Web App script fails to launch by other users - google-apps-script

My question is not about Docs only, but about Drive. I developed a web app, published for executing by users accessing the app, with access for everyone. and when I follow the given link by myself, I see pop-up for granting the access to my app. And after it my script starts for me.
But if I try to choose another account (for testing purposes) when the app asks me for granting access, I do the same, there appears "Authorization successful" for a moment, pop-up closes, but immediately appears again, and asks for permissions, and so on again and again like in a loop. When I check account settings I see that the app has access, but it doesn't start.
Remarkably, that while developing, I tried to launch it many times by different accounts and it worked fine then.
When I use incognito tab, it asks me to login, and having it done, I succeed to start the app. But when I try to start with usual browser tab a pop-up is appears and asks to review permissions. Clicking "review permission" it asks me to login offering my default account (which I use to develop and which launching process is ok), and choose another.

It is a bug, see here
The behavior is well known and is already been worked on.
I recommend you to give it a "star" to increase visibility and hopefully speed up the process.
In the meantime, the only workaround is either not to be signed in with multiple accounts simultaneously or to use incognito mode.

Related

how to diagnose/fix chrome pop up warning to change password due to a data breach

I'm currently running an app on AWS elastic beanstalk, and recently I had an issue come up where when I tried to enter a password, this a google chrome pop up appeared that is the same as the image below. The password is encrypted and entered in a password-type field. I know this is a very general question, but would anyone have any advice in diagnosing why this issue came about (perhaps by looking at specific things in AWS console), and how to prevent it? Does this warning occur only when the user has entered a password that is common/used across multiple apps, and has nothing to do with the code the app is based on?
Searched and found this answer:
Important: You must be signed in to Chrome to get these notifications.
To start or stop notifications:
On your computer, open Chrome.
At the top right, click More More and then Settings.
Under "Privacy and security," click Security.
Select a safe browsing option: Enhanced protection or Standard protection.
Tip: This feature is only available if "Safe Browsing" is turned on.

AuthMode gets confused w/ multiple logged in users

I'm bumping into a weird problem in Google Apps Script, working on a Slides add-on.
When I run the add-on in an incognito window with just one user logged in (call it User B), everything works fine.
When I run the add-on with multiple users logged in (call it Users A and B in the same Chrome tab), it seems like Apps Script gets confused around the authorization. When I try to use the add-on as User B (as evidenced by the profile showing up in the upper right corner), all functionality of the add-on fails, I'm guessing because it lacks authorization. Note that the add-on has remain installed on User B's account this whole time, and it still works in the incognito window with just User B logged in.
Any tips on this? Is there a way to "force" the add-on to use the authorization of User B in the multi-logged-in case?
Having multiple log-ins active in the same browser is known to cause issues with Google Authorization.
The default account (typically the account that was first logged into) takes precedence over any other accounts. Google has yet to fully resolve this. Current work-around is to recommend to your users to log out of all other accounts.
I had the same problem and got it solved by changing the link as follows:
https://script.google.com/a/{any_character}/macros/s/{deployment_id}/exec
Note that my app was set public so anyone can access it.
Use this url to test instead:
https://script.google.com/a/{domain name}/macros/s/{token}/exec

Force "Add to homescreen" prompt a second time on chrome

I am trying to build a PWA. I managed to trigger the prompt a first time and installed the app on my shell (desktop). I then deleted it and I would like to force the prompt to reappear (for debug purpose) but it won't.
I set my chome flag Bypass user engagement checks to enabled, but there's still nothing I can do to trigger the prompt.
When I click on the console setting Application>Manifest>Add to homescreen, nothing happens and I don't receive any error message either.
It's exactly the same code that worked the first time. I just want to trigger it again now that the desktop shortcut has been deleted.
Also struggled with this issue.
At last found that going to chrome://apps/ and removing the app will enable to re-add it
If the chrome://flags/#bypass-app-banner-engagement-checks flag is enabled and you are still not getting the banner, its high likely one of PWA criteria is not met anymore.
It might have worked before. But with the changing code, something might have went wrong with Service worker, accessing via HTTP instead of HTTPS or having an invalid certificate kind if issues might have made your app not eligible for App install banner.
Validate: Validate your current sites PWA eligibility using Chrome Developer tools -> Audits -> Perform Audit -> Progressive Web App. See if all goes through regarding PWA criteria and if you see all looks good and still you don't get the Install Banner, post the Audit screenshot to give us some idea on whats going on.
You can just also just set it in the Developer Tools under Application by checking on Update on reload or click on Unregister to completely remove the SW. Dirty, but does the trick all the time.

How to auto-login website in chrome with saved password

Chrome is auto-filling the credentials, but not log me in until I click login. How to automate? (windows, non-google websites).
Using the Chrome Identity API you can have Chrome (on desktop and Android) automatically attempt to log in the user when they hit your page, even if their session has expired.
Following is a workflow diagram of how it works, but the details can be found in the Google Authentication API: Let the user automatically sign back in section:
It is not the browser's responsibility to auto-login to websites. This is the responsibility of the website you are accessing. The browser can remember form data and auto-fill for you, as can various extensions like LastPass.
However, in order to actually auto-login, you must first login to the website you are trying to access and enable the option they provide, often called 'Remember me?'. The website would typically use a cookie to store the credentials (securely with a hash + salt), and if the cookie still exists (not cleared from the browser or expired), and the hash of real password in database matches the one in the cookie, the website will auto-login.
You could force the browser to try and auto-login with extensions, which are essentially macros. You could try Auto Login or iMacros extensions for this. I would generally avoid this though.
Anyone else stumbling into this thread from a google search.... you can do this with autohotkey. If you browse to yourbankhere.com and chrome fills in the user/pass, you can have autohotkey perform a mousemove then a mouseclick to click the login button.

How to allow Chrome Kiosk App configuration access for administrators?

I'm building a Chrome kiosk app that will be in a public space. Users can interact with the app, but there are a variety of settings (server addresses, timeouts, etc.) that need to be set. I'm looking for a strategy on how to allow access to that administration config.
On first run - This is straightforward, but I want administrators to be able to pull it up again.
Detect if the app ran as a kiosk app or manually - This would kind of work, not sure if it's the greatest
Detect some key combination - Ctrl + Alt + Something switches over to the settings page, this feels like people could stumble on it accidentally.
Is there another approach I'm missing?
If your Chrome device(s) is managed you have a further option which is to use the Chrome App Management area within the Google Apps admin interface.
To do this you code your app to use the storage.managed API and this should allow a Configure section for your app within Chrome App Management.
I haven't tried this myself yet but this appears to be the way the Chrome Sign Builder app is configured with its schedule.
Another approach would be to have an administrator login button in a corner of the app. You can set a default password for administrators, which could then be changed in the settings dialog.
You can also think of combining suggestions you have made, first run and then a key combination, and this could bring up a password prompt as also suggested. For an example of this see the Zebradog Kiosk app which is in GitHub so you can see code of how this could be done.
I use ctrl-alt-S at boot. This allows me to login and make changes. I know you have to do a couple of reboots, but it is out of service during admin time anyway.