I'd like to access the name associated with a users google account to resolve a
GoogleJsonResponseException: API call to people.people.get failed with error: The caller does not have permission to request "people/me". Request requires one of the following scopes: [profile] error.
To do that, I'm attempting to include the https://www.googleapis.com/auth/userinfo.profile scope as listed on Google's list of OAuth 2.0 scopes. However, after editing the appsscript.json to manually include the scope, as outlined here, and attempting to save, it does not work. It displays the "Saving project..." popup, but it never resolves and reloading the page resets appsscript.json without my changes. The scope https://www.googleapis.com/auth/userinfo has the same response. There is no error message associated with this.
Here is my current file- have I missed something silly? Am I going about it wrong?
{
"oauthScopes": "https://www.googleapis.com/auth/userinfo.names",
"timeZone": "America/New_York",
"dependencies": {
"enabledAdvancedServices": [
{
"userSymbol": "People",
"version": "v1",
"serviceId": "peopleapi"
}
]
},
"exceptionLogging": "STACKDRIVER",
"runtimeVersion": "V8",
"webapp": {
"executeAs": "USER_DEPLOYING",
"access": "MYSELF"
}
}
The Google Apps Script IDE / online Editor doesn't allow to save the project if any of the files have a syntax error. In the specific case of Apps Script project manifest (appsscript.json) this file should have a valid JSON and should have a specific structure.
The Apps Script project manifest structure is specified in https://developers.google.com/apps-script/manifest.
In the specific case mentioned by the OP, the oauthScopes property should contain an Array or strings. Considering this, change
"oauthScopes": "https://www.googleapis.com/auth/userinfo.names",
by
"oauthScopes": [ "https://www.googleapis.com/auth/userinfo.names" ],
Another typical error when manually editing the manifest is to forget to add a comma to separate two properties.
Related
I'm working with Google Apps Script and Google Sheets for update the comments I made on certain videos.
While using the code I post bellow, I got this message:
The comment could not be updated due to insufficient permissions. The
request might not be properly authorized.
Despite the fact I'm updating my own comment from my Google/YouTube account and I've set the authorization scope https://www.googleapis.com/auth/youtube.force-ssl - as indicated on the documentation.
I also check this question - which is similar to mine - but, mine is oriented to Google Sheets.
This is the code I'm using:
// Text from the comment_ID "":
/* The Magic Cylinder animation is real or am edit?
* Honest question, I don't play MD, just looking video edits xD
*/
/**
* Comment (reply) to send as body request.
* Sample body - took from YouTube Data API documentation:
*/
var myCommentBodyRequest = {
"id": "UgyBzIHN1fFHveTCRb14AaABAg", // <= Id of my comment.
"snippet": {
"textOriginal": "The Magic Cylinder animation is real or an edit?" // <= Updated comment text.
}
};
// Update the comment:
/** Response of the updated comment: */
var commentCreatedResponse = YouTube.Comments.update(myCommentBodyRequest, "snippet");
// Testing results:
Logger.log(commentCreatedResponse);
// Update the cell with the new text:
sheet.getRange("E" + sheet.getCurrentCell().getRow()).setValue(commentText);
// Show alert:
ui.alert("The comment was updated successfully.");
I already have the "appsscript.json" file updated as follows:
{
"timeZone": "America/Bogota",
"dependencies": {
"enabledAdvancedServices": [
{
"userSymbol": "YouTube",
"version": "v3",
"serviceId": "youtube"
}
]
},
"exceptionLogging": "STACKDRIVER",
"runtimeVersion": "V8",
"oauthScopes": [
"https://www.googleapis.com/auth/spreadsheets.currentonly",
"https://www.googleapis.com/auth/spreadsheets",
"https://www.googleapis.com/auth/script.container.ui",
"https://www.googleapis.com/auth/youtube.force-ssl"
]
}
Normally, when a scope is added and/or Google Scripts shows an alert indication that Google Sheets requires permission, I accept the permission, but, I keep getting this message.
I think this error I'm getting is because the script must be authorized/approved by Google, but, I haven't found any evidence
Is there any missing steps/configurations to update the comment using Google Sheets?
Added tickets on Issue Tracker:
#247150284 - Google Apps Script
#247521476 - YouTube Data API
The issue was solved internally by the YouTube team.
Link of the response to the ticket:
Verified by el...#google.com.
Hello, This issue is already fixed.
Please let us know or open this ticket, if you still encounter this
issue. Thank you.
Since then, I tried to replicate the issue and even to this day (14/12/2022), I can update my own comments via YouTube Data API and Google Apps Script.
I'd like to access the name associated with a users google account to resolve a
GoogleJsonResponseException: API call to people.people.get failed with error: The caller does not have permission to request "people/me". Request requires one of the following scopes: [profile] error.
To do that, I'm attempting to include the https://www.googleapis.com/auth/userinfo.profile scope as listed on Google's list of OAuth 2.0 scopes. However, after editing the appsscript.json to manually include the scope, as outlined here, and attempting to save, it does not work. It displays the "Saving project..." popup, but it never resolves and reloading the page resets appsscript.json without my changes. The scope https://www.googleapis.com/auth/userinfo has the same response. There is no error message associated with this.
Here is my current file- have I missed something silly? Am I going about it wrong?
{
"oauthScopes": "https://www.googleapis.com/auth/userinfo.names",
"timeZone": "America/New_York",
"dependencies": {
"enabledAdvancedServices": [
{
"userSymbol": "People",
"version": "v1",
"serviceId": "peopleapi"
}
]
},
"exceptionLogging": "STACKDRIVER",
"runtimeVersion": "V8",
"webapp": {
"executeAs": "USER_DEPLOYING",
"access": "MYSELF"
}
}
The Google Apps Script IDE / online Editor doesn't allow to save the project if any of the files have a syntax error. In the specific case of Apps Script project manifest (appsscript.json) this file should have a valid JSON and should have a specific structure.
The Apps Script project manifest structure is specified in https://developers.google.com/apps-script/manifest.
In the specific case mentioned by the OP, the oauthScopes property should contain an Array or strings. Considering this, change
"oauthScopes": "https://www.googleapis.com/auth/userinfo.names",
by
"oauthScopes": [ "https://www.googleapis.com/auth/userinfo.names" ],
Another typical error when manually editing the manifest is to forget to add a comma to separate two properties.
I am trying to publish the extension to chrome app store. I tried many times but getting rejected every time,
the menifest file is:-
{
"name": "App name",
"description": "Blank!",
"version": "0.0.0.1",
"manifest_version": 2,
"icons": {
"128": "icon.png"
},
"background": {
"page": "background.html",
"persistent": false
},
"browser_action": {
"default_icon": "icon.png",
"default_popup": "popup.html",
"default_title": "Name"
},
"content_scripts": [
{
"all_frames": true,
"css": ["css/main.css"],
"js": [
"js/jquery-3.1.0.min.js",
"js/popup.js",
"main.js",
"js/dashboard.js"
],
"matches": [
"*://*.facebook.com/*/*/requests/",
"*://*.facebook.com/*/*/requests",
"*://*.facebook.com/*"
],
"run_at": "document_end"
}
],
"content_security_policy": "script-src 'self' https://apis.google.com 'unsafe-eval'; object-src 'self'",
"update_url": "https://clients2.google.com/service/update2/crx",
"oauth2": {
"client_id": "xxxxxx-xxxxxxxxxx.apps.googleusercontent.com",
"scopes": [
"https://www.googleapis.com/auth/spreadsheets"
]
},
"permissions": [
"tabs",
"storage",
"notifications",
"identity",
"*://*.herokuapp.com/*"
],
"web_accessible_resources": ["*.png"]
}
THe answers that I am submitting is like so-
Permission justification
Error Due to the Host Permission, your extension may require an in-depth review which will delay publishing.
tabs- to get the current tab url or location.
storage - to store the user token for authentication and user specific data.
notifications - to show the messages to the user when they logged in or logged out.
identity - to authorize user using google
Host permission -
https://.facebook.com/ = to get the facebook page URL and get the facebook group Id from the url
https://.facebook.com//*/requests/ = to get the request page inside the facebook and hence to activate the extension feature related to that group
https://.herokuapp.com/ = to access the apis from the backend server and to manage all the basic functionality.
Remote code - Yes, I am using remote code - I have called the google api module (https://apis.google.com) for adding the data to the user's given google sheet.
I have tried more than 5 time in a row, still gets rejects with the same error.
Let me know where I am making mistake.
Nobody knows how Chrome performs their reviews but at a minimum you should carefully go over the permissions, remove the ones you don't need and restrict the ones you have. I don't know how your extension works but it looks like there's a ton you can do here:
"tabs - to get the current tab url or location" - You shouldn't need this permission to get the current tab URL, only for more invasive queries.
"https://.herokuapp.com/" - This should be limited to the host you need to communicate to. Why would you need to communicate to any Heroku app at all?
"storage - to store the user token for authentication and user specific data." - Are you sure you need this? Test without it.
"script-src ... 'unsafe-eval'" - This is a massive security risk. You'd be best to change your implementation to not need this.
"object-src 'self'" - Why do you need this? You probably don't.
For the content_security_policy, you'd be better adding "default-src 'none';" to remove all permissions, then only add in only the ones you need.
"Remote code - Yes, I am using remote code - I have called the google api module" - Why do you need remote code for this? You should be able to implement this with JavaScript contained within your app + HTTP requests.
Hope that helps. The opaque Chrome review process is horrible.
For me, I was getting that message not because it was failing the review, but because I had not yet filled out the box "Host permission justification". You need to fill out this in order to be able to submit, otherwise it fails the form validation as it's a mandatory field.
In my case host permission was required because I was using a regex for a content script in the manifest file.
After completing the host permission justification field, I was able to submit. As the message suggests, requiring this permission could mean the review takes longer than if it is not required.
I have found that it's necessary to submit the privacy policy and terms of services links to the chrome store account section.
Hope it worked for you also.
I'm trying to get all the messages in a thread in sent items. In the code below, I can get all the sent threads in variable 'mails' as [GmailThread GmailThread ..]. Also mails[0].getId() gives threadId of mails[0].
var mails = GmailApp.search('in:sent');
Logger.log(mails[0].getMessages());
But mails[0].getMessages() returns run time error as
Access denied: : Missing access token for authorization. Request: MailboxService.GetThread.
Here's the scopes I've included.
"oauthScopes": [
"https://www.googleapis.com/auth/gmail.addons.execute",
"https://www.googleapis.com/auth/script.external_request",
"https://www.googleapis.com/auth/gmail.addons.current.message.action",
"https://www.googleapis.com/auth/gmail.addons.current.action.compose",
"https://www.googleapis.com/auth/gmail.compose",
"https://www.googleapis.com/auth/gmail.addons.current.message.metadata",
"https://www.googleapis.com/auth/gmail.readonly",
"https://www.googleapis.com/auth/gmail.modify",
"https://mail.google.com/"
]
Now what I want is to get all the messages in mails[0].
Looking here at the api document it appears you might be missing the below:
https://www.googleapis.com/auth/gmail.metadata
I was getting similar error with Apps Script GMail libraries. I switched to use GMail API sevices instead. Try using them https://developers.google.com/gmail/api/v1/reference/ i didn't face any issues with that.
Im trying to develop my first chrome extension and am running into an issue. Firstly I am using the following boilerplate as a page action:
http://extensionizr.com/!#{"modules":["browser-mode","with-persistent-bg","no-bg","with-custom-options","no-override","inject-css","inject-js","jquerymin"],"boolean_perms":["contentSettings","cookies","notifications"],"match_ptrns":[]}
In the inject.js, it downloads a list of urls from a remote server, checks the current url and if it matches it should do something. I was going to use a notification but I guess the notification comes from the current page and not the extension. So if you start the notification it will say "Do you want to enable notifications for amazon". Then I moved on to changing the icon. I would prefer doing both eventually. However, when I try and set text with the following:
chrome.browserAction.setIcon({path: 'icons/icon128-x.png'});
However, this is what I get in the console.
Uncaught TypeError: Cannot read property 'setIcon' of undefined
Any ideas?
you can't access chrome.browserAction in content.js, according to chrome extension document Content Scripts
Additionally, content script can access the following chrome APIs directly:
i18n
storage
runtime:
connect
getManifest
getURL
id
onConnect
onMessage
sendMessage
Content scripts are unable to access other APIs directly.
The extension manifest needs a "browser_action" section before the chrome.browserAction API is available to it:
Register your browser action in the extension manifest like this:
{
"name": "My extension",
...
"browser_action": {
"default_icon": { // optional
"19": "images/icon19.png", // optional
"38": "images/icon38.png" // optional
},
"default_title": "Google Mail", // optional; shown in tooltip
"default_popup": "popup.html" // optional
},
...
}
(From https://developer.chrome.com/extensions/browserAction#manifest.)