Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invalid request when using Chrome Identity API / Google OAuth Screen in the extension: Custom URI scheme is not supported on Chrome apps #38066

Open
jacekzlowocki opened this issue May 4, 2024 · 6 comments
Open

Invalid request when using Chrome Identity API / Google OAuth Screen in the extension: Custom URI scheme is not supported on Chrome apps #38066

jacekzlowocki opened this issue May 4, 2024 · 6 comments
Labels
OS/Desktop

Comments

@jacekzlowocki
Copy link

Description

We are developing a Chrome extension that utilizes Chrome Identity API (chrome.identity.getAuthToken()) to provide Google Authentication via Google OAuth screen. It works perfectly fine on Chrome browser, but not on Brave.

It seems that Brave adds it's own Custom URI scheme when creating oauth request:
https://github.com/brave/brave-core/blob/9b9b01ac4a6eb7686ed971fc44bbded09b3d9175/patches/chrome-browser-extensions-api-identity-identity_get_auth_token_function.cc.patch#L97

Which is no longer supported by Google:
https://developers.googleblog.com/en/improving-user-safety-in-oauth-flows-through-new-oauth-custom-uri-scheme-restrictions/

Enabling "Allow Google login for extensions" flag doesn't make any effect - still the same result.

Steps to Reproduce

  1. In an extension, call chrome.identity.getAuthToken({ interactive: true })

Or to see it with existing extension:

  1. Install Meeting Timer for Google Meet extension in Brave
  2. Open extension popup and click "Sign up with Google" (this calls chrome.identity.getAuthToken({ interactive: true }))
  3. Invalid request OAuth page opens

Actual result:

Error 400: invalid_request
Custom URI scheme is not supported on Chrome apps.
Zrzut ekranu 2024-05-4 o 18 31 21 Zrzut ekranu 2024-05-4 o 18 31 37

Expected result:

Actual Google OAuth screen opens, like in Chrome browser:
Zrzut ekranu 2024-05-4 o 19 54 16

Reproduces how often:

Every time

Brave version (brave://version info)

1.65.126 Chromium: 124.0.6367.118 (Oficjalna wersja) (x86_64)
e6a0dcfed2e939addb42f91900875679412fa5b7
macOS Wersja 14.4.1 (kompilacja 23E224)

Version/Channel Information:

  • Can you reproduce this issue with the current release? Yes
  • Can you reproduce this issue with the beta channel? Yes
  • Can you reproduce this issue with the nightly channel? Yes

Other Additional Information:

  • Does the issue resolve itself when disabling Brave Shields? No
  • Does the issue resolve itself when disabling Brave Rewards? No
  • Is the issue reproducible on the latest version of Chrome? No
@astabinski
Copy link

Facing the same issue 👍

@beease
Copy link

beease commented Jun 1, 2024

Same issue for me

@siegerts
Copy link

siegerts commented Jun 27, 2024
edited
Loading

Also running into this issue.

@LuckJMG
Copy link

LuckJMG commented Jul 30, 2024

Same issue while trying to login on the google keep extension.

May be related to #15754.

@siegerts
Copy link

Just following up here to see if there are any updates?

@siegerts
Copy link

I put together a few posts on how to use the chrome.identity.launchWebAuthFlow as an alternative to chrome.identity.getAuthToken for enabling Google OAuth in Chrome extensions. Hopefully it helps.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
OS/Desktop
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@siegerts @jacekzlowocki @astabinski @LuckJMG @beease