greghesp / assistant-relay

A Node.js server that allows for sending commands to Google Home/Assistant from endpoints
GNU General Public License v2.0
781 stars 224 forks source link

Migrate your OAuth out-of-band flow to an alternative method #272

Open VDP07 opened 2 years ago

VDP07 commented 2 years ago

Hi, I've got email with the above title and say that this assistant relay will be effected by this. Any suggestion on this matter?

olealm commented 2 years ago

Same here. Hope we won't lose the Google broadcast functionality. It is so much better than usual tts, in that it just pauses whatever is going on the actual speaker..

wmichael3 commented 2 years ago

Me too. I know you aren't supporting this any more, but certainly we'd appreciate either a fix or being pointed to how to fix ourselves or some replacement option. If I Google how to use Google Broadcasts, all I see is this option over and over.

ackfool commented 2 years ago

Anyone have an update they can share? Worried this will bomb out in a few months and leave everyone stranded

wmichael3 commented 2 years ago

Also concerned here. Have figured out I can replace this with Node Red - but can't seem to get the voice I want. Would prefer to stay with this which has worked perfectly.

ryancasler commented 2 years ago

What version are you currently running? The latest version uses an Oauth2 method for authentication which should still be good from what I am reading online. I know I didn't receive such a message for my Assistant Relay instance and I don't see any warnings at all when I look at the project in the Cloud Console.

wmichael3 commented 2 years ago

I am on v3.3.2b according to the About page. Is there something newer than this?

ryancasler commented 2 years ago

That's odd. When you set it up originally, what "client" did you pick when you set up your oauth authentication? If you selected "other" that might be why you're getting the message. I selected "Desktop". "Other" isn't an allowable choice anymore when setting up Oauth2 with Google.

ackfool commented 2 years ago

This is the issue i see. The Google side isn't documented properly for the assistant requirements. You're pointed to a Google instruction page and i had problems following this last year as I've never created a project. Lots of YouTube and Google searches to get it up and running... And not stop after a week

wmichael3 commented 2 years ago

I last set this up last December when I moved it to a new server - I can't exactly recall all of the options but when I go to the Credentials page it lists it as of type "Web Application." It is also trying to get me to complete an OAuth Consent Screen that I don't remember before - something has changed. That screen wants me to select "External" where it says it will only run in Testing Mode - it says that "Internal" is only for Google Workspace users. Color me confused.

ryancasler commented 2 years ago

When you go to the Oauth Consent Screen page, linked to on the left hand menu under Credentials, all you have to enter is your app name and your email address. Since you are the only one using your app, you are the only one who is ever going to see the consent screen. And the fact that the app is unverified only really matters to folks who are distributing their apps to the public. Do you care that your app is unverified? Of course not. So, you can put it into production with the warning that the app is unverified without a problem. If you were distributing the app to the public this would be bad (I would never approve an app I didn't write that was unverified) but you're not sending your app to the public.
Once you do that you have to move your app to production. I will go through and create a whole new project from start and grab all the screenshots since the screens have changed quite a bit since the last time I grabbed them. I will let you know what I will let you know if I am able to find the correct settings you need to avoid the expiration of those older Oauth2 methods. Won't have time for a couple days, so stay tuned.

ackfool commented 2 years ago

That would be extremely helpful. Thanks so much

ryancasler commented 2 years ago

I have created a PDF that should walk you through it step by step. If you have trouble, let me know: https://github.com/ryancasler/assistant-relay/blob/master/Create%20Cloud%20Proejct.pdf

(Also, I think I've hidden all my personal info but if you see any, please let me know that too.)

vanyacooper commented 2 years ago

As long as you are updating the security information there is one thing you might want to add that I did not originally understand when setting it up. That is the security is only between Assistant Relay and Google. ANYONE with access to port 3000 on the system where Assistant Relay is running can execute arbitrary commands for any of the authorized users in Google Assistant such as making calls, sending/reading email, etc. So it is very important not to allow public access to that port.

ryancasler commented 2 years ago

Yes, absolutely. You do not want to leave Assistant Relay public facing. No port forwarding or the like. All requests should come from other devices on your LAN. Mine come from my Hubitat.

wmichael3 commented 2 years ago

This worked great for me; thanks again.

On Tue, Jul 5, 2022, 8:49 PM ryancasler @.***> wrote:

I have created a PDF that should walk you through it step by step. If you have trouble, let me know:

https://github.com/ryancasler/assistant-relay/blob/master/Create%20Cloud%20Proejct.pdf

— Reply to this email directly, view it on GitHub https://github.com/greghesp/assistant-relay/issues/272#issuecomment-1175719518, or unsubscribe https://github.com/notifications/unsubscribe-auth/AK6SQ53ZZNKCS7ASDXSD5DLVSTX35ANCNFSM5VDCP3RQ . You are receiving this because you are subscribed to this thread.Message ID: @.***>

oywino commented 2 years ago

Also concerned here. Have figured out I can replace this with Node Red - but can't seem to get the voice I want. Would prefer to stay with this which has worked perfectly.

Sorry to butt in - could you please elaborate on how you made this work using NodeRed?

wmichael3 commented 2 years ago

I used a castv2-sender node - added one for each of 3 Google Minis we have in the house and sent TTS text to each of them concurrently. It works by creating an mp3 file on the fly for each text string and sending that. It was acceptable, but is not as simultaneous as I'd like and not with the standard voice. And if those devices are playing music, it will stop the track that is playing. But I don't use the Minis for music, just for voice response.

I'd send the flow but I ended up deleting it just a while back when I felt like the Assistant Relay was going to last.

On Wed, Aug 3, 2022 at 1:29 PM oywino @.***> wrote:

Also concerned here. Have figured out I can replace this with Node Red - but can't seem to get the voice I want. Would prefer to stay with this which has worked perfectly.

Sorry to butt in - could you please elaborate on how you made this work using NodeRed?

— Reply to this email directly, view it on GitHub https://github.com/greghesp/assistant-relay/issues/272#issuecomment-1204386166, or unsubscribe https://github.com/notifications/unsubscribe-auth/AK6SQ54UCDH26FTYAZP7RULVXLCCBANCNFSM5VDCP3RQ . You are receiving this because you are subscribed to this thread.Message ID: @.***>

ackfool commented 2 years ago

I have created a PDF that should walk you through it step by step. If you have trouble, let me know: https://github.com/ryancasler/assistant-relay/blob/master/Create%20Cloud%20Proejct.pdf

(Also, I think I've hidden all my personal info but if you see any, please let me know that too.)

Thank you so much. Finally got the time to do this and seems to work!. Take care

ackfool commented 2 years ago

Thanks I popped in your fix. See how we go. The most important reliance on GAR that I have is my blinds and to be honest its slow which is understandable but it has been flawless...and cheap! Ordered a Bond Bridge just in case there's issues down the road and at least it should be a quicker response when we're using the smart buttons around the house to control the blinds. If GAR doesn't break it will still be useful for the cheap power plugs I have around the place and I won't need to look at replacing them in the meantime with something else since Hubitat can't control them natively. These are not as critical but still a PIA. Thanks again!

From: ryancasler @.> Sent: Saturday, 27 August 2022 8:21 AM To: greghesp/assistant-relay @.> Cc: ackfool @.>; Comment @.> Subject: Re: [greghesp/assistant-relay] Migrate your OAuth out-of-band flow to an alternative method (Issue #272)

I think I have a method that will work to get this running without any code changes at all. And it has to do with how you create your Oauth Client. Instead of choosing Desktop, choose "Web Application". You will then be presented with a screen to add your redirect URI. Simply enter "https:.//www.example.com" and click create. This will create a json file for you to download that will not use localhost as the redirect URI, so it should still work. [image]https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fuser-images.githubusercontent.com%2F30270489%2F186997622-8561a331-eec3-47d3-aee2-733c15be6146.png&data=05%7C01%7C%7Cb948595d6e714a32880d08da87b13f43%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637971492582224130%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=U7DFb31HoGIseOhVUe%2FuGANk6LOZVOVu48tCr2Gd7SA%3D&reserved=0 Once you go to add your user using that JSON file, you will eventually get to an example.com page where the address will contain a code: [image]https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fuser-images.githubusercontent.com%2F30270489%2F186997821-f7c68aae-fddf-4136-be53-1708a686b309.png&data=05%7C01%7C%7Cb948595d6e714a32880d08da87b13f43%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637971492582224130%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=g%2BZrcdhaRE6TdRq3S8m786XQe9YcjpxdvSGzernVRsU%3D&reserved=0 (don't worry, that's not the real one, I subbed in a lot of fake characters) just copy everything after "code=" to "&scope". So, mine would be: 4/0AdQt8q474dfdydghdsdbdbtRrzq0QC_lObsRrsdwa4yXIssdfvxkgF8zHrvrtyrrhdyz4EumCwwett433g (if that were real) That oauth method will not be deprecated after Sept because it doesn't use the unauthorized flow. You have to manually put the code in but we've had to do that anyway. Fingers crossed this still works!!!

- Reply to this email directly, view it on GitHubhttps://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fgreghesp%2Fassistant-relay%2Fissues%2F272%23issuecomment-1229008641&data=05%7C01%7C%7Cb948595d6e714a32880d08da87b13f43%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637971492582224130%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=yuEdq4PhjyJO3rkfurPNPOTTMowOXcqpnNGLj3MXysI%3D&reserved=0, or unsubscribehttps://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAG2HEG4Q24ZRRVJE6A3Q3NLV3E7MPANCNFSM5VDCP3RQ&data=05%7C01%7C%7Cb948595d6e714a32880d08da87b13f43%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637971492582224130%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=94PrhaLwtdga39MOnsvfUUI62u2Rh%2BBRCcOG%2FMup%2FqQ%3D&reserved=0. You are receiving this because you commented.Message ID: @.**@.>>

wmichael3 commented 2 years ago

Thanks much as well. Hope it keeps working! We use it to announce if anyone is on our front porch, in our backyard, when the garage door opens and closes, when yard watering stops and starts, etc - mostly security announcements, but really anything we want the house HA to tell us immediately without regard to whether we have a phone nearby or not; have 3 Minis that cover the house. It has been great.

On Sat, Aug 27, 2022 at 12:11 AM ackfool @.***> wrote:

Thanks I popped in your fix. See how we go. The most important reliance on GAR that I have is my blinds and to be honest its slow which is understandable but it has been flawless...and cheap! Ordered a Bond Bridge just in case there's issues down the road and at least it should be a quicker response when we're using the smart buttons around the house to control the blinds. If GAR doesn't break it will still be useful for the cheap power plugs I have around the place and I won't need to look at replacing them in the meantime with something else since Hubitat can't control them natively. These are not as critical but still a PIA. Thanks again!

From: ryancasler @.> Sent: Saturday, 27 August 2022 8:21 AM To: greghesp/assistant-relay @.> Cc: ackfool @.>; Comment @.> Subject: Re: [greghesp/assistant-relay] Migrate your OAuth out-of-band flow to an alternative method (Issue #272)

I think I have a method that will work to get this running without any code changes at all. And it has to do with how you create your Oauth Client. Instead of choosing Desktop, choose "Web Application". You will then be presented with a screen to add your redirect URI. Simply enter "https:.//www.example.com" and click create. This will create a json file for you to download that will not use localhost as the redirect URI, so it should still work. [image]< https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fuser-images.githubusercontent.com%2F30270489%2F186997622-8561a331-eec3-47d3-aee2-733c15be6146.png&data=05%7C01%7C%7Cb948595d6e714a32880d08da87b13f43%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637971492582224130%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=U7DFb31HoGIseOhVUe%2FuGANk6LOZVOVu48tCr2Gd7SA%3D&reserved=0

Once you go to add your user using that JSON file, you will eventually get to an example.com page where the address will contain a code: [image]< https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fuser-images.githubusercontent.com%2F30270489%2F186997821-f7c68aae-fddf-4136-be53-1708a686b309.png&data=05%7C01%7C%7Cb948595d6e714a32880d08da87b13f43%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637971492582224130%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=g%2BZrcdhaRE6TdRq3S8m786XQe9YcjpxdvSGzernVRsU%3D&reserved=0

(don't worry, that's not the real one, I subbed in a lot of fake characters) just copy everything after "code=" to "&scope". So, mine would be: 4/0AdQt8q474dfdydghdsdbdbtRrzq0QC_lObsRrsdwa4yXIssdfvxkgF8zHrvrtyrrhdyz4EumCwwett433g (if that were real) That oauth method will not be deprecated after Sept because it doesn't use the unauthorized flow. You have to manually put the code in but we've had to do that anyway. Fingers crossed this still works!!!

- Reply to this email directly, view it on GitHub< https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fgreghesp%2Fassistant-relay%2Fissues%2F272%23issuecomment-1229008641&data=05%7C01%7C%7Cb948595d6e714a32880d08da87b13f43%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637971492582224130%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=yuEdq4PhjyJO3rkfurPNPOTTMowOXcqpnNGLj3MXysI%3D&reserved=0>, or unsubscribe< https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAG2HEG4Q24ZRRVJE6A3Q3NLV3E7MPANCNFSM5VDCP3RQ&data=05%7C01%7C%7Cb948595d6e714a32880d08da87b13f43%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637971492582224130%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=94PrhaLwtdga39MOnsvfUUI62u2Rh%2BBRCcOG%2FMup%2FqQ%3D&reserved=0

. You are receiving this because you commented.Message ID: @.**@.>>

— Reply to this email directly, view it on GitHub https://github.com/greghesp/assistant-relay/issues/272#issuecomment-1229132450, or unsubscribe https://github.com/notifications/unsubscribe-auth/AK6SQ5ZWF7NTKMXHVIW3FVDV3GWSJANCNFSM5VDCP3RQ . You are receiving this because you are subscribed to this thread.Message ID: @.***>

ackfool commented 2 years ago

I should do something similar. Thanks for the tip!

Get Outlook for Androidhttps://aka.ms/AAb9ysg


From: wmichael3 @.> Sent: Sunday, August 28, 2022 2:59:56 AM To: greghesp/assistant-relay @.> Cc: ackfool @.>; Comment @.> Subject: Re: [greghesp/assistant-relay] Migrate your OAuth out-of-band flow to an alternative method (Issue #272)

Thanks much as well. Hope it keeps working! We use it to announce if anyone is on our front porch, in our backyard, when the garage door opens and closes, when yard watering stops and starts, etc - mostly security announcements, but really anything we want the house HA to tell us immediately without regard to whether we have a phone nearby or not; have 3 Minis that cover the house. It has been great.

On Sat, Aug 27, 2022 at 12:11 AM ackfool @.***> wrote:

Thanks I popped in your fix. See how we go. The most important reliance on GAR that I have is my blinds and to be honest its slow which is understandable but it has been flawless...and cheap! Ordered a Bond Bridge just in case there's issues down the road and at least it should be a quicker response when we're using the smart buttons around the house to control the blinds. If GAR doesn't break it will still be useful for the cheap power plugs I have around the place and I won't need to look at replacing them in the meantime with something else since Hubitat can't control them natively. These are not as critical but still a PIA. Thanks again!

From: ryancasler @.> Sent: Saturday, 27 August 2022 8:21 AM To: greghesp/assistant-relay @.> Cc: ackfool @.>; Comment @.> Subject: Re: [greghesp/assistant-relay] Migrate your OAuth out-of-band flow to an alternative method (Issue #272)

I think I have a method that will work to get this running without any code changes at all. And it has to do with how you create your Oauth Client. Instead of choosing Desktop, choose "Web Application". You will then be presented with a screen to add your redirect URI. Simply enter "https:.//www.example.com" and click create. This will create a json file for you to download that will not use localhost as the redirect URI, so it should still work. [image]< https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fuser-images.githubusercontent.com%2F30270489%2F186997622-8561a331-eec3-47d3-aee2-733c15be6146.png&data=05%7C01%7C%7Cb948595d6e714a32880d08da87b13f43%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637971492582224130%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=U7DFb31HoGIseOhVUe%2FuGANk6LOZVOVu48tCr2Gd7SA%3D&reserved=0

Once you go to add your user using that JSON file, you will eventually get to an example.com page where the address will contain a code: [image]< https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fuser-images.githubusercontent.com%2F30270489%2F186997821-f7c68aae-fddf-4136-be53-1708a686b309.png&data=05%7C01%7C%7Cb948595d6e714a32880d08da87b13f43%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637971492582224130%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=g%2BZrcdhaRE6TdRq3S8m786XQe9YcjpxdvSGzernVRsU%3D&reserved=0

(don't worry, that's not the real one, I subbed in a lot of fake characters) just copy everything after "code=" to "&scope". So, mine would be: 4/0AdQt8q474dfdydghdsdbdbtRrzq0QC_lObsRrsdwa4yXIssdfvxkgF8zHrvrtyrrhdyz4EumCwwett433g (if that were real) That oauth method will not be deprecated after Sept because it doesn't use the unauthorized flow. You have to manually put the code in but we've had to do that anyway. Fingers crossed this still works!!!

- Reply to this email directly, view it on GitHub< https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fgreghesp%2Fassistant-relay%2Fissues%2F272%23issuecomment-1229008641&data=05%7C01%7C%7Cb948595d6e714a32880d08da87b13f43%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637971492582224130%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=yuEdq4PhjyJO3rkfurPNPOTTMowOXcqpnNGLj3MXysI%3D&reserved=0>, or unsubscribe< https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAG2HEG4Q24ZRRVJE6A3Q3NLV3E7MPANCNFSM5VDCP3RQ&data=05%7C01%7C%7Cb948595d6e714a32880d08da87b13f43%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637971492582224130%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=94PrhaLwtdga39MOnsvfUUI62u2Rh%2BBRCcOG%2FMup%2FqQ%3D&reserved=0

. You are receiving this because you commented.Message ID: @.**@.>>

— Reply to this email directly, view it on GitHub https://github.com/greghesp/assistant-relay/issues/272#issuecomment-1229132450, or unsubscribe https://github.com/notifications/unsubscribe-auth/AK6SQ5ZWF7NTKMXHVIW3FVDV3GWSJANCNFSM5VDCP3RQ . You are receiving this because you are subscribed to this thread.Message ID: @.***>

— Reply to this email directly, view it on GitHubhttps://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fgreghesp%2Fassistant-relay%2Fissues%2F272%23issuecomment-1229227602&data=05%7C01%7C%7C1ae9e3e3c609437b87c608da884d9215%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637972164006261489%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=Ma%2FmPavj27IV2N7yiny%2BlGLZU5rCKrgKErWaL3CQu10%3D&reserved=0, or unsubscribehttps://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAG2HEG73EVQ25FCCIPTCX63V3JCQZANCNFSM5VDCP3RQ&data=05%7C01%7C%7C1ae9e3e3c609437b87c608da884d9215%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637972164006417710%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=b1fCocby42ZOUGjUGLjapj2vkwOOoeW6v28T5hJFi50%3D&reserved=0. You are receiving this because you commented.Message ID: @.***>

ryancasler commented 2 years ago

From what I have read, as long as your redirect URL doesn't use "localhost" your OAUTH flow should not be affected. I removed my old OAUTH files from my project in the console and everything is still working. I wasn't sure that everything was going to work correctly but it turned out that the problem I was having was with the Oauth json file. It seems that once you use that file to activate one user, you can't use it to activate another. You would have to download another copy of the JSON file. As long as this is working for other folks, I will re-publish that fix that I removed.

I think I have a method that will work to get this running without any code changes at all. And it has to do with how you create your Oauth Client. Instead of choosing Desktop, choose "Web Application". You will then be presented with a screen to add your redirect URI. Simply enter https:.//www.example.com and click create. This will create a json file for you to download that will not use localhost as the redirect URI, so it should still work.

186997622-8561a331-eec3-47d3-aee2-733c15be6146 Once you go to add your user using that JSON file, you will eventually get to an example.com page where the address will contain a code: 186997821-f7c68aae-fddf-4136-be53-1708a686b309 (don't worry, that's not the real one, I subbed in a lot of fake characters) just copy everything after "code=" to "&scope". So, mine would be: 4/0AdQt8q474dfdydghdsdbdbtRrzq0QC_lObsRrsdwa4yXIssdfvxkgF8zHrvrtyrrhdyz4EumCwwett433g Use that to enter the code into GAR to authorize the user.

I used this method a while ago and everything is still working so far.

ackfool commented 2 years ago

Seems to still be working for me mate. Thanks so much

Get Outlook for Androidhttps://aka.ms/AAb9ysg


From: ryancasler @.> Sent: Saturday, September 10, 2022 9:35:31 AM To: greghesp/assistant-relay @.> Cc: ackfool @.>; Comment @.> Subject: Re: [greghesp/assistant-relay] Migrate your OAuth out-of-band flow to an alternative method (Issue #272)

From what I have read, as long as your redirect URL doesn't use "localhost" your OAUTH flow should not be affected. I removed my old OAUTH files from my project in the console and everything is still working. I wasn't sure that everything was going to work correctly but it turned out that the problem I was having was with the Oauth json file. It seems that once you use that file to activate one user, you can't use it to activate another. You would have to download another copy of the JSON file. As long as this is working for other folks, I will re-publish that fix that I removed.

I think I have a method that will work to get this running without any code changes at all. And it has to do with how you create your Oauth Client. Instead of choosing Desktop, choose "Web Application". You will then be presented with a screen to add your redirect URI. Simply enter https:.//www.example.com and click create. This will create a json file for you to download that will not use localhost as the redirect URI, so it should still work.

— Reply to this email directly, view it on GitHubhttps://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fgreghesp%2Fassistant-relay%2Fissues%2F272%23issuecomment-1242558216&data=05%7C01%7C%7C5afb2aeb3f6847ee2c6208da92bbfcfb%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637983633377099792%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=98qVwuaYElohn5a1yToL%2FQzQ3HRMXfO2A1%2Ft8yXgC%2FE%3D&reserved=0, or unsubscribehttps://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAG2HEG2PAMFY4MGCOENAI63V5PCUHANCNFSM5VDCP3RQ&data=05%7C01%7C%7C5afb2aeb3f6847ee2c6208da92bbfcfb%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637983633377099792%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=w8I7qz8wz%2FuWVeWHuOprFv4GUssWvL1eTk6D%2BhKL%2FPo%3D&reserved=0. You are receiving this because you commented.Message ID: @.***>

ryancasler commented 2 years ago

It is now after Oct 3rd, and it is still working. So, we should be good. PHEW!

wmichael3 commented 2 years ago

That would be awesome - thanks so much.

Mike

On Tue, Jul 5, 2022, 6:36 PM ryancasler @.***> wrote:

When you go to the Oauth Consent Screen page, linked to on the left hand menu under Credentials, all you have to enter is your app name and your email address. Since you are the only one using your app, you are the only one who is ever going to see the consent screen. And the fact that the app is unverified only really matters to folks who are distributing their apps to the public. Do you care that your app is unverified? Of course not. So, you can put it into production with the warning that the app is unverified without a problem. If you were distributing the app to the public this would be bad (I would never approve an app I didn't write that was unverified) but you're not sending your app to the public. Once you do that you have to move your app to production. I will go through and create a whole new project from start and grab all the screenshots since the screens have changed quite a bit since the last time I grabbed them. I will let you know what I will let you know if I am able to find the correct settings you need to avoid the expiration of those older Oauth2 methods. Won't have time for a couple days, so stay tuned.

— Reply to this email directly, view it on GitHub https://github.com/greghesp/assistant-relay/issues/272#issuecomment-1175632802, or unsubscribe https://github.com/notifications/unsubscribe-auth/AK6SQ53BGVY7XORMNLFURC3VSTIINANCNFSM5VDCP3RQ . You are receiving this because you are subscribed to this thread.Message ID: @.***>