4

Working on updating a Chrome plugin. I have users with multiple Gmail accounts opened on different browser tabs. The chrome plugin will create a button in each gmail tab, when user clicks on the button, the plugin needs to get the authToken for the gmail account before taking action. I was using the following

chrome.identity.getAuthToken({ interactive: true }, 
    function(token) {..})

But the problem is, the authToken may not be the right one for the current gmail account (each browser tab has a different gmail account). I have seen it gets the authToken for the primary account and tried it on other gmail accounts, which will cause my action to fail.

Following what's described in identity API, I was thinking of using

chrome.identity.getAuthToken({ interactive: true, account: {id : "<ACCOUNT_ID>"} }, 
    function(token) {..})

But I can't find the ACCOUNT_ID. I tried the following API (from the same reference)

chrome.identity.getProfileUserInfo(function(x) {console.log(x) })

but it gave me

{email: "", id: ""}

Any ideas? Thanks a lot!

pktCoder
  • 1,105
  • 2
  • 15
  • 32
  • Have you tried using `chrome.identity.getProfileUserInfo` after adding `identity.email` to the `permissions` section of manifest ? – Iván Nokonoko Oct 15 '18 at 12:04
  • No, I haven't tried. This plugin is supposed to independent of email addresses, i.e. It should detect the email address for the current gmail account (on the current browser tab) and obtain permission interactively. – pktCoder Oct 15 '18 at 14:11

1 Answers1

1

specify the chrome identity.email in manifest. here.

//  ...
var x = chrome.identity.getProfileUserInfo(
  chrome.identity.getAuthToken({interactive:true}, function(token) {..})
);
//  ...

Should work... Just call the function right as the user clicks the button...
Such as nesting the code inside document.getElementById('button').addeventlistener('click', x);

255.tar.xz
  • 700
  • 7
  • 23
  • Thanks for the code snippet, my problem starts when there are multiple Gmail accounts already signed in. So this event won't happen. By the way, according to chrome documentation, the call back function of addListener takes two parameters, account info and whether it's signed in. Is there a way to find the account id for the (signed-in) gmail account on the current browser tab? Thx – pktCoder Oct 16 '18 at 02:33
  • I tried the above (newly edited) code and added `identity.email` in manifest but it still doesn't work. Got the same problem that it retrieved the authToken for the same account regardless of which browser tabs (different gmail accounts) it's on. I need to get the right authToken for the gmail account for any tab that's active. – pktCoder Oct 16 '18 at 14:24
  • would you be willing to use cookies in your solution? – 255.tar.xz Oct 17 '18 at 01:17
  • According to [login to Chrome Extension...](https://stackoverflow.com/questions/28675959/login-to-chrome-extension-with-a-google-user-other-than-the-one-in-use-by-chrome) & [authentication - Can I choose...](https://stackoverflow.com/questions/31969398/can-i-choose-user-before-get-chrome-identity-token) this isn't possible with regular auth tokens inside a chrome extension... This may potentially work by using @David 's answer on the first link, so try giving that a go... (continued) – 255.tar.xz Oct 17 '18 at 01:30
  • (Continuing) But like I said this doesn't seem like a valid option. Most extensions that do similar functions most likely use single page interaction w/out the auth tokens. Maybe OAuth has some way to implement this feature? Another possible Idea would be to make some sort of function that grabs the information of the users account right as the page loads - however this is probably prevented due to it being a security flaw. I don't know - I don't have a use for this so making this function would most likely be just a huge waste of my time. So give those few options a try, then see how it goes! – 255.tar.xz Oct 17 '18 at 01:33
  • Another thing - As stated in chrome's documentation the `getProfileUserInfo` API is just asking for the **Primary** user account so even if you got that to work obviously then only one of the accounts would do the trick. Check [here](https://developer.chrome.com/apps/identity#method-getProfileUserInfo) paragraph 2, sentence 2 in that subsection to see what I mean. – 255.tar.xz Oct 17 '18 at 01:38
  • Curious how would using cookie help in this case? The other stackoverflow question is very interesting, thanks for pointing it out. Implementing OAuth looking very challenging, wonder if you happen to have some code snippet? – pktCoder Oct 17 '18 at 02:57
  • Sorry not my area of expertise, just have had a little experience and not much really with OAuth, however with what I do know the linked post probably will do the trick with some fiddling. So sorry for no code-snippet but hope you get it working. – 255.tar.xz Oct 19 '18 at 06:44