I'm working on a Google home application using an external API. I need the current user to be logged in and linked with the external API (access/refresh token provided by the external API).
My approach:
This is where I'm a little confused and stuck. I've managed to setup the sign-in page (Google sign-in, then External API Sign-in) and store it the the firebase database (/users/{google_uid}).
Now that it's in the database, how do I set up the authentification in the Google home app?
Thank you!
In the Firebase console, open the Auth section. On the Sign in method tab, enable the Google sign-in method and click Save.
Using Firebase requires that you as the developer have a Google account. But your app's users don't need to have a Google account, unless you want them to. In fact, if you don't use Firebase Authentication, you can work with completely unidentified users for most services.
First, you need to have a project in console.developers.google.com
and activate the Google Actions API in your project. Then, you should follow these steps:
Whitelist the following redirect URI in your API: https://oauth-redirect.googleusercontent.com/r/
In your API.AI project go to Integrations and enable the Actions on Google Card.
In the setting of the Actions on Google, place your project ID and select Sign in required for the welcome intent and any other intent the user needs credentials.
Below, you will find the OAuth2 fields, like clientID, client secret, authorization URL and token URL. Fulfill it with the OAuth2 information of your API and Authorize the application.
After you authorize, you can Preview the application and it will be available in your Google Home device, and when you invoke for the first time, it will provide a card in your Google Home app to do the linking. If you don`t have a device, there is a Web Simulator where you can test your Action.
For more information access the actions on google documentation.
There are a few issues with how you're thinking about account linking with Actions On Google and Google Home. Google Home doesn't give you direct access to the Google account - instead, it acts like a web browser and the account linking process requires you to issue an OAuth2 token to the Home "browser" for it to use in the future.
If you have control over the external API, and it issues OAuth2 tokens (which it sounds like it does), you can skip the Firebase portion completely. You just need to configure API.AI with the OAuth2 information for this external service - the client ID and secret, the URL for the login page and for the token exchange page, etc. In this case, your webhooks will be called providing the OAUth2 access token that you should pass on to the external API when you're calling it. The details are in the Actions for Google documentation Account Linking documentation.
If you do not have control over this API, you may need to provide a basic implementation of an OAuth2 server that can hand out auth tokens (either ones you create or ones that can be used to get the auth tokens from the external API). Your webhooks will then be called with these OAuth tokens, and you should use the token to find the token to use to access the external API. You have some options to implement this, and these options are discussed at OAuth2 Account Linking Overview in the Actions for Google docs.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With