Silent User Authentication
194 views
Skip to first unread message
Vladimir Yankovich
May 13, 2021, 6:35:04 AM5/13/21
to Chromium Extensions
Good afternoon, colleagues. I need your advice on authorization in extensions.
I want my extension to silently authorize at the time of installation through the user account he logged into Chrome. I saw examples of projects in which this is implemented. But, unfortunately, one of them has already been removed by the developer, and I cannot find the second one. Moreover, I see a mention of silent authorization in the documentation of Chrome applications -
https://developer.chrome.com/docs/apps/app_identity/#launchWebAuthFlow-interactive. But I don't understand if this is relevant for extensions.
If silent authorization is possible, what data can I get? Ideally: token, email address, username, and profile photo will be enough for me. I need to create an account and display information for users similar to this - https://take.ms/B08WU.
If silent authorization is possible, what data can I get? Ideally: token, email address, username, and profile photo will be enough for me. I need to create an account and display information for users similar to this - https://take.ms/B08WU.
Tell me, is it possible? Do you know examples of such extensions? What should I study?
Vladimir Yankovich
May 17, 2021, 5:28:39 AM5/17/21
to Chromium Extensions, Vladimir Yankovich
Colleagues, any ideas?)
Simeon Vincent
May 18, 2021, 9:02:08 PM5/18/21
to Chromium Extensions, yankovic...@gmail.com
I assume you've tried calling chrome.identity.getAuthToken({interactive: false}) while the user is logged in to Chrome. If you have and it doesn't work, then I think the short answer is the capability you're after is no longer an option for extensions. I'd be willing to bet that any extensions extensions you've encountered that do this are grandfathered in from an old period of both Chrome extensions and Google OAuth.
The only instance where I've seen this before was a Google Calendar extension created by a Googler but never officially supported by Google.
Cheers,
Simeon - @dotproto
Chrome Extensions DevRel
Vladimir Yankovich
May 19, 2021, 7:17:09 AM5/19/21
to Chromium Extensions, Simeon Vincent, Vladimir Yankovich
Simeon, thank you for your answer.
But I continued to study this issue and drew attention to these permissions in the Manifesto:
- "identity",
- "identity.email",
I got additional permission during installation - https://take.ms/wkRWs. Still, I was able to identify the user immediately after installation using the getProfileUserInfo method from the Chrome Identity API provided that he is authorized in Chrome. Is this true?
Simeon Vincent
May 21, 2021, 3:01:14 PM5/21/21
to Chromium Extensions, yankovic...@gmail.com, Simeon Vincent
I'm sorry, but I don't quite follow the question. If you request the "identity" and "identity.email" permissions, identity.getProfileUserInfo will return a ProfileUserInfo instance which will contain the email address. This email address is the primary account associated with the user's Chrome profile. If the user is not logged into Chrome, the email and id properties of the ProfielUserInfo instance will be empty strings.
Simeon - @dotproto
Chrome Extensions DevRel
Reply all
Reply to author
Forward
0 new messages