fregante · fregante · Sep 18, 2021 · Dec 28, 2020 · Dec 29, 2020 · Dec 29, 2020
diff --git a/How to generate Google API keys.md b/How to generate Google API keys.md
@@ -2,7 +2,9 @@
 
 [chrome-webstore-upload](https://github.com/DrewML/chrome-webstore-upload) uses the Chrome Web Store API. 
 
-Here's how to get its 3 access keys: `clientId`, `clientSecret`, `refreshToken`
+Here's how to get its 2 access keys: `clientId`, `refreshToken`
+
+Version below v2 used `clientSecret`, but this is no longer used, as long as you create a "Chrome App" OAuth.
 
 *Note:* the names you enter here don't really matter. This will take approximately 10 minutes, sorry.
 
@@ -23,18 +25,19 @@ Here's how to get its 3 access keys: `clientId`, `clientSecret`, `refreshToken`
 0. Visit https://console.developers.google.com/apis/credentials
 0. Click **Create credentials** > **OAuth client ID**:
 
-	<img width="771" alt="Create credentials" src="https://user-images.githubusercontent.com/1402241/77865679-e89f3a00-722f-11ea-942d-5245091f22b8.png">
+	> <img width="771" alt="Create credentials" src="https://user-images.githubusercontent.com/1402241/77865679-e89f3a00-722f-11ea-942d-5245091f22b8.png">
 
-0. Select **Other** (or **Desktop app** if available), enter `chrome-webstore-upload` and click **Create** 
+0. Select **Chrome App**, enter `Chrome Webstore Upload`, your extension’s ID, and click **Create** 
 
-	> <img width="187" alt="Configure client type" src="https://cloud.githubusercontent.com/assets/1402241/21517952/d1f36fce-cc97-11e6-92c0-de4485d97736.png">
+	> <img width="547" alt="Create OAuth client ID" src="https://user-images.githubusercontent.com/1402241/106205904-de6a0700-6184-11eb-8591-984e69c5e82a.png">
 
-0. Save your ✅ `clientId` and ✅ `clientSecret`, these are your 2 of your 3 keys.
+0. Save your ✅ `clientId` and ignore the `clientSecret`; `clientId` is 1 of 2 keys you will need.
 0. Place your `clientId` in this URL and open it:
 
-	`https://accounts.google.com/o/oauth2/auth?client_id=YOUR_CLIENT_ID&response_type=code&scope=https://www.googleapis.com/auth/chromewebstore&redirect_uri=urn:ietf:wg:oauth:2.0:oob`
+	`https://accounts.google.com/o/oauth2/auth?client_id=YOUR_CLIENT_ID&response_type=code&scope=https://www.googleapis.com/auth/chromewebstore&redirect_uri=urn:ietf:wg:oauth:2.0:oob&access_type=offline&approval_prompt=force`
 
-0. Follow its steps and warnings (this is your own peronal app) and wait on the last page:
+0. Follow its steps and warnings (this is your own personal app)
+0. Wait on this page:
 
 	<img width="521" alt="Last page of OAuth" src="https://user-images.githubusercontent.com/1402241/77866731-79781480-7234-11ea-8f81-c533846d89ea.png">
 
@@ -45,7 +48,6 @@ response = await fetch('https://accounts.google.com/o/oauth2/token', {
   method: "POST",
   body: new URLSearchParams([
     ['client_id', prompt('Enter your clientId')],
-    ['client_secret', prompt('Enter your clientSecret')],
     ['code', new URLSearchParams(location.search).get('approvalCode')],
     ['grant_type', 'authorization_code'],
     ['redirect_uri', 'urn:ietf:wg:oauth:2.0:oob']
@@ -67,4 +69,4 @@ if (!json.error) {
 }
 ```
 
-9001. Done. Now you should have ✅ `clientId`, ✅ `clientSecret` and ✅ `refreshToken`. You can use these for all your extensions, but don't share them!
+9001. Done. Now you should have ✅ `clientId` and ✅ `refreshToken`. You can use these for all your extensions, but don't share them!
diff --git a/README.md b/README.md
@@ -13,7 +13,7 @@ npm install --save-dev chrome-webstore-upload
 
 ## Setup
 
-You will need a Google API `clientId`, a `clientSecret` and a `refreshToken`. Read [the guide](./How%20to%20generate%20Google%20API%20keys.md).
+You will need a Google API `clientId` and a `refreshToken`. Read [the guide](./How%20to%20generate%20Google%20API%20keys.md).
 
 ## Usage
 
@@ -24,7 +24,6 @@ All methods return an ES2015-compliant promise.
 const webStore = require('chrome-webstore-upload')({
     extensionId: 'ecnglinljpjkbgmdpeiglonddahpbkeb',
     clientId: 'xxxxxxxxxx',
-    clientSecret: 'xxxxxxxxxx',
     refreshToken: 'xxxxxxxxxx' 
 });
 ```

diff --git a/index.js b/index.js
@@ -10,7 +10,6 @@ const publishURI = (id, target) => (
 const requiredFields = [
     'extensionId',
     'clientId',
-    'clientSecret',
     'refreshToken'
 ];
 
@@ -47,12 +46,11 @@ class APIClient {
     }
 
     async fetchToken() {
-        const { clientId, clientSecret, refreshToken } = this;
+        const { clientId, refreshToken } = this;
 
         const response = await got.post(refreshTokenURI, {
             json: {
                 client_id: clientId,
-                client_secret: clientSecret,
                 refresh_token: refreshToken,
                 grant_type: 'refresh_token'
             }

diff --git a/test/fetchToken.js b/test/fetchToken.js
@@ -32,4 +32,4 @@ test.serial('Only returns token from response body', async t => {
     t.is(await client.fetchToken(), accessToken);
 });
 
-test.todo('Request includes clientId, clientSecret, and refreshToken');
+test.todo('Request includes clientId, and refreshToken');
diff --git a/test/helpers/get-client.js b/test/helpers/get-client.js
@@ -4,7 +4,6 @@ module.exports = function getClient() {
     return webStoreUpload({
         extensionId: 'foo',
         clientId: 'bar',
-        clientSecret: 'foobar',
         refreshToken: 'heyhey'
     });
 };