Can't initialize ExtPay

[uluhonolulu]

When I tried to execute extpay.getUser(), I got the following error: "ExtPay Error: timed out registering user."

Now, I looked at the code and I realized that the extension can't find a key in the storage, and it is saving this key only when you visit https://extensionpay.com/:

        "matches": ["https://extensionpay.com/*"],
        "js": ["extpay.js"],
        "run_at": "document_start"

Now, when I visit this URL, I see the following error:

Uncaught TypeError: Cannot read property 'addListener' of undefined
    at ExtPay (extpay.js:138)
    at Module.123 (extpay.js:348)
    at __webpack_require__ (extpay.js:20)
    at extpay.js:84
    at extpay.js:87

It happens in this place: https://github.com/Glench/ExtPay/blob/4562247e0d4e2432d9e128076984811f2e5525b8/ExtPay.dev.js#L39

A quick googling told me that onInstalled isn't supposed to work in content scripts, so that might be the issue.

In any case, should the user really visit this page to make it work?

[Glench]

Do you have ExtPay initialized in a background script? That's required for ExtPay to work at the moment. It is not required to have the user visit the site — the content script is only to make onPaid work.

Also what browser are you using?

Also it's a little concerning to me that your bundler is using ExtPay.dev.js. That file is only meant to be used in development, not production. Did you do this manually? Point instead to dist/ExtPay.module.js

[Glench]

Any updates?

[uluhonolulu]

Hi, sorry, been pretty busy.

Yes, I'm using the correct build file now, just wanted to point you to the the correct line in the source.

Yes, ExtPay is initialized in the background script, but it exits on this line: https://github.com/Glench/ExtPay/blob/4562247e0d4e2432d9e128076984811f2e5525b8/ExtPay.dev.js#L104

I have reason = "update". Did you intend to put the "!" before the second install_details.reason?

[Glench]

oh duh, nice catch! just fixed and published v2.0.1 to npm. After updating please reinstall/update your extension and see if it works for you. Thanks for your wonderful documentation!

[uluhonolulu]

That fixed it, thanks!

[Glench]

Awesome, so glad it's working.

[uluhonolulu]

@Glench one last thing, I had to add https://extensionpay.com/ to the content_security_policy element of my manifest, the connect-src part. Without that, Chrome was blocking the call.

[Glench]

Really? Others have launched extensions in production without needing that bit. Can you reproduce it with a minimal example?

[uluhonolulu]

Sorry, I don't have much time these days. Maybe if you don't have the CSP part, you can get away without adding it?

[Glench]

Hm, can you send me your manifest.json then?

[uluhonolulu]

Here you are

{
    "manifest_version": 2,
    "version": "1.0.0",
    "name": "Detoxbox",
    "short_name": "Detoxbox",
    "description": "Get off the mailing lists you don’t want to be on. Keep your inbox clean and distraction-free",
    "default_locale": "en",
    "background": {
        "scripts": ["background.js"]
    },
    "page_action": {
        "default_popup": "popup.html"
    },
  "content_scripts": [
    {
      "all_frames": false,
      "matches": ["https://mail.google.com/mail/ca/u/0/*"],
      "js": ["content.js"]
    },
    {
        "matches": ["https://extensionpay.com/*"],
        "js": ["extpay.js"],
        "run_at": "document_start"
    }
  ],
  "icons": {
    "16": "assets/extension/icon-16x16.png",
    "48": "assets/extension/icon-48x48.png",
    "128": "assets/extension/icon-128x128.png"
  },
  "key": "...",
  "permissions": ["activeTab", "declarativeContent", "storage", "identity", "https://extensionpay.com/*"],
  "content_security_policy": "script-src 'self' https://apis.google.com/ 'unsafe-eval'; object-src 'self'; connect-src https://www.googleapis.com/ https://gmail.googleapis.com/ https://extensionpay.com/ ws://localhost:*/",
  "web_accessible_resources": ["assets/*/*"],
  "oauth2": {
    "client_id": "...apps.googleusercontent.com",
    "scopes": [
      "email", "https://www.googleapis.com/auth/gmail.readonly", "https://www.googleapis.com/auth/gmail.modify"
    ]
  }
}

[uluhonolulu]

This is what I get if I don't have your domain in CSP: (This is from the background page)

[Glench]

Excellent, thank you for sharing! Please let me know if you have any more questions or bugs.