search

MomenSherif / react-oauth

Google OAuth2 using the new Google Identity Services SDK for React 🚀
https://www.npmjs.com/package/@react-oauth/google
MIT License
1.06k stars 133 forks source link

Granting permission every time I use the same Google account to sign in #335

Open mridul-tmpl opened 6 months ago

mridul-tmpl commented 6 months ago

I am using the useGoogleLogin for the Google sign in and it's asking me for permission every time I select the same google account.

Here is my useGoogleLogin code that I picked from the docs.

const login = useGoogleLogin({
  flow: "auth-code",
  onSuccess: async (codeResponse) => {
    try {
      const tokens = await axios.post("/api/auth/google", {
        code: codeResponse.code,
      });
    } catch (error) {
      console.log("errorfe", error);
    }
  },
});

I want the permission thing to come for the first-time signing only.

Untitled design (1)

Hurtak commented 5 months ago

We are also encountering this, anybody found solution?

Hurtak commented 5 months ago

Seems that it is also problem in the examples, the auth-code flow always asks for the permissions, the implicit flow (or the simple/one-tap ones) only ask for it first time you log in.

One weird this if that this used to work for auth-clode flow, but then it stopped. @MomenSherif is this something that could be cause by changes in the code in this library? Or did something change on google side?

https://github.com/MomenSherif/react-oauth/assets/6587821/9234e149-2e1f-4ed7-b5e1-137bd634aecc

Hurtak commented 5 months ago

I did some more digging, there is this informative stack overflow post https://stackoverflow.com/questions/14923799/login-with-google-always-asks-user-consent which says prompt=consent can be causing this, and when I checked the google auth URL, that is opened in new window, it seems to indeed have this parameter. Here is the URL it opens for me 

https://accounts.google.com/o/oauth2/v2/auth/oauthchooseaccount?gsiwebsdk=3
  &client_id=XXXXXXXXXXX
  &scope=openid%20profile%20email
  &redirect_uri=storagerelay%3A%2F%2Fhttp%2Flocalhost%3A8080%3Fid%3Dauth35848
  &prompt=consent     <<<----------------------
  &access_type=offline
  &response_type=code
  &include_granted_scopes=true
  &enable_granular_consent=true
  &service=lso
  &o2v=2
  &theme=mn
  &ddm=0
  &flowName=GeneralOAuthFlow

@MomenSherif Where are these parameters coming from? I tried to search the codebase but it does not seem to be set anywhere, only passed in case it is defined, but I do not define it. So perhaps it is some default from Google? Also for auth-code flow, according to types, we cannot set this parameter, only for the implicit flow. Is that correct?

ChenCodes commented 4 months ago

Hi @MomenSherif , bumping this thread, running into the same issue. Would appreciate your eyes on this!

Prajapati-developer commented 3 months ago

is there any solution for this ?

wkappers-gmu commented 3 months ago

@MomenSherif Another bump.

NitinNR commented 2 months ago

Does anyone resolve consent flow issue coz i have the same issue here : (

quanbui1997 commented 1 month ago

same here, who can save our life, haha

AdrianSchneider commented 2 weeks ago

After spending way too long on this, it seems like this is a Google change and has nothing to do with this library, although it makes the library feel incomplete.

TL;DR: Google has pushed to separate authentication from authorization, so you need to interact with two SDKs/APIs for a sane login + grant access process. :disappointed:

humblelad commented 5 days ago

sameee isssue. pls fix this up