Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

clientSecret is not required if token is for "Chrome App" #46

Merged
merged 11 commits into from
Sep 18, 2021
Merged

clientSecret is not required if token is for "Chrome App" #46

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
6810a72
Remove redundant clientSecret variable
tuanddd Dec 28, 2020
cc79c92
Edit copy
tuanddd Dec 29, 2020
84bb0c2
Mention other compatible types
fregante Dec 29, 2020
bd5d048
Fix typo
fregante Jan 28, 2021
fde1e2c
Improve waiting step wording
fregante Jan 28, 2021
19a05f1
Update instructions and screenshot
fregante Jan 28, 2021
3fff5dd
Merge branch 'master' into chore/remove-redundant-client-secret
fregante Jan 29, 2021
bbf28ee
Merge branch 'master' into chore/remove-redundant-client-secret
tuanddd May 20, 2021
e7a5acc
Update process
fregante Sep 18, 2021
a303779
Restore index.js
fregante Sep 18, 2021
02333d9
Send secret only if it exists
fregante Sep 18, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 6 additions & 7 deletions How to generate Google API keys.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

[chrome-webstore-upload](https://github.com/DrewML/chrome-webstore-upload) uses the Chrome Web Store API.

Here's how to get its 3 access keys: `clientId`, `clientSecret`, `refreshToken`
Here's how to get its 2 access keys: `clientId`, `refreshToken`

*Note:* the names you enter here don't really matter. This will take approximately 10 minutes, sorry.

Expand All @@ -25,14 +25,14 @@ Here's how to get its 3 access keys: `clientId`, `clientSecret`, `refreshToken`

<img width="771" alt="Create credentials" src="https://user-images.githubusercontent.com/1402241/77865679-e89f3a00-722f-11ea-942d-5245091f22b8.png">

0. Select **Other** (or **Desktop app** if available), enter `chrome-webstore-upload` and click **Create**
0. Select **Chrome App** (**Desktop app** and **Other** also work, if Chrome App is missing), enter `chrome-webstore-upload` and click **Create**
fregante marked this conversation as resolved.
Show resolved Hide resolved

> <img width="187" alt="Configure client type" src="https://cloud.githubusercontent.com/assets/1402241/21517952/d1f36fce-cc97-11e6-92c0-de4485d97736.png">
> <img width="187" alt="Configure client type" src="https://user-images.githubusercontent.com/25856620/103254672-d1f16380-49b8-11eb-8cdf-98c2483be403.png">
fregante marked this conversation as resolved.
Show resolved Hide resolved

0. Save your ✅ `clientId` and ✅ `clientSecret`, these are your 2 of your 3 keys.
0. Save your ✅ `clientId`, this is 1 of your 2 keys.
0. Place your `clientId` in this URL and open it:

`https://accounts.google.com/o/oauth2/auth?client_id=YOUR_CLIENT_ID&response_type=code&scope=https://www.googleapis.com/auth/chromewebstore&redirect_uri=urn:ietf:wg:oauth:2.0:oob`
`https://accounts.google.com/o/oauth2/auth?client_id=YOUR_CLIENT_ID&response_type=code&scope=https://www.googleapis.com/auth/chromewebstore&redirect_uri=urn:ietf:wg:oauth:2.0:oob&access_type=offline&approval_prompt=force`
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The API in this case does not return refresh_token, but just the access_token.

Maybe this was my fault, I did not use this updated URL. Now I used it and I got the refresh_token as expected 🥳

Screen Shot 8

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So....everything is good?

Copy link
Owner

@fregante fregante Jan 29, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

“Token type change” appears to be fixed, I just need to wait a little longer to ensure it doesn’t expire.

But it’s still a “breaking change,” so a few more changes are required as suggested in that section.


0. Follow its steps and warnings (this is your own peronal app) and wait on the last page:

Expand All @@ -45,7 +45,6 @@ response = await fetch('https://accounts.google.com/o/oauth2/token', {
method: "POST",
body: new URLSearchParams([
['client_id', prompt('Enter your clientId')],
['client_secret', prompt('Enter your clientSecret')],
['code', new URLSearchParams(location.search).get('approvalCode')],
['grant_type', 'authorization_code'],
['redirect_uri', 'urn:ietf:wg:oauth:2.0:oob']
Expand All @@ -67,4 +66,4 @@ if (!json.error) {
}
```

9001. Done. Now you should have ✅ `clientId`, ✅ `clientSecret` and ✅ `refreshToken`. You can use these for all your extensions, but don't share them!
9001. Done. Now you should have ✅ `clientId` and ✅ `refreshToken`. You can use these for all your extensions, but don't share them!
3 changes: 1 addition & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ npm install --save-dev chrome-webstore-upload

## Setup

You will need a Google API `clientId`, a `clientSecret` and a `refreshToken`. Read [the guide](./How%20to%20generate%20Google%20API%20keys.md).
You will need a Google API `clientId` and a `refreshToken`. Read [the guide](./How%20to%20generate%20Google%20API%20keys.md).

## Usage

Expand All @@ -24,7 +24,6 @@ All methods return an ES2015-compliant promise.
const webStore = require('chrome-webstore-upload')({
extensionId: 'ecnglinljpjkbgmdpeiglonddahpbkeb',
clientId: 'xxxxxxxxxx',
clientSecret: 'xxxxxxxxxx',
refreshToken: 'xxxxxxxxxx'
});
```
Expand Down
4 changes: 1 addition & 3 deletions index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ const publishURI = (id, target) => (
const requiredFields = [
'extensionId',
'clientId',
'clientSecret',
'refreshToken'
];

Expand Down Expand Up @@ -47,12 +46,11 @@ class APIClient {
}

async fetchToken() {
const { clientId, clientSecret, refreshToken } = this;
const { clientId, refreshToken } = this;

const response = await got.post(refreshTokenURI, {
json: {
client_id: clientId,
client_secret: clientSecret,
refresh_token: refreshToken,
grant_type: 'refresh_token'
}
Expand Down
2 changes: 1 addition & 1 deletion test/fetchToken.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,4 +32,4 @@ test.serial('Only returns token from response body', async t => {
t.is(await client.fetchToken(), accessToken);
});

test.todo('Request includes clientId, clientSecret, and refreshToken');
test.todo('Request includes clientId, and refreshToken');
1 change: 0 additions & 1 deletion test/helpers/get-client.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@ module.exports = function getClient() {
return webStoreUpload({
extensionId: 'foo',
clientId: 'bar',
clientSecret: 'foobar',
refreshToken: 'heyhey'
});
};