilkkao]

+1 for what @palamccc said. Please start to depreciate this plugin.

[ilkkao]

In case anyone is interested, I wrote a blog post about how to migrate to passport-google-oauth: http://iao.fi/myposts/passport_google_openid_migration

[cthorne66]

Really wish i would seen @palamccc 's note a couple days ago, i just lived the same experience. Didn't know until deployed to production. There should be something added to the documentation on the site

[anasqadrei]

The owner of this great library doesn't maintain it at this time. We have to look for someone who will take responsibility and maintain it.

[VanessaHenderson]

Just throwing this out here as well for those who are looking for a solution like me, the passport-google-oauth package isn't going to solve it either, if you look into the oauth2.js file it uses the userinfo endpoint that is going to be deprecated as of September 1, 2015. I switched to the passport-google-oauth2 package, it uses the Google+ API that will be supported. The same process to switch as mentioned above should work however, just a different package

[QueueHammer]

@VanessaHenderson For the win.

[VanessaHenderson]

@QueueHammer Thanks! I wrote a blog post on how I figured that out if you want some light reading ;) https://blog.sourceclear.com/google-authentication-and-passports/

[johnkors]

Thanks @VanessaHenderson ! Quick question, did you try to use the email scope instead of asking for resources (email.read) ? email is defined in the openid connect standard (as well as profile, address ++ , so you should be able to get it . See http://openid.net/specs/openid-connect-core-1_0.html point 5.4

[jareiko]

@ilkkao's link is broken, but internet archive has a cache here:

http://web.archive.org/web/20150219072226/http://iao.fi/myposts/passport_google_openid_migration