How should we use the GoogleAdapter?

[jorgedanisc]

First off hope that this doesn't come off in a bad way, I just couldn't find any documentation indicating how to use the GoogleAdapter, so I followed the example from the terminal.shop and figured this could be a possibility, can anybody review if this is how we should implement the GoogleAdapter?

import { authorizer } from "@openauthjs/openauth";
import { GoogleAdapter } from "@openauthjs/openauth/adapter/google";

const app = authorizer({
  providers: {
    google: GoogleAdapter({
      clientID: process.env.GOOGLE_AUTH_ID!,
      clientSecret: process.env.GOOGLE_AUTH_SECRET!,
      scopes: ["email"], // Request email scope
    }),
  },
  async success(ctx, value) {
    if (value.provider === "google") {
      const access = value.tokenset.access;

      // Fetch user information from Google
      const response = await fetch("https://www.googleapis.com/oauth2/v3/userinfo", {
        headers: {
          Authorization: `Bearer ${access}`, // Bearer token format for Google
          Accept: "application/json",
        },
      });

      if (!response.ok) {
        throw new Error(`Failed to fetch user info from Google: ${response.statusText}`);
      }

      const userInfo = await response.json();
      const email = userInfo.email;
      console.log("found email", email);

      // Example return statement with mock account ID
      return ctx.subject("user", {
        accountId: "123",
      });
    }

    throw new Error("Invalid provider");
  },
});

export const handler = handle(app);

Looking forward for the documentation, appreciate the work invested in this project!

[jorgedanisc]

Also some notes for configuration over on Google:

On the Authorized redirect URIs you should specify it this way:

https://{your_auth_server_url}/google/callback
or
http://localhost:3000/google/callback (if you are following the examples)

[ripley]

I tried the google adapter with their Lambda example and it worked.

Just make sure the subjects format could pass the validation. To get this I have to use zod (valibot dependency in sst is too old and didn't work, only 1.0.0-beta.X works there) when writing the subject or there is no ~standard validator in the subject.

I have also removed the sameSite: "Strict" in the Lambda example or the Set-Cookie header doesn't take effects to set tokens.

[jorgedanisc]

Would you mind sharing a small gist on how you used zod validation with Google ?

[ripley]

If your valibot's version is 1.0.0-beta.X I don't think you need to use zod, the subject creation should be fine as in their example.
In my case I have to keep its version as 0.30.x and the token validation won't pass.
After switching to zod the subject creation is updated from

import { object, string } from "valibot"
import { createSubjects } from "@openauthjs/openauth"

export const subjects = createSubjects({
  user: object({
    id: string(),
  }),
})

to

import { createSubjects } from '@openauthjs/openauth'
import { z } from 'zod'

export const subjects = createSubjects({
  user: z.object({
    id: z.string(),
  }),
})

[bgkittrell]

FYI, Switching to zod helped get me past this error.

Property '"~standard"' is missing in type 'ObjectSchema<{ id: StringSchema<string>; }, undefined, { id: string; }>' but required in type 'StandardSchema<unknown, unknown>'.