react-oauth icon indicating copy to clipboard operation
react-oauth copied to clipboard
verified publisher icon MomenSherif

Granting permission every time I use the same Google account to sign in

Open mridul-tmpl opened this issue 1 year ago • 10 comments

I am using the useGoogleLogin for the Google sign in and it's asking me for permission every time I select the same google account.

Here is my useGoogleLogin code that I picked from the docs.

const login = useGoogleLogin({
  flow: "auth-code",
  onSuccess: async (codeResponse) => {
    try {
      const tokens = await axios.post("/api/auth/google", {
        code: codeResponse.code,
      });
    } catch (error) {
      console.log("errorfe", error);
    }
  },
});

I want the permission thing to come for the first-time signing only.

Untitled design (1)

mridul-tmpl avatar Mar 06 '24 05:03 mridul-tmpl

We are also encountering this, anybody found solution?

Hurtak avatar Apr 04 '24 15:04 Hurtak

Seems that it is also problem in the examples, the auth-code flow always asks for the permissions, the implicit flow (or the simple/one-tap ones) only ask for it first time you log in.

One weird this if that this used to work for auth-clode flow, but then it stopped. @MomenSherif is this something that could be cause by changes in the code in this library? Or did something change on google side?

https://github.com/MomenSherif/react-oauth/assets/6587821/9234e149-2e1f-4ed7-b5e1-137bd634aecc

Hurtak avatar Apr 04 '24 15:04 Hurtak

I did some more digging, there is this informative stack overflow post https://stackoverflow.com/questions/14923799/login-with-google-always-asks-user-consent which says prompt=consent can be causing this, and when I checked the google auth URL, that is opened in new window, it seems to indeed have this parameter. Here is the URL it opens for me

https://accounts.google.com/o/oauth2/v2/auth/oauthchooseaccount?gsiwebsdk=3
  &client_id=XXXXXXXXXXX
  &scope=openid%20profile%20email
  &redirect_uri=storagerelay%3A%2F%2Fhttp%2Flocalhost%3A8080%3Fid%3Dauth35848
  &prompt=consent     <<<----------------------
  &access_type=offline
  &response_type=code
  &include_granted_scopes=true
  &enable_granular_consent=true
  &service=lso
  &o2v=2
  &theme=mn
  &ddm=0
  &flowName=GeneralOAuthFlow

@MomenSherif Where are these parameters coming from? I tried to search the codebase but it does not seem to be set anywhere, only passed in case it is defined, but I do not define it. So perhaps it is some default from Google? Also for auth-code flow, according to types, we cannot set this parameter, only for the implicit flow. Is that correct?

Hurtak avatar Apr 04 '24 16:04 Hurtak

Hi @MomenSherif , bumping this thread, running into the same issue. Would appreciate your eyes on this!

ChenCodes avatar May 07 '24 21:05 ChenCodes

is there any solution for this ?

Prajapati-developer avatar Jun 05 '24 10:06 Prajapati-developer

@MomenSherif Another bump.

wkappers-gmu avatar Jun 06 '24 14:06 wkappers-gmu

Does anyone resolve consent flow issue coz i have the same issue here : (

NitinNR avatar Jul 05 '24 14:07 NitinNR

same here, who can save our life, haha

quanbui1997 avatar Jul 15 '24 10:07 quanbui1997

After spending way too long on this, it seems like this is a Google change and has nothing to do with this library, although it makes the library feel incomplete.

  • https://stackoverflow.com/a/72771487/434443
  • https://overclocked.medium.com/seamless-api-access-with-google-identity-services-b9901009a8ce

TL;DR: Google has pushed to separate authentication from authorization, so you need to interact with two SDKs/APIs for a sane login + grant access process. :disappointed:

AdrianSchneider avatar Aug 20 '24 18:08 AdrianSchneider

sameee isssue. pls fix this up

humblelad avatar Aug 31 '24 19:08 humblelad