getstation / electron-google-oauth2 Goto Github PK
View Code? Open in Web Editor NEWA Google OAuth2 module for your Electron app
License: MIT License
A Google OAuth2 module for your Electron app
License: MIT License
If you miss to save refresh token in your app or if your refresh token got deleted from your app it would be good to have ability to generate Authorization url with extra option prompt: consent
In code it would look like this
let url = this.oauth2Client.generateAuthUrl({ access_type: 'offline', scope: this.scopes, prompt: 'consent', redirect_uri:
http://127.0.0.1:${this.options.loopbackInterfaceRedirectionPort}/callback`
});` because without this param next authorization will generate all tokens except refresh_token.
Hi, I found that if I'm going to refresh the user's token, I need to send a POST request, I didn't find that API in document, so currently I implemented it by myself, but I'm curious is there an API designed for that in this package?
POST https://www.googleapis.com/oauth2/v4/token
Content-Type: application/json
{
"client_id": <client_id>,
"client_secret": <client_secret>,
"refresh_token": <refresh_token>,
"grant_type": "refresh_token"
}
See https://github.com/googleapis/google-auth-library-nodejs/issues/1384
To reproduce the issue npm install
and see audit results. Dependencies trace back to this package.
I keep getting this error thrown when I attempt to create an ElectronGoogleOAuth2 by following your snippets.
const { google } = require('googleapis');
const { app } = require('electron');
const ElectronGoogleOAuth2 = require('@getstation/electron-google-oauth2');
const {client_secret, client_id, redirect_uris } = credentials.installed;
const SCOPES = ['https://www.googleapis.com/auth/drive.readonly'];
const myApiOauth = new ElectronGoogleOAuth2(client_id, client_secret, SCOPES);
Is there any non-hacky way to change the successRedirectURL to a custom one or just let it close the window?
Something like:
myApiOauth.openAuthWindowAndGetToken(successRedirectURL="https://localhost/?loginresult=done")
This happens at the line:
import ElectronGoogleOAuth2 from '@getstation/electron-google-oauth2'
and I do not really understands what it wants.
Isn't CLIENT_SECRET not actually a secret?
Is it okay not to conceal CLIENT_SECRET?
const myApiOauth = new ElectronGoogleOAuth2(
'CLIENT_ID',
'CLIENT_SECRET',
['https://www.googleapis.com/auth/drive.metadata.readonly']
);
In case you need to retrieve CLIENT_SECRET on the client side, there might be a security vulnerability regardless of where it's stored...
I might just not be understanding it correctly, but I would greatly appreciate some advice or specific solutions.
After sign in, the browser window should redirect to the local server and should be closed automatically.
Electron doesnot support import from syntax
electron-google-oauth2/src/index.ts
Line 10 in c0bc853
The remote
module was replaced by @electron/remote
in Electron v14, I think we should use it also here.
There is no refresh_token provided with the result. What os the right way to do it with this helpful library?
Hi, I have an Electron + Vue project (no TypeScript), and when I trying to use your library, I'm getting the next error when I trying to openAuthWindowAndGetTokens
:
ReferenceError: __awaiter is not defined
at ElectronGoogleOAuth2.openAuthPageAndGetAuthorizationCode (index.js?0322:85)
at ElectronGoogleOAuth2.openAuthWindowAndGetAuthorizationCode (index.js?0322:82)
at ElectronGoogleOAuth2.getAuthorizationCode (index.js?0322:74)
at ElectronGoogleOAuth2.openAuthWindowAndGetTokens (index.js?0322:122)
at _callee4$ (index.js?f1e9:22)
at tryCatch (runtime.js?96cf:62)
at Generator.invoke [as _invoke] (runtime.js?96cf:296)
at Generator.prototype.(:8081/anonymous function) [as next] (webpack-internal:///./node_modules/regenerator-runtime/runtime.js:114:21)
at asyncGeneratorStep (asyncToGenerator.js?1da1:3)
at _next (asyncToGenerator.js?1da1:25)
My code:
const clientDetails = require('./client_secret.json');
const myApiOauth = new ElectronGoogleOAuth2(
clientDetails.client_id,
clientDetails.client_secret,
[
'https://www.googleapis.com/auth/drive.metadata.readonly',
'https://www.googleapis.com/auth/spreadsheets',
],
);
myApiOauth.on('tokens', async (tokens) => {
if (tokens.refresh_token) {
await saveToken(tokens);
}
});
const savedToken = await loadToken();
if (savedToken !== null) {
myApiOauth.setTokens(savedToken);
} else {
try {
const token = await myApiOauth.openAuthWindowAndGetTokens();
await saveToken(token);
myApiOauth.setTokens(token);
} catch (err) {
debugger;
console.error(err);
}
}
So I copied your code and removed all TypeScript references, and it works.
You can use this commit from my PR to reproduce the bug, just install your package with yarn
and change the import:
https://github.com/baruchiro/israeli-bank-scrapers-desktop/blob/81792211d4dd8650f4a85d3aa37b39fdb636380a/src/modules/googleOauth/index.js#L1
Hi,
Thank you so much for writing this plugin. I'm trying to authenticate and it works perfectly until I sign in and give permission, it takes me to a screen where it wants me to copy and paste the code instead of returning it to the callback in the code.
Perhaps I'm doing something wrong. Can you please assist me?
You are a life saver, thanks!
We're using this library, and Dependabot just alerted us to a problem with it:
Dependabot cannot update node-forge to a non-vulnerable version
The latest possible version that can be installed is 0.9.2 because of the following conflicting dependency:
@getstation/[email protected] requires node-forge@^0.9.0 via a transitive dependency on [email protected]
The earliest fixed version is 0.10.0.
Looking through the yarn.lock file, it looks like google-p12-pem is a dependency of gtoken, which is a dependency of google-auth-library-nodejs. Would it be possible to upgrade the google-auth-library-nodejs dependency?
myApiOauth.setTokens({
refresh_token: credentials.refresh_token
});
} else {
myApiOauth.openAuthWindowAndGetTokens()
.then(token => {
}
I still don't 100% understand what is happening here...
I'm used to using python and a library that creates a file: credentials.storage (json structure/file)
I've tried to recreate this with the google-oauth2
Can google-oauth2 also create a token_response:
"token_response": {
"access_token": "",
"expires_in": 3599,
"refresh_token": "",
"scope": "",
"token_type": "Bearer"
},
And scope is not a list?
"scope": "https://www.googleapis.com/auth/spreadsheets openid https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/drive https://www.googleapis.com/auth/userinfo.email",
I also saw 'openid' what's that?
please help me ,
where i have to install the package, in nodejs nodemodules or in angular 7 nodemodules?
It's a pain to generate one API key and client ID for non-developer. So if we use electron to build one client to access google service, seems like this first oauth setup will kill people. :-)
Wonder to know if we can build some automation library to auto generate API key and grant different API permission for regular user.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.