Our app has the SMTP feature that allows the user to connect Gmail with OAuth2, this works fine if the account is Google Workspace type, but if we try to connect to a personal Gmail account, the OAuth2 shows the "This app is blocked" error as below image.
Any thought?
NOTE: Our code works fine if connecting Google Workspace account, just has this issue if trying to connect personal Google Gmail account.
This happens because you didn't activate the Less Secure Apps in your Google Settings!
Simply, go to your Google profile settings, search for "less secure" into the searchbar and you will be prompted to a checkbox. Keep in mind that it will be automatically turned off in 30 days.
To avoid this, you should add a proper authentication to your app.
Related
I experience difficulties in login into my google scholar account. It always said ERR_TOO_MANY_REDIRECTS and I can't access my account.
I have tried to access the Google Scholar website using Incognito mode, but still no good. I have also tried to clear all my cookies but still get the same error message.
How to solve this problem?
Thank you.
FYI: I am using Gsuite.
Activate your institution's Google Assistant in G Suite:
Dashboard, Apps -> Additional Google Services -> Google Assistant
If this happens because you used a mail tied to an institution that changed its privacy policy regarding Google and disabled the access to the Google Assistant, there is still a solution: create a new google account, using a new primary email address on which you have the full privileges, but verify your google scholar email with your institution email. This will trigger a duplicate account verification and you will be able to choose what google scholar profile to keep.
I had a Google account based on not-GMail-account. I had another email company's email as a login to my Google Account (myemailhere#ukr.net). And I used this Google account to login the dialogflow.cloud.google.com.
Today Google suggested me to create a #gmail.com account and attcach it to my myemailhere#ukr.net Google Account. I have confirmed and created the myemailhere#gmail.com.
Using both of this logins (myemailhere#gmail.com and myemailhere#ukr.net) I am still able to login my cloud.google.com Profile. But when I try to login the Dialogflow Profile (dialogflow.cloud.google.com) - I see the eternal loading animation (or a totally blank page). There is no errors about password or something like this. Just login process after I submit the password and then white page. This behavior I see on all my devices, while I trying to login with myemailhere#gmail.com or myemailhere#ukr.net
And I see some 400 errors in web console (if it matters).
Could you please help me to fix this and get access to DialogFlow?
Screen that I see after the login and password entering
Do you have the project owner role for the mentioned username that is registered on your project in the GCP console (not Dalogflow Console)? Here is a list of roles related to Dialogflow that grant access to its Console.
Note that some of these roles give full access or edit access while other roles have permissions that simply gives view access to the Dialogflow Console.
If you are missing any of these then simply assign on your GCP project's console.
Assigning roles as described above did not work for me. Solution was to delete gmail email service from the account.
Instructions here
If you would like to use gmail, do NOT add gmail to your existing google account. You should instead create a seperate google account and use gmail from this seperate account
I have a web application setup to handle webhook requests from an Actions-on-Google/Dialogflow application using the Google Assistant. Users don't need to sign-in to a google account in order to use my web application and I'd prefer to keep it that way, so that users can sign in with any email address.
I also want my users to be able to interact with my application using the Google Assistant, and be able to access personal/contextual data via the assistant (i.e. when a speaker says, "what's on my shopping list", the web app needs to be able to know what my means).
Currently, I have this working by using my web app to issue a unique short code to my user (in the web app UI) and then with an intent on the Assistant where the speaker says "My code is 1-2-3-4" and then my web app can identify the user from then on (by saving the userId from the webhook request to whatever user got the short code 1234 and then using that userId to lookup the user on each subsequent request.)
My question is, is there a better way to do this? Ideally, in my web app, I'd like to have something like an "Authorize Google Assistant" button, which would then link the user's google account to their web-app account, so that the conversation on the Assistant is seamless.
Has anyone done this before?
Thanks
This is the perfect use case for Account Linking with the Google Assistant.
From your users' perspective, they will start to use your Action. If they're doing so through a speaker and they haven't linked the account yet, they'll be directed to a mobile device to do so. On a mobile device, they'll be redirected to a page on your website where they will been to authenticate themselves and authorize your server to let them in through the Assistant. Once they have done so, they won't need to log in again, the accounts will be linked, and they'll be able to use the voice Action without further obstruction.
From your perspective as a developer, you'll need to setup an OAuth2 server (I suggest the code flow). That login process I mentioned is the first step in the OAuth dance, and will end up with you issuing a code to Google. They will then exchange this code for an Auth Token (with a limited lifetime) and a Refresh Token (which does not expire). They will periodically use the Refresh Token to get new, valid, Auth Tokens for this user. When the user issues a voice command, the Auth Token will be passed as a field in the JSON to your fulfillment server, and you can use this to verify who the user is and that they are authorized to use your service.
I've recently been doing a bit of web development so I've been thinking more about authentication and stuff. On Netflix I noticed there is an extra option on the Account page to de-authorize other devices. My girlfriend changed her password but I was still able to use it without re-entering the password till she logged out other devices.
So my question is how does authentication for Netflix work if it doesn't have to locally store your password?
Netflix uses a version of Open autentication to allow a device to access an account. Once the device has been authorized it will then have access to that account until its has been deautorized.
Chaning password doesnt matter becouse the device has autorization already probably in the form of a refresh token stored someplace. So its not storing a password its storing an autorization token of some kind.
Lets use facebook as an example: (response to comment below)
https://www.facebook.com/settings?tab=applications
This shows a list of all the crap I have loged in to using my facebook account. Now I have probably changed my facebook password sevral times it wont matter I will still have access. Some of these are mobil apps i have installed on my cellphone at one time or another. Even if i dont use them they still have access.
This doesn't technically answer the question, but is related and, I think, helpful:
You can forcefully invalidate the previously-validated tokens for other devices by going to https://www.netflix.com/ManageDevices - as soon as you go to the page it will ask if you want to sign out other devices.
(from "Someone is using my Netflix account without my permission" at https://help.netflix.com/en/node/18)
I am going to integrate the Facebook login access on my WiFi hotspot portal. Basically I would like the user to log on my portal using its Facebook credentials, in order to access the Internet via Hotspot.
The classical integration using connect-js via Javascript cannot work, since unauthenticated users cannot reach the Internet, and in this condition the browser cannot connect to Facebook.com.
Please, I would like to understand if there is a way, from my PHP portal, to send an HTTP post request to Facebook.com containing the users credentials. I just have made a test, but I have received the following response "For your security, never enter your Facebook password on sites not located on Facebook.com".
Thank you very much.
You need to manually-build-a-login-flow (relevant facebook documentation)
The below snippet is the crux of it however
https://www.facebook.com/v3.0/dialog/oauth?
client_id={app-id}
&redirect_uri={redirect-uri}
&state={state-param}