I am fairly new to developing chrome extensions, more specifically to the user authentication part in chrome extensions. I am following User Identity example from Google Developer docs.
The example works perfectly fine. I was able to generate the client id for the chrome app, add the scope for api's in my case gmail api. And finally get the Auth Token by adding the identitypermission in manifest.json as follows
"oauth2": { "client_id": "MY CLIENT ID", "scopes": [ "https://www.googleapis.com/auth/gmail.readonly", "https://www.googleapis.com/auth/gmail.modify" ] } And my app.js is a content_script which has the following code.
chrome.identity.getAuthToken({ 'interactive': true }, function(token) { /* With which i can use xhr requests to get data from gmail api */ console.log('Access Token : '+token); }); Now this token that i get gives me the result for the user with which i have logged into chrome. Meaning Lets say i have a UserA with email address user_a@gmail.com and i have used this log into the chrome browser.
Question
How do I get the associated accounts or the secondary accounts. For instance lets say a User B logs into Gmail from the chrome browser. Is it possible to access the gmail api for that particular user who is currently logged in ?
I have tried a couple of things here ..
gapi.auth.authorize({ 'client_id': CLIENT_ID, 'scope': SCOPES.join(' '), 'immediate': true }, function(authResult){//do something}); In the above scenario, the client id and scopes are fetched from the manifest.json using chrome.runtime.getManifest();.
- This method uses the client.js from google api's and makes use of gapi variable.
- In this case, i get the access token for the user whom i generated the client id , not even the chrome application user.
- Furthermore, When i open a incognito mode and access this plugin, still i get the same users access token.
Additional Note
I tried the same gapi.auth.authorize() using a Web OAuth 2 Client Id. It works perfectly fine. I mean whenever this authorize is executed it fetches the current logged in user's data or it asks for a login where the user can login and authenticate. How do i achieve the same thing in chrome extension.. Kindly let me know if i am missing something here .
1 Answers
Answers 1
As of now, this is not possible using supported APIs in Google Chrome stable (Version 63). However, in the Dev channel and most likely with a future release, the following will be possible:
chrome.identity.getAccounts(function(accounts) { // accounts is a list of accounts. chrome.identity.getAuthToken({ 'interactive': true, 'account': accounts[0] }, function(token) { /* With which i can use xhr requests to get data from gmail api */ console.log('Access Token : '+token); }); }); See the documentation for getAccounts().
EDIT: Something that might work in the meantime is registering for the onSigninChanged event.
0 comments:
Post a Comment