I am trying to use Google as OpenID.
Users can successfully login to my site using their Google email.
Problem: They can't sign out successfully from it.
When user clicks sign out button in my website, i can only clear the cookies issued by my site itself but not the cookies issued under Google.
I have googled as well as read many article in stackoverflow. The solution i found is that i can't delete Google cookies myself. In order to delete that cookie i have to redirect my Page to https://www.google.com/accounts/Logout which cleans the Cookies issued by Google in my browser.
Another Problem begins: That url clears all the google cookies in the browser.If the user is login in other sites using Google as OpenID or even gmail at the same time in the same browser, their cookies also get deleted while logging out of my site.
Is there solution to it?
For Demo Try following steps in your own brower:
1- Login Gmail with your own authentication
2. then Click on https://www.google.com/accounts/Logout.
What will happen is your gmail account will be logout automatically.
As far as what I understand from your post, you want to log your users out of Google. For which you can use https://www.google.com/accounts/Logout without a problem.
You can use the following function to do it for you:
var logout = function()
{
document.location.href = "https://www.google.com/accounts/Logout?continue=https://appengine.google.com/_ah/logout?continue=http://stackoverflow.com";
}
where you should replace http://stackoverflow.com with your home page.
This should help you get your job done.
Here is a sign-out URL from all Google account, which is working fine for me:
https://accounts.google.com/Logout?continue=https%3A%2F%2Faccounts.google.com%2FServiceLogin%3Fsacu%3D1&il=true&zx=icxpgruz0yao
Hope it will help you.
Related
I am using Google Analytics API to fetch analytics data. I tried to authenticate it using following steps:
Created OAuth client ID in https://console.developers.google.com/ credentials section.
In consent screen I had set publishing status as testing
In OAuth 2.0 Playground I got the refresh token using above generated client id and client secret
Then I am using it to generate access token through it.
But after a few days, the refresh token expires although it is mentioned that the refresh token's validity is life long.
If your app is in testing mode then user tokens will expire in 7 days. Please find this explanations here: https://support.google.com/cloud/answer/10311615#zippy=%2Ctesting
I needed to send mails from a gmail account that I have access to, using nodemailer. It works for a couple of days before my refresh token is mysteriously revoked, even though the account belongs to me. A google search brought me here and I had been watching for a while hoping someone would help with a solution.
As you mentioned, this seems to happen with only test/unverified apps and I'm guessing google revokes tokens for such applications in your account after a few days. After much trials and errors, here is what I did.
NOTE: This is solution is only applicable to accounts you own, otherwise you must verify your app to access other people's accounts
Generate a new refresh token (existing one is most likely revoked) as described in this SO post
Go to the security tab of your google account dashboard
Under the Recent security activity section, you should see a security alert for your app.
Click on the context menu next to the notification and click DISMISS
At this point you'll be presented with a dialog of options where you indicate the level of trust you have for the app. I just went ahead and said I trusted the developer/app, obviously. And that's it! The refresh token should persist after this.
I could not find anything related anywhere else.
The other answer pointed me in the right direction but for me the option was located somewhere else: security > security checkup/security issues found > context menu next to your app > dismiss
This issue seems to be for unverified apps, Simply delete the token file from your project and rerun the project, it will create a new token.
My problem was when I've added access_token instead of refresh_token.
What I did:
Go to https://console.cloud.google.com/apis/credentials/consent and change from the testing status to published.
Delete the current token file.
Authorize the API again by signing into your gmail account. You will be sent to a warning screen. From there, you can choose to proceed.
When done you'll get a new token file
The solution is to delete your token.json file to force Google to find a new token.
I was able to get it to work WITHOUT a verified app. Perhaps the refresh() method will work once my app is verified. Not sure on that one.
We have been working on an app that requires access to a users google calendar. We have been using the grantOfflineAccess() method described in google api's documentation - https://developers.google.com/identity/sign-in/web/reference#googleusergrantofflineaccessoptions
However, the problem we are facing is that this opens a pop up and we need to do this via a redirect. Does anyone have any ideas todo this without a pop up showing up?
Safari and Firefox block pop ups and this does not really work well on safari on mobile.
I was able to find a GitHub issue for this https://github.com/google/google-api-javascript-client/issues/288 but I have seen other websites do this without a pop up. You can check zendesk & frontapp.com - both of whom take offline grant for the users signing in.
Any ideas or help would be appreciated.
The only way to access a users data is to have a user grant you permission to access that data. This is done though Oauth2 a user is promoted to login to their google account then they are given a screen with the scopes of permissions that you are requesting.
There is no way around this. YOu will always have to ask a user at lease once to grant you permission to access their data if you are requesting offline access you will be given a refresh token that you can use to request a new access token and access the users data when they are not online.
As for popups they shouldn't be displaying as popups they should be opening in a new browser window.
Good day!
I've been googling for a long time, but still no success.
Problem:
Let's supose we have a google document, which have embeded into some site with iframe, following google docs guide. User have one tab in which he is authorized with it's account in google. He visites our site and see document. He can access it, edit it, and whatever he whants.
Now, he desides to change his auth in google, he logs out and than logs in with different account. He DOESN'T reload our site (because it is ajax based), and now he tries access our document. And here comes a fail. He sees a blank page. in chrome js console there is an error:
Refused to display https://**docs**.google.com/SamplePDFURL in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN.
In iframe src = "docs.google.com" .
What happens? When user changed authorization, it's cookies have been changed and he became not authed for this doc and google automaticaly redirects frame to account.google.com auth page. BUT! This auth page is on different domain ACCOUNT. , and since google follows "same origin" security policy, we get error in console and blank iframe for user.
How to work around this?
Please help somebody.
As I said, I didn't find any working solution for this.a
I'm using SocialLogin plugin for WordPress which relies on HybridAuth for authentication. However, when I try to login with Google, I get "User profile request failed. Most likely the user is not connected to the provider and he should to authenticate again." error. I've tried Googling the solution, unsuccessfully.
Also, when I try to login with StackOverflow or Yahoo! I get Unspecified error!
I came across this issue also ...
Your question is more than an year old but here you go the solution:
Go to https://console.developers.google.com/ and activate Google+ API access.
That worked out for me!
It generally occurs to me in two conditions.
Session lost when you use for example back button or directly visiting the page instead of visiting via link.
Some times you need to clear your cache, logout and login to site but clean logout
generally fix.
I also want you to know that Hybrid Auth is a dead project.
How can I logout or disconnect a Facebook user in the Facebook connect session?
I'm using the Facebook developer toolkit. After using "connectSession.Logout()", the method "connectSession.IsConnected()" is still returning "true". Have I done something wrong?
EDIT: Now, I know that you can't logout a user just from the Facebook connect site. A user can be logged out only from the entire Facebook site. How can I do that with Facebook Developer Toolkit?
Edit:
In answer to your second question, just log them out using the JavaScript SDK:
FB.logout(function(response)
{
// user is logged out
// redirect to local logout script
});
Here's also an answer I made before that should help. This answer is for the older javascript and php SDK, but it should still apply.
How to log out users using Facebook Connect in PHP and Zend?