Requested scopes not granted with gapi.auth2.init but granted with gapi.auth2.authorize for SOME users #613
Comments
zbettenbuk
changed the title
gapi.auth2.init but granted with gapi.auth2.authorize for SOME users
tpendragon
added a commit
to samvera-deprecated/browse-everything-redux-react
that referenced
this issue
Dec 4, 2020
May fix issue with some users logging in, as per google/google-api-javascript-client#613
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We have a live app and just recently got a few reports that some (5%) users can't import files from Drive using the Picker api. Here is a detailed description of the problem: https://stackoverflow.com/questions/60931717/intermittent-the-api-developer-key-is-invalid-error
Since then we got a test user that constantly produces the issue, so we managed to dig a bit deeper.
What happens is that when we invoke
gapi.auth2.initand then.signInon the response, the requested scopes (e.g. drive.readonly and drive.file) are missing in the granted scopes list of the response. The user doesn't get a consent screen popup to grant or deny any scopes, and the requested scopes DO appear in myaccount.google.com. But as they are not returned in the granted scopes list, the consequent Picker API call fails (obviously).Now we replaced the
gapi.auth2.initcall withgapi.auth2.authorize(same client ID, scopes...etc) and everything works fine. But we don't really want to use that API in production, because even Google describes this API as not recommended.Any ideas?
The text was updated successfully, but these errors were encountered: