Hello,

I have a simple question. Say I've logged in once and got a JWT, and then log in on another machine using the same social account. Maybe I'm mistaken, but I can't find any way to (easily) tell that both tokens belong to the same person since the provider ID doesn't seem to be stored in the token. So is there a way to identify a user without having to make a request to the provider API with the given access token?

I'm not entirely clear about your issue. When you "compare" users, where do you want to do that? Maybe you could provide the full context/purpose?

@lipp
Here is what login-with return:

{ accessToken: 'ya29.XXXXXXXXXXXXXXXX',
  profile: 
   { username: 'Slava Ganzin',
     name: 'Slava Ganzin',
     provider: 'google',
     photo: 'https://lh6.googleusercontent.com/-RwB2-OTm4ck/AAAAAAAAAAI/AAAAAAAAAGs/ig-EN1poL50/photo.jpg?sz=50' },
  iat: XXXXXXXXX }

Where both iat and accessToken are temporary identifiers and what @djshitcoin and I want is permanent identifier (part of google oAuth answer):

 { kind: 'plus#person',
     etag: '"XXXXXX"',
     objectType: 'person',
     id: '107965373576397404746',
     displayName: 'Slava Ganzin',
     name: { familyName: 'Ganzin', givenName: 'Slava' },
     url: 'https://plus.google.com/107965373576397404746',
     image: 
      { url: 'https://lh6.googleusercontent.com/-RwB2-OTm4ck/AAAAAAAAAAI/AAAAAAAAAGs/ig-EN1poL50/photo.jpg?sz=50',
        isDefault: false },

As you see 107965373576397404746 is my public identifier. Which we can use to link two devices together or identify user next time.

You can get this id using google Api and accessToken, but this would over complicate everything for no reason

#59

so you'd like to have the id included, right?
i think this would make sense for every provider which has/needs this kind of info for subseq api calls.

Fixed test in #59