Menu
I'm trying to write a chrome extension that requires user authentication.
Google's tutorial suggests that I need to upload to the web store first to get a key:
- Login to the Google APIs Console using the same Google account used to upload your app to the Chrome Web Store.
I uploaded a non-functioning version to just get the key, but it's hanging there pending for over a week now. How could I get that key or somehow inspire Google to approve this app that I don't want on the Web Store? Am I doing this all wrong?
779
But do you know how browser extensions work? Some browser extensions require access to almost everything your browser sees. They can see sites visited, keystrokes, and even passwords.
Go to the Application tab. Refresh your browser tab once. You will notice an Authorization cookie appearing. This cookie contains the Bearer token .
But you can still install an extension without logging in to a Google account by doing the following: Find the ID for the extension you want to install. You can see it in the URL on in Chrome Web Store. The ID we want is the long string of random characters like cfhdojbkjhnklbpkdaibdccddilifddb in the URL above.
You don't have to upload an extension to the Chrome Web Store in order to use the chrome.identity API. It suffices to have a valid extension ID. The easiest way to get started is to copy the 32-character extension ID from chrome://extensions/ to your project's credentials section at the API console see screenshot below.
Though if you ever want to publish the extension or use it in a different profile or computer, then you'd better choose an extension ID that you control. This can be done by setting the "key" key in the manifest file. See Obtaining Chrome Extension ID for development for a detailed answer on generating these keys.
For example, try out the following extension, using a key that I just generated. It will print your user info in a dialog.
manifest.json
{ "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0W0/YVPvLrj2cWBOXfPBBYwPp56R+OJb9QLudyMpigF+V4DFV0NEUnbo9iA6m+7cVPiD6YbhbIaiAoHSdtqEKwaYvrEJRGuGsLjDq+RMwG2x+FcGIsO4ny0BuZaZ/Q2+DaL33NBUl2h9dIi1xa0Suq6qpoJ4yykTu9y7Q6rB9ulJze6DiZL7LWU5NzHCEWt21zAhpLZOqvYY8wzY69pMf+P0+uOLuy87x84rvCRNegbSmEYLC5f4y6ikjVnFUxJBxMlpMg3bByxbrLVBFPuHj4khkr6adUXgks2vBBHFcrRh5EYXopI+PLwUJPfFtzyN8+L7swen9kcK8gXMwX28KwIDAQAB", "name": "Identity test", "version": "1", "manifest_version": 2, "background": { "scripts": ["background.js"] }, "permissions": [ "identity" ], "oauth2": { "client_id": "1014705257182-52dddl9dbiec2ln22stokphlaq0v7gor.apps.googleusercontent.com", "scopes": ["profile"] } } background.js
chrome.identity.getAuthToken({ interactive: true }, function(token) { if (chrome.runtime.lastError) { alert(chrome.runtime.lastError.message); return; } var x = new XMLHttpRequest(); x.open('GET', 'https://www.googleapis.com/oauth2/v2/userinfo?alt=json&access_token=' + token); x.onload = function() { alert(x.response); }; x.send(); }); 
138
A bit late, but here is the source of my earlier confusion
It is a bit counterintuitive, but immediately after beginning a chrome extension / app, you have to 'publish' on the web store to obtain a consistent key and ID. If you are using the Chrome Dev Editor, hit the upper-left hamburger menu and click "Publish to the Chrome Web Store".
Once it finishes, you can then click "Open the developer dashboard" and save your app as a draft. Then you will see your full list of published apps and click 'more info' next to your app and copy the key between -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY-----. Paste that into your manifest as"key" and you can move on to develop offline.
24
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
