why is getting oAUTH2 token failing in the Chrome Extension?

Question

I have a Chrome Extension that needs to authenticate the user. Once authenticated, I will send that user's email to my server running in Docker and then log them in. I am having trouble getting the token. Here is the code:

         chrome.identity.getAuthToken({ 'interactive': true  }, function(token) {
            if (chrome.runtime.lastError) {
                currentSessionAccessToken=token;
                        alert(chrome.runtime.lastError.message);
                //alert("you need to have a gmail account");    //ubuntu
              return;
          }
          

          currentSessionAccessToken=token;
          var x = new XMLHttpRequest();
          x.open('GET', 'https://www.googleapis.com/oauth2/v2/userinfo?alt=json&access_token=' + token);
          
          x.onload = function() {
              if (x.readyState=200)
              {
 
              var data=this.responseText;
              jsonResponse = JSON.parse(data);
              photo = jsonResponse.picture;
              szName=jsonResponse.name;
              email=jsonResponse.email;
                x.abort();  //done so get rid of it 
                
              send_to_backend(request, sender, sendResponse);
              };
          }  
              
              
          x.send();
          
           }

The problem is that I am not getting back an access token. The backend (at this time) is also on my laptop (localhost) but in a docker container. I don't have an SSL cert for my localhost and I am wondering if that is the issue? I am never getting a token so I never get to send it with the XMLHttpRequest, and thus I never get a ReadyState=200. Any idea what is wrong?

Answer 1

Turns out that in order to get "identity" working you must publish to the Google WebStore. The reason I stayed away from that is that it often takes weeks to get a site reviewed. I have had that experience in the past. I haven't really nailed down the new URL that will be using and wanted to get the system working before I did that. Now that I submitted for Review, I guess I have some time, and will "dummy up" the steps needed (ie authentication) to continue the development work. Thanks Micah for pointing out the manual. This led to me realizing that there is no way to get "identity" working without getting approval from Google.

Answer 2

Did you register your app for Google OAuth API access and designate the oauth field in the manifest?

From the documentation on user auth:

Copy key to your manifest

When you register your application in the Google OAuth console, you'll provide your application's ID, which will be checked during token requests. Therefore it's important to have a consistent application ID during development.

To keep your application ID constant, you need to copy the key in the installed manifest.json to your source manifest. It's not the most graceful task, but here's how it goes:

1. Go to your user data directory. Example on MacOs: ~/Library/Application\ Support/Google/Chrome/Default/Extensions
2. List the installed apps and extensions and match your app ID on the apps and extensions management page to the same ID here.
3. Go to the installed app directory (this will be a version within the app ID). Open the installed manifest.json (pico is a quick way to open the file).
4. Copy the "key" in the installed manifest.json and paste it into your app's source manifest file.

Get your OAuth2 client ID

You need to register your app in the Google APIs Console to get the client ID:

1. Login to the Google APIs Console using the same Google account used to upload your app to the Chrome Web Store.
2. Create a new project by expanding the drop-down menu in the top-left corner and selecting the Create... menu item.
3. Once created and named, go to the "Services" navigation menu item and turn on any Google services your app needs.
4. Go to the "API Access" navigation menu item and click on the Create an OAuth 2.0 client ID... blue button.
5. Enter the requested branding information, select the Installed application type.
6. Select Chrome Application and enter your application ID (same ID displayed in the apps and extensions management page).

Once you register your app you need to add something like this to your manifest:

"oauth2": {
    "client_id": "YOUR_CLIENT_ID",
    "scopes": ["scope1", ...]
}