Developing google docs/slides add-on: How to make the Oauth consent screen jump in order to record it for the Oauth team?
When doing in the script editor: run->test add on -> test with latest code->installed for current user -> It allows us to test the add on, but it doesn't pop up any Oauth consent screen.
I think I found the solution: Need to go to here:
https://myaccount.google.com/security-checkup
And revoke the grant.
Related
I completed the process to allow the users to login to Google OAuth but the Oauth Consent Screen do not ask the email/userinfo permission/scope to the user and so the access token I get do not have access to the user information.
At console.cloud.google.com > My project > Credentials > Oauth Consent Screen the following scopes are visible but seem added by default and I can not edit them: email (googleapis.com/auth/userinfo.email), profile (googleapis.com/auth/userinfo.profile), openid (openid)
But when I test it I get this dialog window:
Instead I should get this:
So with the text "To continue, Google will share your name, email address, language preference, and profile picture with Support Board."
My app is not verified by Google and maybe this is the issue, but after checking everywhere I do not see any docs about it.
I found the answer, the URL must include; scope=email
For instance:
https://accounts.google.com/o/oauth2/auth?scope=email&response_type=code&access_type=offline&redirect_uri=[URL]&client_id=[CLIENT-ID]&prompt=consent
^^^^^^^^^^^
Our DocusSgn integration is currently a two step process:
the user clicks on "Login to DocuSign" whereupon they are redirected to "https://account-d.docusign.com/oauth/auth?response_type=code&scope=signature%20impersonation&client_id=00000000-0000-0000-0000-000000000000&state=00000000-0000-0000-0000-000000000000&prompt=login&redirect_uri=www.stackoverflow.com/app/callback" (for example) where they login, so that we can get an authentication.
we have the templates populated from DocuSign using the authentication. The user selects the template and clicks "Go to DocuSign" where upon a popup takes them to "https://appdemo.docusign.com/documents/details/c921ac4b-fdae-48a9-a70e-5d8a4e3e0089" for example.
The problem is that the user is forced to login both times. The expectation is that after the initial login during step 1, the user would not need to login again in step 2 since the domain names match (and DocuSign would create session cookies for the login).
Is there any way/process that we can follow which would allow us to not have to do this awkward double login?
thanks in advance!!!
First Login is the OAUTH login in which user is giving your IntegratorKey (Client_Id) access to call DS ESign APIs and impersonate user on the user's behalf. Using this flow you will never get access to bypass DS Weblogin page to access the page hosted by DocuSign like the one which you have - https://appdemo.docusign.com/documents/details/c921ac4b-fdae-48a9-a70e-5d8a4e3e0089. If you want to give access to the user to edit the templates using API then you need to use below API call with the OAUTH Access token:
POST /v2/accounts/{accountId}/templates/{templateId}/views/edit
Documentation for the same is available at:
TemplateViews: createEdit
Our application is using gapi.auth.signin for authentication. The problem is that the account selection drop down list is not presented when user is logged into multiple accounts. Currently, to overcome this the app sets approvalprompt = force, cookiepolicy = url/single_host_origin. Obviously, this is not very efficient.
Is it possible to display multi-user selection drop down list when using gapi.auth.signin?
Shall gapi.auth.authorize be used instead? (Related question)
Thank you.
Google+ Sign-In uses a mechanism that detects when a user has already authorized a Google account. In order to prompt the user to sign in and not automatically sign the user in, you can call gapi.auth.signout from the JavaScript client as demonstrated here:
http://wheresgus.com/signindemo
However, on Sign in, the currently active Google account will be automatically signed in. Please comment on the Google+ issue tracker, this might be a bug.
I'm making a website for a football club. they have one google calender (and just one google account). on the website I'd like to have a list of upcoming events. So I've to access to Google Calendar via Google API. For Authorisation I've to use OAuth2. Is it possible to login with OAuth2 automatically so that the website visitors don't have login always via redirect (to google login site)? For example I make a the login via Java, instead of a user login? Because it's no so comfortable if every user of the website have to login, for just viewing the club calendar.
Not sure it is possible,
Important note concerning your design: if you login automatically to the club's account, it means that everyone that uses this website is logged in to Google Calendar on behalf of the club's user name. hence, everyone can CHANGE the calendar, delete events, etc.
Are you sure you want this to happen?
(you can set the login params to "read-only", but even then, it means that the club shows ALL his calendar to everyone. there is no privacy...)
I suggest that every user logins with his own creds, and the club's calendar can invite all registered users to his events....
Of course, you can do it, and even without giving the access to the visitor if you're doing this on the server side.
You need to do a initial step by hand.
After this step you get a refresh token, with this token you can regenerate the access token which you need to access to the calendar API, for instance to get the upcoming events.
You need to regenerate the access token if the previous access token is expired. In this case you also get an new refresh token. You need to save it, into a database or JSON file.
To get a refresh token you need to pass this options on authorization:
access_type: "offline"
approval_prompt: "force"
Without these options you only get an access token, no refresh token.
Here is the documentation: https://developers.google.com/accounts/docs/OAuth2WebServer#formingtheurl
And here a kind of tutorial: http://www.tqis.com/eloquency/googlecalendar.htm
I am developing an app for iPhone and it basically needs to connect to a Google Calendar API and download some events in the Calendar. (I am the owner of the Calendar)
All the authentication examples that I have seen from 'GTM OAuth 2' require a window for the user to enter his/her user & pass to authenticate the access to his/her Google Calendar. However, my target is a specific Calendar, which I know its username and password. I wonder if there is a way to hardcode the username and password in my Objective-C code and not asking it from the user?
I used to directly write the username and password using the previous GData Calendar API, but it seems that it does not work anymore and I get error 403 for authentication.
I appreciate it if you let me know of your suggestions.
You can save the OAuth 2 refresh token (or more simply the GTMOAuth2Authorization object's persistenceResponseString) and use that in the client app to authorize the requests. You might want a way to provide updated strings for that to the app.