What is the right way to build a chrome extension that requires “sign in with google” using manifest v3. I referred this link https://cloud.google.com/identity-platform/docs/web/chrome-extension but it works only in v2 and Manifest v2 is deprecated. I want to build an extension that will post data to google drive.
Any help is appreciated! thank you!
Hi @vishalkotecha ,
If you happen to have a working Manifest v2, you can migrate it to Manifest v3 by following this documentation.
For workaround, you can find this community discussion helpful as it has an accepted solution about using chrome.identity API for authenticating the users with OAuth2 API services.
Let me know if this works.
Hi there, I have a similar issue and I was hoping you could point me in the right direction too.
I am actually using the chrome.identity method of OAuth2 and Manifest v3. This doc is actually the same as the stack exchange link that you posted.
My issue is that I cannot get a token on the console. Instead, I get a popup saying my auth is blocked (freshly created oauth cred in GCP).
I have a feeling this might not be the manifest v3 to oauth2 workflow, but maybe something about my account(?)
I have Google Advanced Protection on my private gApps (gsuite, workplace – that’s the one); does that have any effect?
I’m hoping for advice on what I can check in my google/GCP account, that may be blocking my extension oauth.
Thanks for reading 
edit: I’d like to quickly add that the error in that oauth popup is “400: unsupported_response_type”;
But I haven’t figured out how to see what response type Chrome is getting back, that it doesn’t support.
This happens when I call chrome.identity.getAuthToken({interactive: true}, function(token) { ...
The error happens under the hood and I just get back a token: undefined.
edit2: I realized that I do get some error info at the console.
index.html:1 Unchecked runtime.lastError: The user did not approve access.
Now I’m not sure how I’m supposed to approve access(?)
I’m not sure I know what that would mean; there’s no info in the docs about approvals in this process.
edit3: I figured most of this out. I ended up implementing a identity.launchWebAuthFlow if the getAuthToken call failed; But now I’m getting a 400: redirect_uri_mismatch.
The problem there is that there’s no field to configure a redirect_uri in the “Chrome Extension” client credential type, in the GCP API console.
So I wonder if I just have to create a regular web cred (to specify redirect_uris) because maybe something is missing from the Chrome Extension credential interface(??) Or maybe there’s a default redirect_uri for Chrome Extension creds that I don’t know about(?)
Manifest 3
add “identity” to permission,after add field in manifest
“oauth2”: {
“client_id”: “.apps.googleusercontent.com”,
“scopes”: [
“https://www.googleapis.com/auth/userinfo.email”,
“https://www.googleapis.com/auth/userinfo.profile”
]
},
And after write function
const loginWithGoogle = () => {
chrome.identity.getAuthToken({ interactive: true }, (token) => {
if (chrome.runtime.lastError || !token) {
chrome.tabs.create({ url: ‘https://accounts.google.com/signin’ });
return;
}
signInWithCredential(auth, GoogleAuthProvider.credential(null, token))
.then((res) => {
console.log(‘signed in!’);
})
.catch((err) => {
if (token) {
console.log(err);
} else {
chrome.tabs.create({ url: ‘https://accounts.google.com/signin’ });
}
});
});
};
Have you ever found a solution to your problem? I have the same issue.
