Setup a new Chrome identity for the demo apps

[dborkan]

Set up a free identity just for the demo apps (demo and demo_google), to ensure that there aren't weird interactions between our demo apps and other install chrome apps/extensions.

[willscott]

what would the authorized origin / authorized redirect URI be?

[dborkan]

I'm not completely sure, but once we create a new project in the google developers console and use that key in manifest.json, chrome.identity.getRedirectURL() will return that URL, which we can then add to the Google Developers Console page (similar to https://console.developers.google.com/project/746567772449/apiui/credential)

[willscott]

I made a new project, so that we could just have a clean ID to use here,
but realized I don't have access to that one / the uproxy project to look
at the clientid settings used there.

What are the settings in that project?

--Will

On Tue, Apr 29, 2014 at 10:41 AM, dborkan notifications@github.com wrote:

I'm not completely sure, but once we create a new project in the google
developers console and use that key in manifest.json,
chrome.identity.getRedirectURL() will return that URL, which we can then
add to the Google Developers Console page (similar to
https://console.developers.google.com/project/746567772449/apiui/credential
)

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/34#issuecomment-41707755
.

[dborkan]

I just added you as an owner to it so you should be able to look now.

I believe we will need to:

• Get the key for manifest.json by packaging our app as a .crx file (see https://developer.chrome.com/extensions/manifest/key). Then we can find out the redirect URL by calling chrome.identity.getRedirectURL()
• Create a new client id and associate it with this redirect URL on the Google Developers Console -> APIs & Auth -> Credentials page.

[willscott]

Yep. Looks like this is the process outlined here:
https://developer.chrome.com/apps/app_identity

On Tue, Apr 29, 2014 at 11:02 AM, dborkan notifications@github.com wrote:

I just added you as an owner to it so you should be able to look now.

I believe we will need to:

• Get the key for manifest.json by packaging our app as a .crx file
  (see https://developer.chrome.com/extensions/manifest/key). Then we
  can find out the redirect URL by calling chrome.identity.getRedirectURL()
• Create a new client id and associate it with this redirect URL on
  the Google Developers Console -> APIs & Auth -> Credentials page.

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/34#issuecomment-41710456
.

[dborkan]

Yes, but one thing to point out is that even for the demo_google extension we are using the "Non-Google account authentication" method (chrome.identity.launchWebAuthFlow). This is because we don't want to restrict the user to their Chrome account.

Also I've found that even with chrome.identity.launchWebAuthFlow, setting the "key" field in the manifest.json is still necessary, however the "oauth2" object can be omitted from manifest.json (the client_id and scopes get specified in the URL passed to chrome.identity.launchWebAuthFlow, rather than being picked up from manifest.json)

[ryscheng]

@dborkan I know you were playing with some of this since your most recent pull request. Can I close this or is there still work to be done?

[dborkan]

I don't think I made any changes related to this in the recent pull request, but I'm also not sure if this is still needed. I think maybe by "identity" here I was referring to the app's key, not the identity that's used to sign into XMPP. Right now there are still some places where freedom-social-xmpp (both the demo and OAuth code) are hardcoded to use uProxy's client_id, etc.