or run

npx @tessl/cli init
Log in

Version

Files

evals

scenario-4

rubric.jsontask.md
tile.json

task.mdevals/scenario-4/

Google OAuth Authentication Service

Overview

Build an authentication service that enables users to sign in using their Google accounts. The service should handle the complete OAuth flow, store user information, and provide access tokens for making authenticated requests.

Requirements

Core Functionality

  1. OAuth Configuration: Set up Google OAuth authentication with proper credentials and callback handling
  2. Authentication Routes: Implement routes to initiate authentication and handle OAuth callbacks
  3. User Profile Storage: Extract and store user profile information including ID, email, and display name
  4. Token Management: Capture and store access tokens and refresh tokens for authenticated users
  5. Session Handling: Maintain user sessions after successful authentication

Implementation Details

  • Configure OAuth to request profile and email scopes
  • Store the access token and refresh token for each authenticated user
  • Extract user profile data including the user ID, display name, and email address
  • Handle authentication success by redirecting to a protected route
  • Handle authentication failures with appropriate error responses

Test Cases

Test 1: Authentication Configuration @test

File: auth.test.js

Description: Verify that OAuth strategy is properly configured

const passport = require('passport');

describe('OAuth Configuration', () => {
  it('should have Google OAuth strategy registered', () => {
    const strategy = passport._strategies['google'];
    expect(strategy).toBeDefined();
    expect(strategy.name).toBe('google');
  });
});

Test 2: Callback Handling @test

File: auth.test.js

Description: Verify that authentication callback processes tokens and profile

describe('OAuth Callback', () => {
  it('should extract access token and user profile', (done) => {
    const mockAccessToken = 'mock_access_token';
    const mockRefreshToken = 'mock_refresh_token';
    const mockProfile = {
      id: '12345',
      displayName: 'Test User',
      emails: [{ value: 'test@example.com' }]
    };

    // Verify your callback extracts and stores tokens and profile
    verifyCallback(mockAccessToken, mockRefreshToken, mockProfile, (err, user) => {
      expect(err).toBeNull();
      expect(user.googleId).toBe('12345');
      expect(user.email).toBe('test@example.com');
      expect(user.accessToken).toBe(mockAccessToken);
      done();
    });
  });
});

Test 3: Scope Configuration @test

File: auth.test.js

Description: Verify that proper OAuth scopes are requested

describe('OAuth Scopes', () => {
  it('should request profile and email scopes', () => {
    const strategy = passport._strategies['google'];
    expect(strategy._scope).toContain('profile');
    expect(strategy._scope).toContain('email');
  });
});

Dependencies { .dependencies }

passport-google-oauth { .dependency }

Provides Google OAuth authentication strategies for Passport.js applications.

passport { .dependency }

Express-compatible authentication middleware for Node.js.

express { .dependency }

Web application framework for Node.js.

Constraints

  • Use JavaScript (Node.js)
  • The solution must properly integrate with Passport.js middleware
  • Authentication must support session persistence
  • All required OAuth parameters must be configurable