Open mridul-tmpl opened 6 months ago
We are also encountering this, anybody found solution?
Seems that it is also problem in the examples, the auth-code flow always asks for the permissions, the implicit flow (or the simple/one-tap ones) only ask for it first time you log in.
One weird this if that this used to work for auth-clode flow, but then it stopped. @MomenSherif is this something that could be cause by changes in the code in this library? Or did something change on google side?
https://github.com/MomenSherif/react-oauth/assets/6587821/9234e149-2e1f-4ed7-b5e1-137bd634aecc
I did some more digging, there is this informative stack overflow post https://stackoverflow.com/questions/14923799/login-with-google-always-asks-user-consent which says prompt=consent
can be causing this, and when I checked the google auth URL, that is opened in new window, it seems to indeed have this parameter. Here is the URL it opens for me
https://accounts.google.com/o/oauth2/v2/auth/oauthchooseaccount?gsiwebsdk=3
&client_id=XXXXXXXXXXX
&scope=openid%20profile%20email
&redirect_uri=storagerelay%3A%2F%2Fhttp%2Flocalhost%3A8080%3Fid%3Dauth35848
&prompt=consent <<<----------------------
&access_type=offline
&response_type=code
&include_granted_scopes=true
&enable_granular_consent=true
&service=lso
&o2v=2
&theme=mn
&ddm=0
&flowName=GeneralOAuthFlow
@MomenSherif Where are these parameters coming from? I tried to search the codebase but it does not seem to be set anywhere, only passed in case it is defined, but I do not define it. So perhaps it is some default from Google? Also for auth-code flow, according to types, we cannot set this parameter, only for the implicit flow. Is that correct?
Hi @MomenSherif , bumping this thread, running into the same issue. Would appreciate your eyes on this!
is there any solution for this ?
@MomenSherif Another bump.
Does anyone resolve consent flow issue coz i have the same issue here : (
same here, who can save our life, haha
After spending way too long on this, it seems like this is a Google change and has nothing to do with this library, although it makes the library feel incomplete.
TL;DR: Google has pushed to separate authentication from authorization, so you need to interact with two SDKs/APIs for a sane login + grant access process. :disappointed:
sameee isssue. pls fix this up
I am using the
useGoogleLogin
for the Google sign in and it's asking me for permission every time I select the same google account.Here is my
useGoogleLogin
code that I picked from the docs.I want the permission thing to come for the first-time signing only.