Google authentication

laith_ayyat · June 29, 2022, 2:12pm

Dears,

I managed to make Google Signin in my application and i can see the data on Mongodb App Users. However, why when i return the profile in my application i can see the name but there is no email. Even on MongoDB App Users there is no email only name. Is there a way i can get the email for Google ? Also, for other authenticators?

Thank you.

thecyrusj13_N_A · January 30, 2023, 5:09pm

I’m having same issue. I use the web sdk with OpenId and all I get is the user’s name and an id. I’ve even set the scopes in the Oauth Screen configuration to include the user’s email. The only option I can think of is to link user documents in my collection by the id. I’m not sure if the user name’s must be unique between gmail accounts.

thecyrusj13_N_A · January 30, 2023, 6:31pm

Okay. So because we’re using OpenID Connect the way to get around this is to take the response.credential and send it as a parameter/argument to Atlas App Services using a function. You can write your function so that it decodes the credential and stores the decoded information (for example the user’s email address) in one of your collections. You can use the jwt_decode module to do this. Alternatively, you could decode the credential on the client and just send the decoded information as the argument for your function.

After that if you want to store the id that App Services stores for the Google user you will need use another function that finds the document you previously added to your collection and then insert the id. You could either do this on the frontend by calling the function directly using the user object returned from App services after you get a Realm Google credential (not to be confused with the response.credential you received from Google) or use a trigger on the backend that uses the authEvent and user object to get the id.

By the way I don’t know if this is the best way to do this, but if you’re frustrated because you can’t see the authEvent object consider storing it temporarily in a collection and then view it in MongoDB Compass.

Rajesh_Nair1 · December 7, 2023, 7:56pm

Hi @thecyrusj13_N_A - I’m trying to implement a google sign in through Realm but I’m not able to figure out the process for initiating the sign up (oAuth) process. Is there a Realm function for this specifically? Or do I need to write that separately from scratch, get the authToken and pass it to the Credentials.googleAuthCode(authCode) and pass the sample to App.login? Some guidance in this regards would help.

thecyrusj13_N_A · December 28, 2023, 11:08pm

Hi Rajesh, so I’m assuming you’re able to get a response from the callback in window.google.accounts.id.initialize, right? If that’s the case here’s an example of what you can do using the jwt_decode module:

  const idToken = response.credential;

  const decodedIdToken = jwt_decode(idToken);

/*
Example of properties you can get from the decoded token:
decodedIdToken.name, 
decodedIdToken.email
*/

Then to create the Google user in Atlas:

const realmCredentials = Realm.Credentials.google({ idToken });

const atlasGoogleUser = await app.logIn(realmCredentials);

Hope that helps.