Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Google auth2 asks for permission every time when asking for access to the app

Without changing my code or configuration, now google is asking users to grant permission every time when a user is trying to authenticate to my App. Even though the user already grated access and the scope didn't change.

I don't get any errors and the login works fine is just that now the google dialog asking for permissions appears every time.

To initialise google I use gapi.auth2.init with the "https://www.googleapis.com/auth/plus.profile.emails.read" as scope. Also to request for access I use auth2.grantOfflineAccess.

I also checked in my Google account for Apps that have access and the application is registered successfully in there.

Anyone else has seen this issue? Or does know if google changed something in the way they handle permissions?

like image 544
Angela Tim Avatar asked Jan 19 '18 09:01

Angela Tim


2 Answers

I believe I am seeing similar behavior... that the authentication flow has begun asking the user to grant the app permissions to the scopes every time they sign in. Previously, it would only proceed from sign-in to grant permissions the first time the user signed into the app. I haven't changed the scopes requested nor the underlying code recently... but also hadn't used the app in awhile (months?)

I'm using the oAuth2 server-side authentication and grantOfflineAccess() outlined here . Given that there are no implementation details posted, i can't tell if the fix I found will apply to your situation. The correction I found... so that the authentication only asks the user to grant the first time they sign into the app was to explicitly specify the "prompt" attribute when calling getOfflineAccess().

    var auth2 = gapi.auth2.getAuthInstance(); 

    auth2.grantOfflineAccess({
        prompt : 'select_account'
    }
    ).then(signInCallback);
like image 102
MaB Avatar answered Nov 05 '22 19:11

MaB


https://developers.google.com/identity/protocols/OAuth2WebServer#offline

Check Step 1 prompt parameter enter image description here

like image 44
Vikash Avatar answered Nov 05 '22 19:11

Vikash