Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

GoogleUser.getAuthResponse() doesn't contain access_token

Tags:

UPDATE2: I revisited this issue and have solved the problem by carefully following the doco linked below. But first, for those who are struggling with this, you are in good company. There are so many versions of the doco from Google it is confusing! Do you include platform.js or client.js in your html? Do you load gapi.auth or gapi.auth2? Do you use gapi.auth2.render or gapi.auth.authorize, or gapi.auth2.init, and so on.

The way that returns an access_token (as of this article date) is linked below. I managed to get this working by carefully following the guide and reference using platform.js. Other libraries are then dynamically loaded such as client.js using gapi.load('drive', callback).

https://developers.google.com/identity/sign-in/web/listeners https://developers.google.com/identity/sign-in/web/reference

==== ORIGINAL ISSUE FOR PROSPERITY ====

UPDATE 1: I've updated the code sample to do a recursive search of the googleUser object. At least this shouldn't break in a subsequent library.

Below is a code snippet to handle an issue where the access_token in the Google gapi.auth2.AuthResponse object is not at the top level... it is hidden :( in the depths of the object!

So it is retrievable, but not at the top level!!?? I've noticed it seems to be a timing issue... once the application is running for a while on subsequent checks, it does contain the access token at the top level!!

var authResponse = _.googleUser.getAuthResponse(); _.id_token = authResponse.id_token; // Always exists  // access_token should also be a param of authResponse if (authResponse.access_token) {   debug("Worked this time?");   _.access_token = authResponse.access_token; } else {   // !!! Internal object access !!!   debug("Attempt to get access token from base object.");   _.access_token = _.objRecursiveSearch("access_token", _.googleUser);    if (_.access_token) {     debug("Access token wasn't on authResponse but was on the base object, WTF?");   } else {     debug("Unable to retrieve access token.");     return false;   } }   _.objRecursiveSearch = function(_for, _in) {   var r;   for (var p in _in) {     if (p === _for) {       return _in[p];     }     if (typeof _in[p] === 'object') {       if ((r = _.objRecursiveSearch(_for, _in[p])) !== null) {         return r;       }     }   }   return null; } 

I'm guessing getAuthResponse somehow provides a callback once it is ready, but I can't see where in the API. https://developers.google.com/identity/sign-in/web/reference

like image 758
Simon Hutchison Avatar asked Jan 15 '16 03:01

Simon Hutchison


2 Answers

I know this question is fairly old, but it appears first when googling for ".getAuthResponse() doesn't have access_token," which is how I got here.

So for those of you in 2016 (and maybe later) here's what I have found out

There's a secret argument on .getAuthResponse, not documented anywhere I have found. If you would run the following in your app

console.log(gapi.auth2.getAuthInstance().currentUser.get().getAuthResponse); 

You would see that you get the following (copy/pasted from my console)

function (a){if(a)return this.hg;a=.HE;var c=.rf(this.hg);!a.Ph||a.dL||a.Lg||(delete c.access_token,delete c.scope);return c}

This shows that the .getAuthResponse() function looks for an argument, and as far as I can tell doesn't even check its value -- it simply checks if it is there and then returns the whole object. Without that function, the rest of the code runs and we can see very clearly it is deleting two keys: access_token and scope.

Now, if we call this function with and without the argument, we can check the difference in the output. (note: I used JSON.stringify because trying to copy/paste the object from my browser console was causing me some issues).

console.log(JSON.stringify(gapi.auth2.getAuthInstance().currentUser.get().getAuthResponse())); console.log(JSON.stringify(gapi.auth2.getAuthInstance().currentUser.get().getAuthResponse(true))); 

getAuthResponse() object

{ "token_type":"Bearer", "login_hint":"<Huge mess of letters>", "expires_in":2112, "id_token":"<insert your ridiculously long string here>",...}

getAuthResponse(true) object

{ "token_type":"Bearer", "access_token":"<an actual access token goes here>", "scope":"<whatever scopes you have authorized>", "login_hint":"<another mess of letters>", "expires_in":2112, "id_token":"<Insert your ridiculously long string here>", ...}

like image 155
Jhecht Avatar answered Sep 17 '22 13:09

Jhecht


Figured out the fix for this. Turns out that if we don't provide the login scope config in gapi.auth2.init it doesn't return access_token in getAuthResponse. Please call gapi.auth2.init as given below and access_token will be present.

gapi.auth2.init({    client_id: <googleClientID>,    'scope': 'https://www.googleapis.com/auth/plus.login'  })
like image 25
swapnil_mishra Avatar answered Sep 17 '22 13:09

swapnil_mishra