0

I want to create a chrome extension and use the Sheets API to do something, so I have reviewed two tutorial.

this article

https://medium.com/swlh/oauth2-openid-chrome-extension-login-system-29285323882f

is using lauchWebAuthFlow to achieve the Authentication, but using Web Application as Application Type.

And this video,

https://www.youtube.com/watch?v=5grkEnYytF4

is using getAuthToken, but the Application Type is Chrome App.

I want to ask when to use Chrome App and when to use Web Application?

For further asking, I want to ask if I want to use my chrome extension not only in Google Chrome but at least with Microsoft Edge, which Authentication method is recommended to do, and if I am using that method, how I can use that method to use the Sheet API.

Thank you.

wOxxOm
  • 65,848
  • 11
  • 132
  • 136
new guy
  • 21
  • 3
  • You may want to check these [How Chrome Apps extend your development capacity beyond what you can do with `traditional web apps`](https://developer.chrome.com/docs/apps/overview/#extend), [When to use `getAuthToken` & `launchWebAuthFlow`](https://developer.chrome.com/docs/apps/app_identity/#how) & this [related post](https://stackoverflow.com/q/62550627/15384825). In my understanding, `getAuthToken` is used for Chrome browser users with Google account linked to their Chrome browser profile & `launchWebAuthFlow` authentication is used with non-Google identity providers. – SputnikDrunk2 Sep 20 '21 at 22:21
  • @IrvinJayG. In my case, I don't have a server and I just want to use my content.js to get some data from a specified website html, and pass to my background.js and the background.js will update these data into a google sheet, so I should use getAuthToken than launchWebAuthFlow, am I right? – new guy Sep 21 '21 at 14:42
  • @IrvinJayG. I would like to ask one more question, can I use launchWebAuthFlow to gain permission to access the authenticated account's Google Drive or Google Sheets? Because when last time I am testing my chrome extension with launchWebAuthFlow, the consent screen never ask permissions to access but getAuthToken did to. – new guy Sep 21 '21 at 14:50
  • It depends where the `content.js` will be run on. Use the `getAuthToken` if it'll be run on Chrome profiles w/ Google Accounts or `launchWebAuthFlow` if the browser uses non-Google identity providers. As for the last question, I'm afraid that I haven't tried it yet but check this https://stackoverflow.com/q/40411493/15384825. According to [this forum](https://github.com/sindresorhus/notifier-for-github/issues/57#issuecomment-443275067), `launchWebAuthFlow` does not need the special permission, but you only get OAuth code (code) in this flow, not the actual OAuth Access Token (access_token). – SputnikDrunk2 Sep 21 '21 at 15:35

0 Answers0