google-signin icon indicating copy to clipboard operation
google-signin copied to clipboard
verified publisher icon GoogleWebComponents

Auth error with Chrome extension: Invalid Cookie Policy

Open yaraju opened this issue 10 years ago • 9 comments

When using google-sign-in on Chrome extension, loading the page directly like so:

chrome-extension://mylongid/my-element/demo.html

With the following tag in my custom element:

<google-signin client-id="myextensionclientId" scopes="https://www.googleapis.com/auth/userinfo.email" width="iconOnly" brand="short"></google-signin>

I get the following error::

Error: Uncaught gapi.auth2.ExternallyVisibleError: Invalid cookiePolicy

tY  @   cb=gapi.loaded_0:120
_.hN    @   cb=gapi.loaded_0:133
AuthEngine.initAuth2    @   google-signin-aware.html.0.js:139
(anonymous function)    @   api.js?onload=https___apis_google_com_js_api_js_onload___callback___api_loaded:7
ga  @   api.js?onload=https___apis_google_com_js_api_js_onload___callback___api_loaded:1
v.(anonymous function).b    @   api.js?onload=https___apis_google_com_js_api_js_onload___callback___api_loaded:7
v.(anonymous function)  @   api.js?onload=https___apis_google_com_js_api_js_onload___callback___api_loaded:7
I.(anonymous function)  @   api.js?onload=https___apis_google_com_js_api_js_onload___callback___api_loaded:7
(anonymous function)    @   cb=gapi.loaded_0:1

yaraju avatar Jun 27 '15 05:06 yaraju

Subsequently a red icon with no "g" shows up. On Clicking the red button, I get the following error:

Uncaught TypeError: Cannot read property 'currentUser' of nullAuthEngine.signIn @ google-signin-aware.html.0.js:326Polymer.signIn @ google-signin-aware.html.0.js:493Polymer.signIn @ google-signin.html.0.js:407handler @ polymer.html.0.js:361decorated @ polymer.html.0.js:3119

yaraju avatar Jun 27 '15 05:06 yaraju

My suspicion is that this is an issue with the Google Signin API not working from chrome-extension:// origin. cc @Zoramite

ebidel avatar Jun 27 '15 12:06 ebidel

Yes, gapi generally doesn't get along well with Chrome extensions, see for example: https://github.com/google/google-api-javascript-client/issues/64

The preferred way for authentication inside of Chrome extensions is the Chrome Identity API which would probably be out-of-scope for this element.

Scarygami avatar Jun 27 '15 21:06 Scarygami

I suppose an alternative would be to somehow proxy these calls through the background script, so that the element just gets the status, or a Sign-in button to trigger auth flow on the background script

But this would probably fall within the scope of a separate set of extensions that work on Chrome Apps/Extensions, and not within the core GoogleWebComponents? Is there a more appropriate place where I can put in or track a request for such a set of components from the Polymer team? (Or would that be the Chrome team?)

yaraju avatar Jun 28 '15 04:06 yaraju

I think the Chrome Identity API wouldn't be the best fit here - agree on it being out of scope. The element should focus on the 90% use-case. We could (potentially) document some of the workarounds needed if operating in an extensions world, but imo my take is we should avoid baking in workarounds here into the element itself.

addyosmani avatar Jun 28 '15 11:06 addyosmani

I'm getting the exact same errors during build and onClick() when I run my Polymer project on my device using Cordova. Is that related? The code works as expected when I run locally on my desktop.

JeffPinkston avatar Oct 14 '15 21:10 JeffPinkston

Could you use oauth2 the way it is intended for installed applications in this use case?

https://developers.google.com/identity/protocols/OAuth2InstalledApp

That would be a nice addition to google-signin, it is not an uncommon request, and we could hide the differences under the hood.

atotic avatar Oct 15 '15 04:10 atotic

I am getting the same error.

srikanta72 avatar Mar 13 '20 12:03 srikanta72

how to solved this issue, on chrome extension.

harleenarora avatar Jul 19 '21 18:07 harleenarora