User identification

Combining local and social authentication?

How is the connection between local and social authentication implemented correctly?

I have local authentication by mail and password: when logging in through mail and password, a pair of accessToken and refreshToken is sent to the user.

Now I have connected google oauth2 and implemented it as follows: when a user selects his mail and submits, in the Google strategy I get the user profile and check if there is a user in the database with the same mail as from the Google profile, then I simply return a pair of accessToken and refreshToken as in the local strategy for this user, if there is no user in the database with such mail, then I create a user in the database and also send a pair of accessToken and refreshToken as in the local strategy.

That is, in fact, I used google oauth2 authentication only to receive mail, to create a new user with such mail or check an existing one, and send a couple of tokens that I create myself on the back. that's all.

But it seems to me that maybe I didn’t implement it correctly, because when authenticating through google oauth2, I can get accessToken, refreshToken and maybe in this case I need to somehow save them somewhere or send them to the client, instead of sending a pair tokens as in a local strategy, that is, to create it yourself?

But on the other hand, if there are 5 social networks through which you need the ability to authenticate the user, then the writings will be a lot different, for different types of authentication ...

please tell me where I made a mistake and how to