I have a very simple GAS project.
function doGet(e) {
//User Database
var username = Session.getActiveUser().getEmail(); //Authenticate using current User Email
var page = HtmlService.createTemplateFromFile("menu");
page.userName = username;
return page.evaluate().setSandboxMode(HtmlService.SandboxMode.IFRAME).setXFrameOptionsMode(HtmlService.XFrameOptionsMode.ALLOWALL);;
}
This script is owned by x#y.com (GSuite Account on Business domain)
It is published on a New Google Sites page, by embedding the published web app link. (/exec)
The Google Sites site is shared to n#z.com (different user on different GSuite Business domain)
When you open the Google Sites page, in an incognito window in chrome, logged in as x#y.com, the script displays fine.
If you open the Google Sites page, in a new incognito window in chrome, logged in as n#z.com, you can see the page as served by google sites, but the app itself is replaced by the "You Need Access" splash page from google.
If you open the published web app link while logged in as n#z.com, you get the "Review Permissions" splash page, and then the app works fine.
Opening Google sites at this point, the app is still displaying "You Need Access"
What am I doing wrong here to enable authorised access to the app on the google site?
I believe there is a bug in the implementation of permissions in the STABLE version of the runtime. With the pictured permissions in the question, the app acts as though you need to share the script itself to the user in the other domain.
This still does not enable access.
The solution is to enable V8 Runtime, republish the app and immediately the app works as expected.
Related
I developed an Apps Script Web App that uses some Google Apis (drive, calendar, etc.).
I wrote Terms and Privacy Policy and requested Google to approve it, and they keep bugging me that I need to remove, from "Authorized Javascript origins", anything that is not hosted on my real TLD's (own domains).
The problem is I need to put on the authorized origins some https://n-blablabla-0lu-script.googleusercontent.com URL's, because those are the origins of the Apps Script itself, where the LOGIN button is.
Basically when someone enters my app, if it is not yet logged in, I show in the app itself a Login button, and once the user logs in, I request the permissions. This is pretty common, and since the Apps Script runs in google platform, it has google on its URL/origin.
I spent ~2 weeks with Google Support trying to explain them that I cant remove those authorized origins of https://n-blablabla-0lu-script.googleusercontent.com, otherwise, I do get this:
idpiframe_initialization_failed: Not a valid origin for the client
The Google Sign-in library requires that the domain registered in the Google Developers Console matches the domain being used to host the web page. Ensure that the origin you registered matches the URL in the browser.
the Web App is embedded on a Google Sites (new) iframe
Im developing an App Engine project for a customer, I want that this project can be installed as an App from the Chrome Web Store, for a specific domain (not mine).
I have enabled the Marketplace SDK and API in my project, and tried to upload the ZIP, but I only can select my domain if I want set the App as private.
I have tried to upload the ZIP with one account from that domain, but when I'm going to publish the App the web gives me an error saying that I dont have permissions to publish because I'm not the owner of the console API Id (because the project stills in my main account, another domain).
Its possible publish the App as private to another domain, that is not the same domain where the App Engine project is?
You will need to publish it as a private app then choose only a certain people to share it. It's the only way.
The instructions for publish a private Chrome app for a specific users is found in Publish a private Chrome app
Users from the same Chrome domain will see their organization's
private apps in a private collection in the Chrome Web Store.
Administrators can choose which users they want to be able to publish
private apps for their organization by clicking this checkbox in the
Admin console under Device management > Chrome management > User
settings > Chrome Web Store Permissions.
When you click Allow users to publish private apps that are restricted
to your domain on Chrome Web Store, an additional setting will appear
to Allow users to skip verification for websites not owned. This
second setting allows users to create bookmark apps pointing to
websites that they aren’t the webmaster for.
How to publish private Chrome web apps Publishing a private app is
very similar to publishing a public app to the Chrome Web Store. The
only difference is there's an additional step of restricting access to
the app to your domain:
Sign in to the Chrome developer dashboard.
Accept the Terms of Service.
Add a new item and upload your app as a zip file.
Set the promotional image you want to use, and the category, and language for the app.
Select Private and Everyone at .
The app is now published to the Chrome Web Store. If you have
restricted the visibility of the app to your domain, only users in
your organization signed in to their G Suite accounts will be able to
see the app
I'm trying to create a google apps script project where is required to access by anyone (people with google account) and executed by the same user (user accessing the web app). I've published the app as "web app" and it work with the given url.
Since i need to this web app as a web service using ajax, the browser console return an error of unauthorised access (No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'x' is therefore not allowed access.) this doesn't happen if the web app is published as "Executed by my" and "access by anyone, even anonymous"
anyway, i'm following the instructions in Google Sign-In for Websites and it said i need to access in google developer console to get credential for the project but my google apps script are not displayed in the project list.
Open up the script, go to Resources > Developer Console Project > click on the link attached to the script.
I'm looking to intercept a web request and launch that URL in another instance of Chrome. We have a Google Apps for Business account. And I regularly receive emails with Google Drive links. But they open in the last browser that had focus, which can be my personal user window. I'm looking to have Chrome get that web request, then either automatically open the link in the right window, or prompt for a choice. Is that possible?
I have created an app script as an web app with doGet function. Its working fine with no issues. But when I am sending that link to my friends its opening the Google docs login page instead of UI.
The link I am giving to my friends is the one which is shown after clicking 'deploy as web app', is labeled as 'Current web app URL'. And at the pop up screen which pops when we click 'Deploy as web app' button, i set that anyone have access to the app and I am accessing the app as 'User accessing the app'.
Setting the access permission to Anyone means 'Anyone with a gmail or Google Apps account' and it is therefore they are required to sign in. HOwever, if you set it to Anyone including anonymous, your friends need not sign in.