Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Gmail Contextual Gadget (Gmail plugin/extension): Deprecated? Impossible? How? (Can't do OAuth 2.0)

We need to develop an in-house gmail extension to process incoming emails, allow recipients to interact with our in-house software. I have been trying to figure out how to use OAuth 2.0 in Gmail Contextual Gadget, but I can't find any specific documentation for this. I couldn't find anything useful when I searched stack overflow with contextual + google-oauth (keyword recommended by Google).

Before you give me standard pages, please make sure it has this:

  • Minimally, an example of Gmail contextual gadget manifest.xml that uses OAuth 2.0
  • Ideally, with explanation of how to deploy it at a domain (not marketplace), so I know it actually was deployed & tested.

For example, the standard hello example in Contextual Gadgets page uses OpenID ("openIdRealm"), and was written before OAuth 2.0:

https://developers.google.com/gmail/contextual_gadgets

OpenID is NOT allowed in OAuth 2.0:

https://developers.google.com/apps-marketplace/practices#3_use_oauth20

Your application must not use OpenID or OAuth1.0. Any evidence of such usage will result in your application failing the review process.

Note that Contextual Gadgets are Client-Side Javascript apps, very different from web server apps and installed apps. So OAuth 2.0 should be used like this:

https://developers.google.com/accounts/docs/OAuth2#clientside https://developers.google.com/accounts/docs/OAuth2UserAgent

But contextual gadgets run in a container, which handles the first call of OAuth (google call, which calls back our website with tokens ...). Living on the client side, contextual gadgets "cannot keep secrets". our website (redirect page, https://example.com/oauth2callback) needs to save access token (and maybe refresh token) to the session that is accessible to our gadget code on the client side.

I would ideally not use SSO, which I see is only "needed for applications deployed on the marketplace". The alternative deployment is "for your domain", which uses Google Apps Extensions Console:

https://developers.google.com/google-apps/extensions-console/

But the extension console says, on top, "We are improving user experience, try the new Developers Console", which links to:

https://console.developers.google.com/?redirected=true

Developers Console:

  • It shows the project that was created before in apps extensions console. I can click on it to open a large menu (aside, on the left)
  • APIs & Auth / Credentials -- I created Client ID and secret for my app. Apparently, I must use Web Apps, not Service account or installed app, because I'm trying to access some user-private data (email access), not just a Google service, and I'm not a standalone installed app.

There is no place to report this client ID anywhere in the contextual gadget. Is it register-and-forget?

Also (a bug?), permissions shows my client ID under "Service Account" even though I did NOT create service account credentials.

And then this: I don't know how to deploy my contextual gadget (which is not a standalone app) on my domain from this new Developers Console. There only seems to be cloud-deployment-related options under overview and Compute tabs on the left.

When I try to deploy from the Apps Extensions Console (which supposedly is not deprecated, only is improved), I get this error:

Google Apps Marketplace    (I never deployed to marketplace, only my own domain)
Application installation not allowed.
The OAuth1.0 version is no longer available.
Instead, try installing the OAuth2.0 version.
[Return to dashboard]   (button)

What is more, return to dashboard button takes me to the Domain admin site which allows neither development nor deployment:

https://admin.google.com/mydomain.com/

By the way, the Apps Extensions Console never accesses the redirect page I have created, and never reads the gadget spec file on my site either (never accessed by google as promised), so error message must be saying the manifest.xml doesn't use OAuth 2.0... Or Apps Extensions Console doesn't use it itself and blames me for it!

So, Gmail Contextual App:

  • Deprecated?
  • Impossible now?
  • Authorized with OAuth 2.0? How?
like image 268
Kanat Bolazar Avatar asked Oct 06 '14 17:10

Kanat Bolazar


2 Answers

The documentation for Google Contextual Gadgets is a bad joke- outdated and wrong, don't waste your time.

The answers here on SO got me closer, but I never actually got the thing working.

Luckily I ended up finding gmail.js, which allowed me to write a Chrome extension to do what I needed...

1- Download the Gmail Chrome Extension Boilerplate project, which is a Hello world example chrome extension using gmail.js.

2- Update the main function in the main.js file to something like this:

var main = function(){

    gmail = new Gmail();
    gmail.observe.on("open_email", function(id, url, body, xhr) {

        // Inject a toolbar:
        var $email_body = gmail.dom.email_body();
        $email_body.prepend('<div class="my_toolbar"><a>Do something</a></div>');
    });
}

That'll give you this:

enter image description here

like image 105
Yarin Avatar answered Oct 08 '22 03:10

Yarin


Had the same issues as well. I (barely) managed to have my gadgets up on my domain emails via the steps below. Here's what I can share;

1) Created a project via (https://console.developers.google.com). Switched on Marketplace SDK under the APIs side navigation menu. Once it's switched on, go at the top of the page and click on the 'gear cogs' for Google Apps Marketplace SDK. This will lead you to a page with a link for (Go to the original console). Click on the link.

2) You should be forwarded into a form page. Fill in all the required fields in the form. Check on the COB extension and declare your extractor ID(I used the pre-canned extractor, haven't tested it out with custom extractors) under text-field Extractor Url, your gadget url via text field Gadget Url, and select the scopes. Click on the Add button, and then the Save changes button once you're done.

3) Go to the API Access menu, and create an OAuth 2 Client ID.

Here's where the steps aren't clear for me, but I'll share what I did to have the gadgets available on my domain.

3) I clicked on the Test Install Flow button on top of the form..

4) I added the admin user as the editor for this project.

5) I then had to log out, clear cache, log in as the admin/domain user to see the contextual gadget at the bottom of the email.

Hope this helps.

like image 23
Nadzry Avatar answered Oct 08 '22 03:10

Nadzry