Sunday, May 19, 2024
Homepage · google-cloud-platform
 Popular · Latest · Hot · Upcoming
171
rated 0 times [  174] [ 3]  / answers: 1 / hits: 7186  / 2 Years ago, tue, march 8, 2022, 12:00:00

I read the information and examples from the Sign in with Google Guides and the Google Identity Services JavaScript SDK Guides and I managed to set up authorization using Tokens to Google Cloud APIs. Unfortunately, I still get a login prompt to select my Google Account every time I load the page even after the user consent has been given on first login.


I saw that requestAccessToken allows specifying a user email as hint via OverridableTokenClientConfig for the login, but even if I specify the hint I still get the login prompt every time requestAccessToken is running.


Ultimately, I want to use Sign in with Google to allow the user to automatically sign in and provide user information like email to the app. Then requestAccessToken should use that email to request the token without prompting the user again (except for the first time where the user needs to give consent to the devstorage.full_control scope).


This is the current code I'm using (to run it, you need to insert a valid clientId, bucket and object):


<html>

  <head>

    <!-- Google Identity Service see https://developers.google.com/identity/oauth2/web/guides/migration-to-gis#gis-and-gapi -->

    <script src="https://accounts.google.com/gsi/client" onload="initTokenClient()" async defer></script>

    <script>

        var tokenClient;

        var access_token;

        var clientId = '123456789012-abcdefghijklmnopqrstuvxyz123456.apps.googleusercontent.com';

        var email = '[email protected]'

        var bucket = 'private-bucket'

        var object = 'private-object.json'



        function initTokenClient() {

            tokenClient = google.accounts.oauth2.initTokenClient({

                client_id: clientId,

                scope: 'https://www.googleapis.com/auth/devstorage.full_control',

                callback: (tokenResponse) => {

                    access_token = tokenResponse.access_token;

                },

            });

        }



        function getToken() {

            // Re-entrant function to request user consent.

            // Returns an access token to the callback specified in google.accounts.oauth2.initTokenClient

            // Use a user gesture to call this function and obtain a new, valid access token

            // when the previous token expires and a 401 status code is returned by Google API calls.

            tokenClient.requestAccessToken({

                    hint: email

                }

            );

        }



        function getObject() {

            fetch('https://storage.googleapis.com/storage/v1/b/' + bucket + '/o/' + object + '?alt=media', {

               headers: {

                   'Authorization': 'Bearer ' + access_token

                }

            })

            .then(response => response.json())

            .then(content => console.log(content))

            .catch(err => { console.log(err) });

        }

    </script>

  </head>

  <body>      

    <button onclick="getToken();">Get access token</button>

    <button onclick="getObject()">Load Object</button>    

  </body>

</html>

Getting the access token always opens a login prompt like this


Login


More From » google-cloud-platform
 Answers
1

The login prompt can be prevented by setting an empty prompt parameter in initTokenClient. This will only prompt for the login and user consent on the first login. All further logins will use the selected account from the first login. This still briefly shows a popup with a spinning wheel which usually is gone within a second.


If someone has more information to share on how to get rid of the popup and integrate with Sign in with Google please share as a separate answer.


My full example now looks like this (removing hint and adding prompt):


<html>

  <head>

    <!-- Google Identity Service see https://developers.google.com/identity/oauth2/web/guides/migration-to-gis#gis-and-gapi -->

    <script src="https://accounts.google.com/gsi/client" onload="initTokenClient()" async defer></script>

    <script>

        var tokenClient;

        var access_token;

        var clientId = '123456789012-abcdefghijklmnopqrstuvxyz123456.apps.googleusercontent.com';

        var email = '[email protected]'

        var bucket = 'private-bucket'

        var object = 'private-object.json'



        function initTokenClient() {

            tokenClient = google.accounts.oauth2.initTokenClient({

                client_id: clientId,

                scope: 'https://www.googleapis.com/auth/devstorage.full_control',

                prompt: '',

                callback: (tokenResponse) => {

                    access_token = tokenResponse.access_token;

                },

            });

        }



        function getToken() {

            // Re-entrant function to request user consent.

            // Returns an access token to the callback specified in google.accounts.oauth2.initTokenClient

            // Use a user gesture to call this function and obtain a new, valid access token

            // when the previous token expires and a 401 status code is returned by Google API calls.

            tokenClient.requestAccessToken();

        }



        function getObject() {

            fetch('https://storage.googleapis.com/storage/v1/b/' + bucket + '/o/' + object + '?alt=media', {

               headers: {

                   'Authorization': 'Bearer ' + access_token

                }

            })

            .then(response => response.json())

            .then(content => console.log(content))

            .catch(err => { console.log(err) });

        }

    </script>

  </head>

  <body>      

    <button onclick="getToken();">Get access token</button>

    <button onclick="getObject()">Load Object</button>    

  </body>

</html>

[#292] Friday, February 25, 2022, 2 Years  [reply] [flag answer]
Only authorized users can answer the question. Please sign in first, or register a free account.
yosefleod
Add To Favorites
Follow
Total Points: 113
Total Questions: 100
Total Answers: 115
Location: Egypt
Member since Tue, May 3, 2022
2 Years ago
yosefleod questions
Thu, Apr 22, 21, 00:00, 3 Years ago
Mon, Jul 27, 20, 00:00, 4 Years ago
Sun, Dec 8, 19, 00:00, 5 Years ago
Sun, Sep 29, 19, 00:00, 5 Years ago
Thu, Sep 26, 19, 00:00, 5 Years ago
View All
;