You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A basic implementation is available in the repository. It generally works, but has some drawbacks:
A refresh_token is not available to the openEO proxy -> The access_token may expire for longer running requests, but that may only lead to issues with the job status, I guess. => Request a refresh token from Google #87
The only flow that is supported by Google and doesn't require a client secret seems to be implicit. That means only the Web Editor can connect easily, all other clients will need client secret that users obtain from the Google API Console.
Each request to the openEO proxy issues a new request to the ID token endpoint. That's pretty excessive, I guess I should cache that and only request the ID token again once the access token changes. For now, I'll live with it as it's not a service that is used by a couple of people.
Keeping these points open for now as they are lower priority for me for now. I might be able to weaken the effects for (1) and (3) through additional code and (2) needs to wait for improvements on Googles side, which I heard are at least planned.
Users should be able to connect with their own accounts, not with our service account.
The text was updated successfully, but these errors were encountered: