Swiftpack.co - Package - IBM-Swift/Kitura-CredentialsGoogle

Kitura

Docs Build Status - Master macOS Linux Apache 2 Slack Status

Kitura-CredentialsGoogle

Plugins for the Kitura-Credentials framework that authenticate using the Google web login and a Google OAuth token

Summary

Plugins for Kitura-Credentials framework that authenticate using the Google web login with OAuth 2.0 and a Google OAuth token that was acquired by a mobile app or other client of the Kitura based backend.

Table of Contents

Swift version

The latest version of Kitura-CredentialsGoogle requires Swift 4.1.2. You can download this version of the Swift binaries by following this link. Compatibility with other Swift versions is not guaranteed.

Example of Google web login

A complete sample can be found in Kitura-Credentials-Sample.

First set up the session:

import KituraSession

router.all(middleware: Session(secret: "Very very secret..."))

Create an instance of CredentialsGoogle plugin and register it with Credentials framework:

import Credentials
import CredentialsGoogle

let credentials = Credentials()
let googleCredentials = CredentialsGoogle(clientId: googleClientId,
                                          clientSecret: googleClientSecret,
                                          callbackUrl: serverUrl + "/login/google/callback",
                                          options: options)
credentials.register(googleCredentials)

Where:

  • googleClientId is the Client ID from the credentials tab of your project in the Google Developer's console
  • googleClientSecret is the Client Secret from the credentials tab of your project in the Google Developer's console
  • options is an optional dictionary ([String:Any]) of Google authentication options whose keys are listed in CredentialsGoogleOptions.

Note: The callbackUrl parameter above is used to tell the Google web login page where the user's browser should be redirected when the login is successful. It should be a URL handled by the server you are writing.

Specify where to redirect non-authenticated requests:

credentials.options["failureRedirect"] = "/login/google"

Connect credentials middleware to requests to /private:

router.all("/private", middleware: credentials)
router.get("/private/data", handler:
    { request, response, next in
        ...  
        next()
})

And call authenticate to login with Google and to handle the redirect (callback) from the Google login web page after a successful login:

router.get("/login/google",
           handler: credentials.authenticate(googleCredentials.name))

router.get("/login/google/callback",
           handler: credentials.authenticate(googleCredentials.name))

Example of authentication with a Google OAuth token

This example shows how to use CredentialsGoogleToken plugin to authenticate post requests, it shows both the server side and the client side of the request involved.

Server side

First create an instance of Credentials and an instance of CredentialsGoogleToken plugin:

import Credentials
import CredentialsGoogle

let credentials = Credentials()
let googleCredentials = CredentialsGoogleToken(options: options)

Where:

  • options is an optional dictionary ([String:Any]) of Google authentication options whose keys are listed in CredentialsGoogleOptions.

Now register the plugin:

credentials.register(googleCredentials)

Connect credentials middleware to post requests:

router.post("/collection/:new", middleware: credentials)

If the authentication is successful, request.userProfile will contain user profile information received from Google:

router.post("/collection/:new") {request, response, next in
  ...
  let profile = request.userProfile
  let userId = profile.id
  let userName = profile.displayName
  ...
  next()
}

Client side

The client needs to put Google access token in request's access_token HTTP header field, and "GoogleToken" in X-token-type field:

let urlRequest = NSMutableURLRequest(URL: NSURL(string: "http://\(serverUrl)/collection/\(name)"))
urlRequest.HTTPMethod = "POST"
urlRequest.HTTPBody = ...

urlRequest.addValue(googleAccessToken, forHTTPHeaderField: "id_token")
urlRequest.addValue("GoogleToken", forHTTPHeaderField: "X-token-type")     
Alamofire.request(urlRequest).responseJSON {response in
  ...
}

License

This library is licensed under Apache 2.0. Full license text is available in LICENSE.

Github

link
Stars: 8
Help us keep the lights on

Used By

Total:

Releases

2.2.1 - Jun 21, 2018

Type-Safe Google Tokens:

  • Define cacheSize parameter to allow TypeSafeGoogleToken cache size to be limited (#32)

2.2.0 - Jun 15, 2018

  • feat: Google Token Credentials using TypeSafeMiddleware (#30)

2.1.0 - Jan 27, 2018

What's New

  • Update dependencies
    • Kitura-Credentials to 2.1.x
    • Remove SwiftyJSON