flask-assistant icon indicating copy to clipboard operation
flask-assistant copied to clipboard
verified publisher icon treethought

Account SIGN_IN

Open wtavares opened this issue 6 years ago • 4 comments

Hi !

Does we have the account sign_in response in order to request to the assistant start the sign in?

https://developers.google.com/assistant/conversational/helpers#account_sign-in

If not... how do I can implement this by myself an contribute with the project? I'm thinking in to something similar to the permission class. But as I'm not a python expert I do not how exactly how to do.

Thanks in advance. W

wtavares avatar Oct 11 '19 02:10 wtavares

hi @wtavares. flask-assistant now supports Account linking via Google Sign in!

To update: pip installl -U flask-assistant

and then check out the account linking example

treethought avatar Oct 11 '19 20:10 treethought

Hi @treethought !!!!

Thanks a lot for the fast feedback. Implemented and tested yesterday. Worked like a charm!

One comment and one question:

Comment: The profile and the access_token are not been filled. They are None. There is any trick or init needed? The user dict has all user sent by the DF including the access_token. I'm using it. No problem to me once I'm using my own OAuth2 implementation and validations to build the profile.

The doubt: How to we unlink or invalidate the access_token ate the AoG???? If my user removes their account... the token info is not useful anymore. So... is necessary to "invalidate" or remove the token at AoG. Do you have any idea about how to do this?

Thanks again! W

wtavares avatar Oct 16 '19 20:10 wtavares

Hi @wtavares, currently only Google Sign in is supported. Sounds like you are talking about the access token that is received during OAuth sign in. When using google sign in, you don't receive an access token, but rather a JWT token that is decoded to obtain the profile information.

And do you mean the profile local (imported from flask_assistant) is None after a user signs in?

treethought avatar Oct 22 '19 13:10 treethought

Hey Cam!

Sorry for the late response.

Well... We implemented the account linkage using OAuth + Google Sign in... But I was using the implicit process. The issue was if the user delete their account... there is no way to revoke the TOKEN at AoG. Simple like this... they do not support this. The soluttion was change my OAuth implementation to Authorization Code mode... with this we have the TOKEN expiring and at the TOKEN refresh we revalidate the user account. Worked fine.

About your question: importing the profile to check is the user signed in is giving me None. I'm gething the access_token from the user object.

Thats it.

Thanks for your help. Rgds W

On Tue, Oct 22, 2019 at 10:58 AM Cam Sweeney [email protected] wrote:

Hi @wtavares https://github.com/wtavares, currently only Google Sign in https://developers.google.com/assistant/identity/google-sign-in is supported. Sounds like you are talking about the access token that is received during OAuth sign in https://developers.google.com/assistant/identity/oauth2. When using google sign in, you don't receive an access token, but rather a JWT token that is decoded to obtain the profile information.

And do you mean the profile local (imported from flask_assistant) is None after a user signs in?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/treethought/flask-assistant/issues/119?email_source=notifications&email_token=AC5L7FANK6T7M5B5JGKMRCLQP4BH7A5CNFSM4I7UHHEKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEB52XBI#issuecomment-544975749, or unsubscribe https://github.com/notifications/unsubscribe-auth/AC5L7FFCU36EU6ZRLOOWZTDQP4BH7ANCNFSM4I7UHHEA .

--

[]'s

Washington Tavares

wtavares avatar Oct 25 '19 14:10 wtavares