How can I verify android app's GPGS token on my node.js server using passport

I’ve developed a game client(Android) and server using Unity and node.js.

The log-in function of the server is implemented using passport.js. It was simple, so I didn’t worry about anything. I was supposed to implement log-in feature in my game by popping up the in app browser.

But it turns out android games need to use “Google Play Game Service” to log in to Google. I confused how to use passport.js in this case.

The sequence of the Google OAuth2.0 login I know is roughly as follows.

  1. Game client request “authenticate” to GPGS using “google-games-plugin-for-unity”
  2. If login success, game client can get “Authorization Code” using “GetIdToken()” api.
  3. Game client send this token to my game server.
  4. Game server verify the token(from step3) through Google api service.
  5. If verifying success, my server can get user infos and access token.
  6. Fully login complete.

I am wondering how to implement step3 and onwards using passport.js. Can I use passport.js to implement this with only “GoogleStrategy” configuration? How?

I found a solution myself. There was something wrong what I knew. The sequence of the Google OAuth2.0 is right as above except one thing.

I thought I could get the “Authorization Code” by using “GetIdToken()” api of “google-games-plugin-for-unity”. But, if I wanna get the “Authorization Code”, I had to use “GetServerAuthCode()”, not to use “GetIdToken()”. This description was in ReadME of “google-games-plugin-for-unity” github. It was my fault that I didn’t read it in detail.

IdToken and AuthCode are not same, it is the part what I didn’t know correctly. (See “Retrieving server authentication codes” of GitHub - playgameservices/play-games-plugin-for-unity: Google Play Games plugin for Unity )

Now, game client can get “Authorization Code” well using “GetServerAuthCode()”, and game client make url to send this token to game server as bellow.(using get, but google recommend using post)

var _url = “YOUR://WEBAPP/REDIRECTION/URL?code=”+ PlayGamesPlatform.Instance.GetServerAuthCode();

Game server will get this url and the server can use “passport.authenticate” which is the same way when it get redirection url from web browser.

If your both user auth info(android app and web app) are registered in same Google API console project, they will share auth info and the login procedure will perform same like using browser case.