Chrome Extension identity: OAuth2 request failed: Service responded with error: ‘bad request’

I followed https://developer.chrome.com/extensions/tut_oauth exactly step by step but I am stuck at

https://developer.chrome.com/extensions/tut_oauth#identity_permission

where after I execute my extension, instead of getting the token, I get the error:

Unchecked runtime.lastError while running identity.getAuthToken: 
OAuth2 request failed: Service responded with error: 'bad request'

Please suggest what is the possible cause of this error.

Google Sheet API : “message”: “The request is missing a valid API key.”

I’m trying to make an extencion that will take some data from page and send it to google sheet.
My manifest:

"oauth2": {
        "client_id": "client_id",
        "scopes": ["https://www.googleapis.com/auth/spreadsheets"] 
    },
    "permissions": [
        "activeTab",
        "tabs", 
        "https://*.*/*",
        "storage",
        "declarativeContent",
        "identity",
        "https://ssl.gstatic.com/",
        "https://www.googleapis.com/*",
        "https://accounts.google.com/",
        "https://sheets.googleapis.com/",
        "https://www.googleapis.com/auth/spreadsheets/"
    ],
    "key": {key}

background page:

var tokenS;
chrome.runtime.onInstalled.addListener(function() {
  chrome.storage.sync.set({number: value}, function(data) {
  });
    chrome.identity.getAuthToken({
        interactive: false
    }, function(token) { 
        tokenS = token
        console.log(token)
    });
});
function writeData(request, sender){
    myspreadsheetId = "myspreadsheetId " 
    var params = {
        "range":"Sheet1!A1:A",
        "majorDimension": "ROWS",
        "values": [
            [request.name]
        ],
    }
    var xhr = new XMLHttpRequest();
    xhr.open('PUT', 'https://sheets.googleapis.com/v4/spreadsheets/' + myspreadsheetId + '/values/Sheet1!A1:A1?valueInputOption=USER_ENTERED');
    console.log(tokenS)
    xhr.setRequestHeader('Authorization', 'Bearer '+tokenS);
    xhr.send(JSON.stringify(params));
};
chrome.runtime.onMessage.addListener(writeData)

I receive next error:

{
  "error": {
    "code": 403,
    "message": "The request is missing a valid API key.",
    "status": "PERMISSION_DENIED"
  }
}

at google cloud platform I see a 100% error ratio (http://prntscr.com/jvfl0c). And I do not understand what I’m doing wrong. Pleasse help.

chrome extension launchWebAuthFlow error

chrome.identity.launchWebAuthFlow
method always throw error Authorization page could not be loaded.

When requesting with:

"&redirect_uri=http://localhost:8080"
the Google’s auth popup appears but after you sign in: error appears.

"&redirect_uri=" + chrome.identity.getRedirectURL() error throws immediately

I need to login Google from Opera extension so getAuthToken will not work for me.

chrome.identity.launchWebAuthFlow logout/switch user

I make users login to my chrome extension through my own OAuth2 API which uses google signin, through chrome.identity.launchWebAuthFlow with interactive set to true, and it works fine, user is prompted to sign in with google account, I get redirect url in my extension’s background script, parse access token from it and everything is fine until I need to logout this user and make it possible to sign with other account.
When I try running chrome.identity.launchWebAuthFlow with interactive set to true again, nothing pops up, but redirect url is returned in background and access token is picked up for previously logged in user, so I’m unable to make my users switch account.

Is there any solution for this?

Switching YouTube user with OAuth2 shows previous user’s data in Chrome

I have a Chrome Packaged App that uses oauth2 to authenticate to YouTube. I’m using YouTube to determine the user’s channel (via the channel endpoint).

It works for the first user authenticated. But if I switch to a different user, the same YouTube call returns the previous user’s data (i.e. channel).

Here are the steps I’m going through.

  1. I get my auth token via a call to getAuthToken:
    chrome.identity.getAuthToken({ interactive: true, scopes: ['https://www.googleapis.com/auth/youtube'] })

  2. I get their channel information. I make a call to the channels endpoint like so:

    const url = 'https://www.googleapis.com/youtube/v3/channels?part=snippet&mine=true';
    const headers = { Authorization: `Bearer ${token}` };
    const config = {
    url,
    method: 'get',
    headers,
    responseType: 'json',
    };
    return axios(config);

  3. This works! The result of the call gives me the channel information.

  4. The user removes their account. I use the same sequence of calls that the Google Demo uses (like this example):

    a. call chrome.identiy.removeCachedAuthToken({ token }) with the token
    b. call https://accounts.google.com/o/oauth2/revoke?token=${token} to revoke it

  5. Everything is cleared out, I think.
    If I look at chrome://identity-internals/ I still see the token, but the Token Status is set to Not Found

The issue:

  1. I repeat from step 1, but I chose a different user.
  2. I confirm that I get a new token that is different than the one I had previously
  3. The call to the YouTube channels api returns the previous user’s channel.

Enable Google API for “googleapis.com/auth/userinfo”

I am developing a Google Chrome Extension. I would like to be able to access the user profile info, using the data from these endpoints:

https://www.googleapis.com/auth/userinfo

https://www.googleapis.com/oauth2/v1/userinfo

I don’t seem to have access to these resources. From my web searches, it looks like I may need to enable a library API in the Google Developers Console. But I looked there and cannot find an appropriate API to enable. Does anyone know which API I should enable?

chrome.identity.getAuthToken: proper error documentation

ChromeOS Version 63.0.3239.140 (Official Build) (64-bit)

Hi there,

I got several different errors while using https://developer.chrome.com/apps/identity#method-getAuthToken but couldn’t find any (doc) information about the actual meaning of those errors or their solutions. I’m building a new chrome extension.

Problem:
However, I get a “The user is not signed in.”-error when calling chrome.identity.getAuthToken({interactive: true}) from a browser-action popup context.

Expected behavior:
My code is derivated from https://github.com/firebase/quickstart-js/blob/master/auth/chromextension/credentials.js which works nicely by showing a Google sign-in page.

Hint:
I didn’t upload/publish my extension to the Chrome web store as Google requires a registration fee and I don’t own a credit card. This is the only distinction I’m able to discover.

Manifest:

{
  "manifest_version": 2,

  "name": "Hull",
  "description": "Archives all web requests.",
  "version": "1.0",
  "content_security_policy": "script-src 'self' https://www.gstatic.com/ https://*.firebaseio.com https://www.googleapis.com; object-src 'self'",
  "oauth2": {
    "client_id": "354393906319-rn6mosmrpisn6n8ru5n930a8hspqthjn.apps.googleusercontent.com",
    "scopes": [
      "https://www.googleapis.com/auth/userinfo.email"
      ]
  },
  "browser_action": {
    "default_popup": "popup.html"
  },
  "permissions": [
    "identity",
    ""
  ],
  "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5fm22ivystD4/Me0vIM/T+9I3CvBY8nb8GacdMADE7Xn6VauUqNUzpeZWZGh4gjj9SpryVGeMWiCBaLvbveqbcTIvx0WF6ltFqJBOcqEaZs9LwYsGf+38PUWuQ6bY9G67AjWuw3A0PB9+ilPC/VYH8gHIoBesu6yE2yOdJ2eUhXzT3+eAnPNhUvpMK+ZFuxCurqpvRXIGVU+xYonWQ6c/cK/oLjHQPBiEjnyg/bsqcg/4rZZA9Ux7GbbfFgWHdRRACR+mWSviEkzI7DDHTcHg6pchLzUhAzoy3LbZGTxrpHp7fcN5PLcVPNrhtS3v6OgALnOBVAVuKXS/vtK8rqvQIDAQAB"
}

Popup.js:

document.querySelector("input").addEventListener("click", () => {
  const result = chrome.identity.getAuthToken({interactive: true}, token => {
        console.log("token", token);
    });
});

So, where can I find information about any chrome.identity related errors and is uploading/publication necessary to get the identity methods working.

Thanks in advance.

BTW: I read https://developer.chrome.com/apps/app_identity but that site only state that methods throw errors in general and doesn’t list nor explain them in detail.

Chrome.identity. How to prolong Google authentication token in Chrome extensions?

I’m developing an extension, which requests authentication with Google Calendar.

The built-in method in Chrome API chrome.identity works almost fine, but there is the issue.

Let’s say, a user is authorized in Chrome with account [email protected], but wants to get an access to another account [email protected].

While starting the extensions, I run chrome.identity.getAuthToken({interactive: true}), user authorises the extension, and I get the token.

The problem appears, specifically with the secondary account. The auth token expires, approximately in an hour. And the only way to get a new one chrome.identity.getAuthToken({interactive: true}), i.e. users interaction is required.

Although, if a user chooses authentication with primary account [email protected], I can just run chrome.identity.getAuthToken({interactive: false}) to refresh auth token.

And the question is how can I prolong the lifetime of auth token if a user chooses the secondary account [email protected] without users interaction?

Thanks.

How can i safely pass access token generated from Google OAuth to a NodeJS REST API?

I am creating two application :
1. Chrome extension for gmail.
2. It’s IOS version

Now, since both the applications have same behavior and uses same google apis extensively, i decided to create a single project in google cloud platform for both. Now, when creating credentials, what will be my application type? I see both ‘IOS‘ and ‘Chrome App‘ under application type. Should i generate two Client IDs for chrome app and ios app?

To use single Client ID, i also tried creating a Node REST API (created a new project and set application type to ‘web application‘ in google cloud platform) that will be used by both of my application to make request to google apis? But the authorization process includes, setting a callback url to get the authorization code and later use this code to get the access token. I guess this is not feasible for a REST API. Where should i keep the authorization part? In the application itself and later send the access token to my rest api? Is it possible?

I am very much confused about how should i start. Please could anyone suggest a better way to do this?

Gmail account authorization instead of chrome google account authorization

I am working on a chrome extension in which I want to use Gmail API. I am using OAuth2 using chrome.identity.getAuthToken() for authorization.

Let’s say I have two gmail accounts and both are open in two tabs at the same time-
1. [email protected] (Chrome signed in)
2. [email protected]

Right now, when I sign in to my extension, I get a modal which show only one account [email protected]

First, I want that the authorize modal should show both the accounts for choice.

Now, if I am authorized with [email protected], then I can get the auth token any number of times I want. But the problem is, I can also get auth token from [email protected] at the same time even though I am authorized with [email protected]

What am I doing wrong? Please give me a solution for it.

Thanks in advance!