3

I'm working on Chrome extension which work on Gmail, and for login by google account, I use chrome.identity.getAuthToken to get auth_token

chrome.identity.getAuthToken({'interactive': false},
    googlePlusLoginCallback)

it works fine while user only has one gmail account.

But in the scenario user has more gmail accounts(like private one and one from company), the api only use the primary account to request auth_token; Is it possible to let user choose their account before request auth_token?

jojomango
  • 156
  • 1
  • 1
  • 9
  • `chrome.identity` users the Chrome profile's Google account so in order for `chrome.identity` to connect for a different account a new Chrome profile needs to be created, signed-in with that account, and have the extension/app installed. – abraham Aug 12 '15 at 19:08
  • right now I use the solution as @gui47 mentioned [Using OAuth 2.0 for Installed Applications] http://stackoverflow.com/questions/28675959/login-to-chrome-extension-with-a-google-user-other-than-the-one-in-use-by-chrome I can choose account, but problem is I always get permission request – jojomango Aug 13 '15 at 19:06

1 Answers1

0

Like abraham said, chrome.identity uses the Chrome browser profile, so a multi-account user would have to have different browser profiles for each account.

Unfortunately, it seems the only way to handle multiple Google accounts (but not multiple Chrome profiles) is to keep track of each user in the background and switch the active user whenever you get an indication that the user has changed.

A solution is to store each user in the background via localStorage along with their access_token, and indicate which is the active user. You can listen to ajax calls that are made to-from Google via chrome.webRequest.onBeforeRequest, as some of those ajax calls will contain the current Google user.

jsutton
  • 109
  • 3
  • 10
  • Thanks for your advice, but in my test the chrome.webRequest.onBeforeRequest not include google user (or similar object/data); so I hack the DOM to get the current email address, and store the token in local storage name the mail as the key, and every time user try login via google, I search for corresponding token. – jojomango Aug 14 '15 at 16:45
  • But the problem I met is the token only valid for 1 hour, and after that I need to let user run the permission request again(grant permission>code>token); and what I get from code exchange is a object { access_token:”XXXXX.....", expires_in:3600, id_token:”xxxxxxx.....", token_type:"Bearer" } even I try to revoke the token by post "https://accounts.google.com/o/oauth2/revoke?token=" + auth_token, then require token again, I cannot get 'fresh_token' as doc says. – jojomango Aug 14 '15 at 16:48
  • for anyone with same problem(no refresh_token), this answer resolve it http://stackoverflow.com/questions/10827920/google-oauth-refresh-token-is-not-being-received just add approval_prompt=force to code request – jojomango Aug 16 '15 at 18:52