0

I have an google chrome extension write in JS which comes into play when the user is inside Gmail.

I am using chrome.identity.getAuthToken to get the token of user but the problem is that I get always same user token for who install the extension ,for example:

The chrome user profile is a...@gmail.com. So when I login to the gmail as a..@gmail.com, and go to the event page, and make a chrome.identity. getAuthToken, I get the token for a...@gmail.com, that is fine. Now I login into the Gmail as b...@gmail.com. Now if I make a chrome.identity.getAuthToken, I still get the token for a...@gmail.com and I can't create request to Gmail API.

So,I try another way and success to get the id token using this Is it possible to get an Id token with Chrome App Indentity Api? qustion , but it's still the same problem that it's on the user who install the extnsion.

I try to follow this 2 similiar question here:

Get access to multiple gmail accounts in a chrome extension

Login to Chrome extension with a Google user other than the one in use by Chrome

But i am not really understand it , I need to create my own OAuth2 ?but how I can do it with chrome extension? I think maybe I need to send some request to 'https://accounts.google.com/o/oauth2/auth' + ..... to get the token but I am not sure about the parameters , and if it's right...

Hope you could help me , Thanks !

Community
  • 1
  • 1
OriEng
  • 1,424
  • 18
  • 34
  • indeed you need to roll your own oauth2. its not that hard. we can help you once you research more and show us what you tried with specific issues (regarding oauth2, not the chrome identity api. so far your help request on oauth is too broad. – Zig Mandel Dec 22 '16 at 12:59
  • Thanks , I try to follow this [guide](https://developers.google.com/identity/protocols/OpenIDConnect) but in the level of ' Send an authentication request to Google ' I am not sure what to set it redirect_uri parameter ? my server that need to care the response ? And , where should I need to put this request? every time user get in to gmail ? I will happy to hear just some way to where go from here... – OriEng Dec 22 '16 at 13:21
  • I did it years ago on a chrome extension, back when identity api wasnt available yet. Dont have that old code at hand, however I remember having that same issue, what I did was to put a fake redirect address that either you own the domain or know its not being used. I watched the tab for a url change until that fake page loaded (with an error) and quickly grabbed the token from the url fragment, then closed the tab. So the user only has a few milliseconds to notice that the page loaded (with error) before it closed. I think there are samples out there google chrome extension oauth – Zig Mandel Dec 22 '16 at 14:24
  • Thanks ! I will try it ...Is this https://developer.chrome.com/extensions/tut_oauth could be good for my case? – OriEng Dec 22 '16 at 15:55
  • that one looks good and better as it doesnt need the callback url hack, wasnt available back when I tried it. – Zig Mandel Dec 22 '16 at 15:58
  • it doesn't work for me ): and the files is from 2009 . You know maybe some tutorial just for the start ? i little bit lost about it. thanks again – OriEng Dec 25 '16 at 07:39
  • see why ive marked the question offtopic. – Zig Mandel Dec 25 '16 at 13:39
  • OK , I found this [library](https://adodson.com/hello.js/) and I initialize it every time my gmail is get open and then open a pop-up with the request , I success to get everything I need in my uri_redirect page . So I want to set this operation in the 'background' instead pop up(they have option in the library) and it's OK for my main account but with the second one it's always want my confirm to get permission , I don't understand why(maybe because of chrome account?) ! I want to refresh always the token in the background ,How can I do auth it in the background ? Save me...thanks all ! – OriEng Dec 28 '16 at 15:09

0 Answers0