Does the chrome.identity api work in chrome extensions in brave?

ZYinMD commented 4 years ago

Description

I'm a chrome extension developer. In my extension I call chrome.identity.getAuthToken() to do oAuth, this normally pops up a sign-in window in Chrome. The identity API is what made oAuth possible in extensions. However, in Brave, the popup doesn't appear, and in the console it shows Unchecked runtime.lastError: The user turned off browser signin.

So is chrome.identity supported in Brave?

Steps to Reproduce

call chrome.identity.getAuthToken() in an extension. (if you want to try with an existing extension, try the extension "Full Screen for Google Tasks".

Actual result:

No oAuth window appears. In the console it shows Unchecked runtime.lastError: The user turned off browser signin.

Expected result:

oAuth window appears.

Brave version (brave://version info)

Brave | 1.2.42 Chromium: 79.0.3945.117 (Official Build) (64-bit) Revision | 04f0a055010adab4484f7497fbfdbf312c307f1d-refs/branch-heads/3945@{#1019} OS | Windows 10 OS Version 1903 (Build 18362.295)

Version/Channel Information:

Can you reproduce this issue with the current release? Yes
Can you reproduce this issue with the beta channel?
Can you reproduce this issue with the dev channel?
Can you reproduce this issue with the nightly channel?

Other Additional Information:

Does the issue resolve itself when disabling Brave Shields? No
Does the issue resolve itself when disabling Brave Rewards? No
Is the issue reproducible on the latest version of Chrome? No

bsclifton commented 4 years ago

@ZYinMD I believe this is expected behavior, as we do disable browser sign in. Any calls made to GAIA are non-routable

@jumde can you confirm?

cc: @pilgrim-brave @tomlowenthal

pilgrim-brave commented 4 years ago

Confirmed. GAIA is unavailable in Brave in any context.

ZYinMD commented 4 years ago

Thanks!

jamesturnernz commented 4 years ago

Hi, just wondering if there is an alternative please?

If I can't use GAIA chrome.identity.getAuthToken() in my extension, but still want to offer Google Auth, how can I do this please?

Thanks

bsclifton commented 4 years ago

Quick update - @jumde is looking at getting some of this functionality working in Brave (put behind a flag of course)

ss87codes commented 3 years ago

@jumde @bsclifton any update on this pls? We are looking to provide Google Auth via chrome extn on brave.

jumde commented 3 years ago

Hi @ss87codes - You should be able to use this api by enabling Allow Google login for extensions in brave://settings/extensions. If you are running into any issues, let us know.

ss87codes commented 3 years ago

Thank you @jumde

kospl commented 3 years ago

@jumde I have enabled Google sign in but each time extension calls chrome.identity.getAuthToken, browser asks me reauthenticate with my Google email and password. Even after this I am getting

The user is not signed in.

error.

Reset Brave, after that I am getting

OAuth2 not granted or revoked.

error when calling chrome.identity.getAuthToken in non-interactive mode (instead of The user is not signed in., which is better of course). But chrome.identity.getAuthToken in interactive: true mode is hanging and not returning response, anything.

After that restarted Brave one more time - and it worked! chrome.identity.getAuthToken in interactive mode let me chose account and returned valid token, then extension worked.

jumde commented 3 years ago

@kospl - We noticed an issue in the recent builds a few days back: https://github.com/brave/brave-browser/issues/14041 - we are working on a fix.

MoeBazziGIT commented 2 years ago

Any update on this?

jumde commented 2 years ago

@MoeBazziGIT - Update here: https://github.com/brave/brave-browser/issues/15754#issuecomment-920514585

We haven't found any extensions where chrome.identity API is used with 3p Google APIs. So we've paused the work here: https://github.com/brave/brave-core/pull/10103

dcow commented 1 year ago

@MoeBazziGIT - Update here: #15754 (comment)

We haven't found any extensions where chrome.identity API is used with 3p Google APIs. So we've paused the work here: brave/brave-core#10103

Writing in to let you know that our browser extension does use other oauth scopes with the identity api. We request gmail.readonly and gmail.modify and have been approved by Google.

bsclifton commented 1 year ago

@dcow I believe the chrome.identity patches recommended by upstream have been pulled in. If extensions support 3p identity, it should work

cc: @ShivanKaul

UPDATE: here we go - found it - https://github.com/brave/brave-browser/issues/15754 Fixed with https://github.com/brave/brave-core/pull/14069

dcow commented 1 year ago

@bsclifton neat I'll test our extension out on Brave. Came across this thread in a discussion with another chrome-embedder's team about supporting the identity api and it wasn't clear what the resolution was here. Thanks for the update!

zereraz commented 7 months ago

I have extension working in chrome using chrome.identity.getAuthToken specifically https://developer.chrome.com/docs/extensions/how-to/integrate/oauth case but when I call it in Brave I get

Access blocked: <Name> request is invalid.

Error 400: invalid_request
Custom URI scheme is not supported on Chrome apps.

Is this not supported?

edit: just saw this https://github.com/GoogleChrome/developer.chrome.com/issues/7434#issuecomment-1794989184 wonder if it is still applicable.

jacekzlowocki commented 4 months ago

Hi! Have the same problem as @zereraz here.

We are using Chrome Identity API in our extension (chrome.identity.getAuthToken()), but Brave seem to still send redirect URL with the custom URI scheme, which is no longer supported by Google

The "Allow Google login in extensions" setting doesn't make any difference

You can replicate with our Meeting Timer for Google Meet extension

Please consider reopening the issue

brave / brave-browser