{
  "context": "This criteria evaluates the engineer's ability to properly configure and use the passport-google-oauth package's OAuth 2.0 authentication strategy. It focuses on correct usage of the OAuth2Strategy class, proper configuration parameters, verify callback implementation, and scope management.",
  "type": "weighted_checklist",
  "checklist": [
    {
      "name": "OAuth2Strategy Import",
      "description": "Correctly imports OAuth2Strategy from passport-google-oauth or passport-google-oauth20 package",
      "max_score": 10
    },
    {
      "name": "Strategy Configuration",
      "description": "Properly instantiates OAuth2Strategy with required configuration parameters: clientID, clientSecret, and callbackURL",
      "max_score": 20
    },
    {
      "name": "Verify Callback Signature",
      "description": "Implements verify callback with correct signature: function(accessToken, refreshToken, profile, done)",
      "max_score": 15
    },
    {
      "name": "Access Token Extraction",
      "description": "Correctly extracts and stores the accessToken parameter from the verify callback",
      "max_score": 10
    },
    {
      "name": "Refresh Token Extraction",
      "description": "Correctly extracts and stores the refreshToken parameter from the verify callback",
      "max_score": 10
    },
    {
      "name": "Profile Data Extraction",
      "description": "Properly extracts user profile data including id, displayName, and email from the profile object (accessing emails array correctly)",
      "max_score": 15
    },
    {
      "name": "Scope Configuration",
      "description": "Configures OAuth scopes correctly by specifying 'profile' and 'email' scopes in the strategy options",
      "max_score": 10
    },
    {
      "name": "Strategy Registration",
      "description": "Registers the OAuth2Strategy with passport using passport.use()",
      "max_score": 10
    }
  ]
}