Hi,
I'm using a backend to serve an angularjs application which authenticates the user before sending the index.html.
I want to authenticate on the client side to communicate with an endpoints api without having to consent again. The endpoints api and the backend are two modules of the same application (same client id).
I use gapi.auth2 with prompt:'none' as in the code below, but it does not work.
A popup is opening each time (and blocked by the browser) and if I do not unblock it manually, the promised returned is never resolved.
function login() {
return getAuthInstance()
.then(function (data) {
var GAuth = data.gauth;
GAuth.signIn({"prompt": "none"})
.then(function () {
console.log('TOKEN', GAuth.currentUser.get().getAuthResponse().id_token);
//never prints
});
});
}
function init() {
gapi.load('client:auth2', start);
function start() {
console.log('Init');
GAuth = gapi.auth2.init(config);
GAuth.then(function () {
deferred.resolve({gauth: GAuth});
});
}
}
function getAuthInstance() {
return deferred.promise;
}
It is working with gapi.auth and the immediate:true option and I can get a token without opening a popup, but this API is deprecated.
Did you find the solution?
I did something that worked for me:
@ZeMaTT @gilrm92 we are working on implementing the same behavior than gapi.auth in gapi.auth2. I'll update this thread when it's released!
gapi.auth2.getAuthInstance().grantOfflineAccess() also opens a popup even if the user has previously allowed offline access. gapi.auth.authorize used to give me response.code directly. Unfortunately, i can only get resp.code from grantOfflineAccess in auth2 so I have to use it but i see a popup open for a second and then it closes automatically. Is there a way to get resp.code from auth2.init directly?
Hi @Divya1k5, it will soon be possible, we are working on a new feature that would allow that. I'll update this thread as soon as it is released!
@Divya1k5, @gilrm92 @ZeMaTT, the new feature has been released: https://developers.google.com/identity/sign-in/web/reference#advanced
@ZeMaTT and @gilrm92, for your use case, you can use the new gapi.auth2.authorize this way:
gapi.auth2.authorize({
client_id: <CLIENT_ID>,
scope: <SCOPES>,
prompt: 'none',
response_type: 'token id_token'
}, function(result) {
if (error) {
// An error happened.
return;
}
let accessToken = result.access_token;
});
If the user has pre-approved the scopes for your application, this will load an access_token and id_token without any UI. The token will automatically be shared with gapi.client to perform authenticated requests to Google APIs. However, note that you will have to call this method every time the access_token expires, to get a fresh one.
@Divya1k5, you can use the new gapi.auth2.authorize method to load an authorization code without user interaction.
gapi.auth2.authorize({
client_id: <CLIENT_ID>,
scope: <SCOPES>,
prompt: 'none',
response_type: 'code'
}, function(result) {
if (error) {
// An error happened.
return;
}
let code = result.code;
});
If the user has already pre-approved the scopes for the application, it will return an authorization code. However, this code is only exchangeable for an access_token, not a refresh_token. You need user interaction to get a refresh_token.
Please let me know if that works for your use cases!
@TMSCH the prompt: none fixed the issue i was facing earlier. thanks a lot.
Glad it's working, thanks for the update @Divya1k5!
@TMSCH @Divya1k5 The popup doesn't appear ? I still have the popup that appears :-/
@torzuoliH are you using the prompt: 'none' option, in the gapi.auth2.authorize call?
@TMSCH sorry for that late ! I'm using 'immediate: false' and it's working now :)
@torzuoliH immediate: 'false' is not a parameter of gapi.auth2.authorize so does not have any effect, you can remove it.
Closing the issue as resolved.
gapi.auth2.authorize({
client_id:
scope:
prompt: 'none',
response_type: 'code'
}, function(result) {
if (error) {
// An error happened.
return;
}
let code = result.code;
});
I m getting this error as below using above code:-
error: "immediate_failed", error_subtype: "no_user_bound"
How to solve this ?
@navi771 this can happen when you have several Google Accounts logged into the browser. In such case, you have to let the user choose an account (remove the prompt: 'none' param) or provide the email address of the user's account with a login_hint param to the authorize call.
Though prompt: 'none', option is used it returns error {"error":"immediate_failed","error_subtype":"access_denied"} . Please share any clue or probable fix.
`
gapi.client.setApiKey(apiKey);
gapi.auth2.authorize({
client_id: clientId,
scope: 'https://www.googleapis.com/auth/contacts.readonly',
prompt: 'none',
response_type: 'id_token permission',
login_hint: '[email protected]'
}, function(response) {
//Actual return: {"error":"immediate_failed","error_subtype":"access_denied"}
if (response.error) {
// An error happened!
return;
}
// The user authorized the application for the scopes requested.
var accessToken = response.access_token;
var idToken = response.id_token;
// You can also now use gapi.client to perform authenticated requests.
});
`
Hi I am trying to implement a multi login through gapi to my app. I am able to perform the auth and everything, the only thing im not sure is how to automatically log the user in if the token has expired (aka get a new token without the need of the user to prompt the window again). Also I wonder how could I share the permissions of the account logged to more people without the need of them to login.
Thank you
Most helpful comment
@Divya1k5, @gilrm92 @ZeMaTT, the new feature has been released: https://developers.google.com/identity/sign-in/web/reference#advanced
@ZeMaTT and @gilrm92, for your use case, you can use the new
gapi.auth2.authorizethis way:If the user has pre-approved the scopes for your application, this will load an
access_tokenandid_tokenwithout any UI. The token will automatically be shared withgapi.clientto perform authenticated requests to Google APIs. However, note that you will have to call this method every time theaccess_tokenexpires, to get a fresh one.@Divya1k5, you can use the new
gapi.auth2.authorizemethod to load an authorization code without user interaction.If the user has already pre-approved the scopes for the application, it will return an authorization code. However, this code is only exchangeable for an
access_token, not arefresh_token. You need user interaction to get arefresh_token.Please let me know if that works for your use cases!