Using Oauth2 with chrome.identity

[James Mortensen]

I'm using chrome.identity in a packaged app to log a user in using Facebook. The process is that I call chrome.identity.launchWebAuthFlow, and then I take the access token, send it to the server, and that access token is used to verify the user is who he/she says he/she is. The server returns the corresponding app-specific user data.

Works great with Facebook, Instagram, and Github. My guess is it would work great with Twitter as well.  But for some reason, it doesn't work for Google. For some reason, Google's OAuth appears to be special. When I try to invoke it, I get the following error message:

identity.launchWebAuthFlow: Authorization page could not be loaded. at Object.phone.loginWithGoogle (chrome-extension://fpffjpnonidfnlmiofkbllmomhpplpoa/designB/SynclioLocalUI/login.js:168:25) at HTMLDivElement.<anonymous> (chrome-extension://fpffjpnonidfnlmiofkbllmomhpplpoa/designB/SynclioLocalUI/login.js:331:19) at HTMLDivElement.jQuery.event.dispatch (chrome-extension://fpffjpnonidfnlmiofkbllmomhpplpoa/designB/SynclioLocalUI/js/jquery-1.8.2.js:3063:9) at HTMLDivElement.elemData.handle.eventHandle (chrome-extension://fpffjpnonidfnlmiofkbllmomhpplpoa/designB/SynclioLocalUI/js/jquery-1.8.2.js:2681:28)

I've added the extensionid.chromiumapp.org to the list of redirect URLs in the API Console. The error message doesn't really say what is wrong. If I paste the entire auth url in the browser, it redirects just fine.  Below is an example:

https://accounts.google.com/o/oauth2/auth?scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile%20https%3A%2F%2Fwww.google.com%2Fm8%2Ffeeds%2F&response_type=code&client_id=UNIQUE_CLIENT_ID.apps.googleusercontent.com&state=default&redirect_uri=https://fpffjpnonidfnlmiofkbllmomhpplpoa.chromiumapp.org/provider_cb

Now, I see there is a chrome.identity.getAuthToken, but since OAuth2 should be OAuth2 regardless of the provider, I expect that this would just work.  When I try using getAuthToken, I'm forced to login to the browser, which I don't want to do because it disrupts the user workflow and activates things we don't want to activate, like sync, which causes our Webrtc app to replicate itself across a user's browsers, creating problems trying to deliver calls to them every call every time and doesn't make our users awesome at providing good service to their leads and customers.

Is there a workaround for this? We'd love to use the power of Google OAuth2, without having all of these other services forced on us.  We just want to use it to authenticate, light, lean, and simple.

Thank you!

James Mortensen

[Alyona Chornaya]

Hello, James! You have written "I'm using chrome.identity in a packaged app to log a user in using Facebook. The process is that I call chrome.identity.launchWebAuthFlow, and then I take the access token, send it to the server, and that access token is used to verify the user is who he/she says he/she is. The server returns the corresponding app-specific user data.

Works great with Facebook"

But how? I am trying to do authorization in my packaged app using facebook. I have already done it using Google+. But all my attempts failed. Could you show (give) me an example/sample of your code where you take the access token of user in using Facebook? 

I will be very thankful to you!
Best regards
Alyona Chornaya

вторник, 13 августа 2013 г., 2:35:09 UTC+3 пользователь James Mortensen написал:

[James Mortensen]

Instagram and Facebook are virtually identical in how their API's work for OAuth. Just take the sample chrome.identity app for Instagram and then replace all the Instagram data with the stuff for Facebook:

https://github.com/GoogleChrome/chrome-app-samples/tree/master/instagram-auth

Good luck,

James

[Cyrus Adkisson]

Hi James. I'm experiencing the same issue, here. My launchWebAuthFlow() is working perfectly for Facebook, but with Google I get the "Authorization page could not be loaded." error as well. 

Did you ever get to the bottom of it?

[François Beaufort]

Can you share your code so that we can help you?

[kristofer dev]

I also fail to get the launchWebAuthFlow samples working. I get the interactive sign in screen but then the callback url is undefined and chrome.runtime.lastError.message is set to:

 "Authorization page could not be loaded."

which is not very helpful (glanced at the chrome source and found a todo to add a better description). I have double checked the ids many times.

I want to get this working with google, but I also tried with the instagram auth sample with my own client id, but that gives me the same error. 

Does anyone have more information? What could be wrong? 

Is there a way I can check the redirect url? I use chrome.identity.getRedirectURL() and have made sure the trailing '/' is there.

Thanks

[Prem Santh]

I have been facing the exactly the same problem.
I don't face this problem most of the time, happens only on rare occassion that too only in Production app, around 5 errors when 45 successful, so i face this only 10% of times.
Wasn't able to reproduce it in local app.
Added loggers to check the redirect url and chrome.runtime.error, redirect url has no problem works as expected, the runtime error says  "Authorization page could not be loaded."
checked the browser versions too.. the problem is not related to particular browser version
This is how my code looks like,
 
chrome.identity.launchWebAuthFlow({'url': authUrl, 'interactive': true}, function (redirectUrl) {

   console.log(redirectUrl); // this is undefined on very few occasions

}

1. Is that a problem with chrome.identity or am i missing out something
2. Is there any other alternative to chrome identity that i can use to avoid this facing this error