Google OAuth2 Login - Working Example

I’m kind of at a loss here on how to get it done. Essentially, I have a GSuite account with my own domain name, and I only want to allow others who have an @my-gsuite.com address. I’ve already created the client id from the website and need to now integrate it into my API to I can secure my endpoints. I’m hoping to draw on the experienced people here who may have done it before. Here is a snippet (I’m a JSON user). Ultimately, I want to have the openapi-generator make a server stub where I can copy and paste the client-id and passkey in.

"securitySchemes": {
  "googleAuth": {
    "type": "oauth2",
    "flows": {
      "clientCredentials": {
        "tokenUrl": "https://accounts.google.com/o/oauth2/token",
        "refreshUrl": "https://accounts.google.com/o/oauth2/token",
        "scopes": {
          "profile": "Get the player profile",
          "email": "Get the player email",
          "openidconnect": "Get the openidconnect information"
        }
      }
    }
  }
}
  },
  "security": [
{
  "googleAuth": [
    "profile",
    "email",
    "openidconnect"
  ]
}
]

I think you might be hoping for a little too much magic. OpenAPI is not aware of what Google is, let alone able to set up particular rules about which domains are allowed or not, and I doubt openapi-generator will have a clue either.

I’m not sure what language you’re using, but I’d look into something like an authentication middleware: https://www.npmjs.com/package/google-oauth-middleware