Is it possible to determine user profile using Chrome Extension API? - google-chrome

Is it possible to determine which user profile is logged in Chrome from my custom extension using Chrome API?
Thanks!

There is no Chrome-API for that, the best (any only) way is to use oAuth:
https://developers.google.com/accounts/docs/OAuth2
UPDATE:
Yesterday Google has published news about the Identity API at the Chromium blog.
The Identity API may only work with packaged Apps!
Identity API
The Identity API allows packaged apps to authenticate users securely
using OAuth 2.0 without the user having to provide a username and
password directly to the app. The Identity API supports authentication
using Google Accounts as well as third party providers such as GitHub
and Foursquare.
The Identity API also gives packaged apps secure access to Google APIs
such as Google+, Calendar and Drive. As an example, Google Keep uses
the Identity API to authenticate users as well as to call the Google
Drive API to save notes to Drive. The Identity API uses a webview
based UI to show the OAuth consent dialog and when the Google+ API
scope is used, it allows users to control who can see their activity
on the app.
Source: http://blog.chromium.org/2013/07/richer-access-to-google-services-and.html
Documentation at developer.chrome.com: https://developer.chrome.com/trunk/apps/app_identity.html

If it's possible to do so, consider writing a Chrome packaged app instead. The Identity API will give you the information you need.

Related

Adding external Google APIs to add-on initial auth scopes

I've built a Google Sheets add-on that retrieves data from the Google Search Console API and writes it to the user's spreadsheets.
Since the Search Console API isn't available in the "Advanced Google services" section in Apps Script, I used the OAuth2 library available on GitHub, with the "https://www.googleapis.com/auth/webmasters.readonly" scope. It currently uses separate credentials in the Developer Console.
While the add-on works fairly well, when a user installs it for the first time, he/she has to authorize it using Google's OAuth process for certain scopes that are automatically detected in the script (managing spreadsheets, send emails, do external requests, and so on). After the authorization is completed, the add-on displays the usual add-on sidebar where the user has to do an additional OAuth process, this time for approving access to the Search Console API (via the OAuth2 library mentioned earlier).
My goal would be to include the Search Console scope in the initial OAuth process, so that users wouldn't need to go through the process twice. Unfortunately, the "Scopes" section in the Apps Script Project Properties isn't editable, so I cannot add that manually, and as far as I know there's no way to make it so it gets automatically detected.
Is there any way to do that? Would it make any difference if I were to use the Apps Script credentials for the OAuth2 library that I'm using to access the Search Console API (instead of having a separate set)?
Thanks!
As stated in this documentation, Google Apps Script can interact with APIs from all over the web. This guide shows how to work with different types of APIs in your scripts. You can use the UrlFetch service to make API requests directly.
Make requests to services with OAuth
APIs that act on behalf of a user usually require authorization, often using the OAuth protocol. Apps Script doesn't provide built-in support for the protocol, but there are open source libraries you can use to perform the OAuth flow and send the credentials with your requests:
OAuth1 for Apps Script: Compatible with OAuth 1.0 and 1.0a.
OAuth2 for Apps Script: Compatible with OAuth2.
This link might also help:
Making HTTP Requests Directly
If Google Authentication is desired for external applications, or a Google API is not available yet in this library, HTTP requests can be made directly.
The authorize method returns an authorized Guzzle Client, so any request made using the client will contain the corresponding authorization.
It is now possible to customize the OAuth list of a project via editing its manifest file: https://developers.google.com/apps-script/concepts/scopes
Google mentions that not all Google OAuth scopes are included (I haven't managed to find an exact list), but I've tested adding the Google Search Console scope and it seems to work fine.

All mime types integration in Google Drive UI Integration

The API Manager of Google Drive API, Under UI Integration of (https://console.developers.google.com)
I want to get my app to be integrated to (all types) file type including unrecognized. The app is to display its meta data of every user selected file.
For Default MIME Types I have put
*/*
and Default File Extensions I have put
* //(which is error)
How do I get it accomplished?
AFAIK, there are supported MIME types that are specific to Google Apps and Google Drive which means that integrating ALL mime types is not possible.
You may want to check the documentation to get started integrating with the Drive UI. It was stated that,
you'll need to specify the Open URL for your app, and your preferences on how users create and open files with the app. Also, you can select from optional features like support for multiple file selection and Google doc import.
Please do also note on the given warning:
Do not select Automatically show OAuth 2.0 consent screen when users open my application from Google Drive. This feature is deprecated. All authorization requests must be initiated by the application.
You may want to also check the following references and see if it will help you:
Google Drive Integration
Advanced Drive Service.The advanced Drive service allows you to use the Google Drive web API in Apps Script.

How to use Google Identity Toolkit to connect to Google Drive API?

I want to use Google Identity Toolkit to sign up and authenticate my users. In another part of my app, I want to use the Google Drive API to allow users to choose media files to link with their profile.
Will setting up GITKit make it easier to use the Drive API? Can I share credentials (i.e. API key) between the two services? Are they totally separate? I'm pretty confused so any help would be appreciated.
First of all, please consider to use Firebase Authentication, which is the new version of Google Identity Toolkit.
In both Firebase Authentication SDK and Google Identity Toolkit SDK, your app can specify the Google Drive scope when initializing the Google provider. In this way, once the end users sign into your app with Google, your app can get the Google oauth2 access token that has the permission for the Google Drive scope. Your app can call Google Driver API with that access token, without prompting the user.

Are there any way to register in-house application in google apps marketplace with FQDN?

I belongs IT Section which provides and distributes Google Apps and its related service in our company.
Our section has disabled Drive SDK in Google Apps admin Console because of our company policy.
However, many developers requested Drive api in our company.
So, we started registering developer's drive application in google apps marketplace to allow it.
After our registration, developers could use drive api.
However, recently our registration process has stuck in uploading on Chrome Web Store.
(*Please take a look at See step 8.)
Strictly speaking, chrome web store publishing status become rejected.
Moreover, we received app removal notification from chromewebstore-dev-support#google.com, like "Chrome Web Store: Removal notification for app name."
But we have no idea why this app has been rejected.
Here is our step we used to do.
In google developers console, I accessed api manager, and make drive api enabled.
Access drive SDK settings to register app icon and open URL, and save it.
*About open URL, we assume intranet FQDN is forbidden, so we set http://www.google.com as open URL.
In OAuth Concent, type service name and save it.
From api manager, enable Google Apps Marketplace SDK.
We set application name, description, register icon, support URL and drive api scope(https://www.googleapis.com/auth/drive) and save it.
Also prepare zip file for Chrome Web Store that includes manifest json and app icon.
*In manifest json, we wrote app name, description, web app URL(we set google sites) and write as domain-installable.
Upload zip file to chrome web store, icon, screeen shot, promotional tile images, set web site(we set google sites.), category and languages.
In the end, set Visibility option as private and everyone at mydomain.
After published both chrome web store and google apps marketplace, access to marketplace to find published app in our domain.
allow access of drive app in marketplace.
*Above processes were executed on September in 2015,
I believe developer console UI has been dramatically changed for now, so these steps might not match current steps.
### Questions ###
Considering above results, I would like to confirm things below.
I would like to confirm our steps above is correct or not for registering drive application in Google App Marketplace.
By referring Both Apps Marketplace Guides and Apps Marketplace Frequently Asked Questions, I could not find detail for specific steps.
I are wondering whether we must obtain or prepare domain for web application and it must be open on the web or not.
Are there any way to register in-house application in google apps marketplace without publishing on the web(wondering can use FQDN or not).
Is it possible to create Google Apps Marketplace App using service account or client application with Drive API?
Thank you in advance.
1. I would like to confirm our steps above is correct or not for registering drive application in Google App Marketplace. By referring Both Apps Marketplace Guides and Apps Marketplace Frequently Asked Questions, I could not find detail for specific steps.
You seem to have done the steps right. But just to be safe, you can check out Publish your App page on the apps marketplace documentation.
Steps to Publish the app
Go to the Chrome Web Store developer dashboard
Upload the zip file
Add a detailed description of your app for the Marketplace listing
Add your screenshot(s) and promotional tiles for the Marketplace isting
Add the URLs for your app's websites
Set the category, region, language(s), and other configuration details
Note: To publish a private, domain-only app, skip the next step and see the instructions below.
To publish a Marketplace app that is only visible within your own domain, do not use the listing review request form. Instead, on the developer dashboard, locate the "Visibility options" section and select "Private / Everyone at yourdomainname.com" before you publish
2. I are wondering whether we must obtain or prepare domain for web application and it must be open on the web or not.
I'm not sure what you mean by this question, but once the domain has been set and app published, the application will appear in the "For [your domain]" section in the Google Apps Marketplace available on admin.google.com
3. Are there any way to register in-house application in google apps marketplace without publishing on the web(wondering can use FQDN or not).
If you mean private company-wide application, I think Google Apps for Work can do this feature (this will incur additional charge to you though)
4. Is it possible to create Google Apps Marketplace App using service account or client application with Drive API?
Yes, Drive API also uses Domain-wide delegation of Authority in which the domain admin can grant 3rd party apps access to user data.

can i connect to an api after basic or digest authentication, in a google chrome extension

I want to connect to an API which uses Basic or Digest Auth- so the user can use the extension fully, only after he has logged in to the API- the extension will send and receive messages through the API and perform actions based on responses sent by the API.
Is such authentication possible for a google chrome extension? Can i ask user to provide userid/password (or API key) through a popup HTML File which is part of the extension? Or do I have to open a new tab in Chrome itself and ask the user to authenticate through that...
Which is the best/ideal way to authenticate into a web based API from a Google Chrome extension... Any guides or how-to s would be very helpful for me...
You can use popup or a new tab authentication, either way is OK.