getstation / electron-google-oauth2 Goto Github PK

If you miss to save refresh token in your app or if your refresh token got deleted from your app it would be good to have ability to generate Authorization url with extra option prompt: consent

In code it would look like this
let url = this.oauth2Client.generateAuthUrl({ access_type: 'offline', scope: this.scopes, prompt: 'consent', redirect_uri: http://127.0.0.1:${this.options.loopbackInterfaceRedirectionPort}/callback`
});` because without this param next authorization will generate all tokens except refresh_token.

Hi, I found that if I'm going to refresh the user's token, I need to send a POST request, I didn't find that API in document, so currently I implemented it by myself, but I'm curious is there an API designed for that in this package?

POST https://www.googleapis.com/oauth2/v4/token
Content-Type: application/json

{
  "client_id": <client_id>,
  "client_secret": <client_secret>,
  "refresh_token": <refresh_token>,
  "grant_type": "refresh_token"
}

See https://github.com/googleapis/google-auth-library-nodejs/issues/1384

To reproduce the issue npm install and see audit results. Dependencies trace back to this package.

I keep getting this error thrown when I attempt to create an ElectronGoogleOAuth2 by following your snippets.

const { google } = require('googleapis');
const { app } = require('electron');
const ElectronGoogleOAuth2 = require('@getstation/electron-google-oauth2');

const {client_secret, client_id, redirect_uris } = credentials.installed;
const SCOPES = ['https://www.googleapis.com/auth/drive.readonly'];

const myApiOauth = new ElectronGoogleOAuth2(client_id, client_secret, SCOPES);

Is there any non-hacky way to change the successRedirectURL to a custom one or just let it close the window?

Something like:
myApiOauth.openAuthWindowAndGetToken(successRedirectURL="https://localhost/?loginresult=done")

This happens at the line:

import ElectronGoogleOAuth2 from '@getstation/electron-google-oauth2'

and I do not really understands what it wants.

Isn't CLIENT_SECRET not actually a secret?
Is it okay not to conceal CLIENT_SECRET?

 const myApiOauth = new ElectronGoogleOAuth2(
    'CLIENT_ID',
    'CLIENT_SECRET',
    ['https://www.googleapis.com/auth/drive.metadata.readonly']
  );

In case you need to retrieve CLIENT_SECRET on the client side, there might be a security vulnerability regardless of where it's stored...
I might just not be understanding it correctly, but I would greatly appreciate some advice or specific solutions.

When I package the app for usage in Mac App Store I get the following error when trying to do the Google OAuth process. I think the error comes from the line this._server.listen(port) in LoopbackRedirectServer.js. Any ideas?

After sign in, the browser window should redirect to the local server and should be closed automatically.

Electron doesnot support import from syntax

The remote module was replaced by @electron/remote in Electron v14, I think we should use it also here.

There is no refresh_token provided with the result. What os the right way to do it with this helpful library?

Hi, I have an Electron + Vue project (no TypeScript), and when I trying to use your library, I'm getting the next error when I trying to openAuthWindowAndGetTokens:

ReferenceError: __awaiter is not defined
at ElectronGoogleOAuth2.openAuthPageAndGetAuthorizationCode (index.js?0322:85)
at ElectronGoogleOAuth2.openAuthWindowAndGetAuthorizationCode (index.js?0322:82)
at ElectronGoogleOAuth2.getAuthorizationCode (index.js?0322:74)
at ElectronGoogleOAuth2.openAuthWindowAndGetTokens (index.js?0322:122)
at _callee4$ (index.js?f1e9:22)
at tryCatch (runtime.js?96cf:62)
at Generator.invoke [as _invoke] (runtime.js?96cf:296)
at Generator.prototype.(:8081/anonymous function) [as next] (webpack-internal:///./node_modules/regenerator-runtime/runtime.js:114:21)
at asyncGeneratorStep (asyncToGenerator.js?1da1:3)
at _next (asyncToGenerator.js?1da1:25)

My code:

const clientDetails = require('./client_secret.json');
const myApiOauth = new ElectronGoogleOAuth2(
  clientDetails.client_id,
  clientDetails.client_secret,
  [
    'https://www.googleapis.com/auth/drive.metadata.readonly',
    'https://www.googleapis.com/auth/spreadsheets',
  ],
);

myApiOauth.on('tokens', async (tokens) => {
  if (tokens.refresh_token) {
    await saveToken(tokens);
  }
});

const savedToken = await loadToken();

if (savedToken !== null) {
  myApiOauth.setTokens(savedToken);
} else {
  try {
    const token = await myApiOauth.openAuthWindowAndGetTokens();
    await saveToken(token);
    myApiOauth.setTokens(token);
  } catch (err) {
    debugger;
    console.error(err);
  }
}

So I copied your code and removed all TypeScript references, and it works.
You can use this commit from my PR to reproduce the bug, just install your package with yarn and change the import:
https://github.com/baruchiro/israeli-bank-scrapers-desktop/blob/81792211d4dd8650f4a85d3aa37b39fdb636380a/src/modules/googleOauth/index.js#L1

Hi,
Thank you so much for writing this plugin. I'm trying to authenticate and it works perfectly until I sign in and give permission, it takes me to a screen where it wants me to copy and paste the code instead of returning it to the callback in the code.

Perhaps I'm doing something wrong. Can you please assist me?

You are a life saver, thanks!

We're using this library, and Dependabot just alerted us to a problem with it:

Dependabot cannot update node-forge to a non-vulnerable version
The latest possible version that can be installed is 0.9.2 because of the following conflicting dependency:
@getstation/[email protected] requires node-forge@^0.9.0 via a transitive dependency on [email protected]
The earliest fixed version is 0.10.0.

Looking through the yarn.lock file, it looks like google-p12-pem is a dependency of gtoken, which is a dependency of google-auth-library-nodejs. Would it be possible to upgrade the google-auth-library-nodejs dependency?

    myApiOauth.setTokens({
      refresh_token: credentials.refresh_token
    });
  } else {
    myApiOauth.openAuthWindowAndGetTokens()
      .then(token => {
}

I still don't 100% understand what is happening here...
I'm used to using python and a library that creates a file: credentials.storage (json structure/file)

I've tried to recreate this with the google-oauth2
Can google-oauth2 also create a token_response:

    "token_response": {
        "access_token": "",
        "expires_in": 3599,
        "refresh_token": "",
        "scope": "",
        "token_type": "Bearer"
    },

And scope is not a list?

"scope": "https://www.googleapis.com/auth/spreadsheets openid https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/drive https://www.googleapis.com/auth/userinfo.email",

I also saw 'openid' what's that?

please help me ,
where i have to install the package, in nodejs nodemodules or in angular 7 nodemodules?

It's a pain to generate one API key and client ID for non-developer. So if we use electron to build one client to access google service, seems like this first oauth setup will kill people. :-)

Wonder to know if we can build some automation library to auto generate API key and grant different API permission for regular user.