Using Chrome auth to access gmail api inside Chrome extension
Building a Chrome extension for Gmail, trying to use Chrome Auth to access the gmail api per stackoverflow question and answer and Gmail API docs and others. I am successfully receiving the token with chrome.identity.getAuthToken({ 'interactive': true }, function(token) {}
, however, when I connect the token to the request url, I get the following 401 error response (code follows)
error response
{
"error": {
"errors": [
{
"domain": "global",
"reason": "required",
"message": "Login Required",
"locationType": "header",
"location": "Authorization"
}
],
"code": 401,
"message": "Login Required"
}
}
My code:
background.js
chrome.tabs.onUpdated.addListener( function (tabId, changeInfo, tab) {
if (changeInfo.status == 'complete') {
chrome.identity.getAuthToken({ 'interactive': true }, function(token) {
thisToken = token
chrome.runtime.onMessage.addListener(
function(request,sender,sendResponse){
var gapiRequestUrlAndToken = "https://www.googleapis.com/gmail/v1/users/mail%40gmail.com/threads?key={" + thisToken + "}"
var makeGetRequest = function (gapiRequestURL)
{
var xmlHttp = new XMLHttpRequest();
xmlHttp.open( "GET", gapiRequestURL, false );
xmlHttp.send( null );
return xmlHttp.responseText;
}
makeGetRequest(gapiRequestUrlAndToken);
}
);
});
}
})
manifest.json
{
"manifest_version": 2,
"key": "<key>",
"name": "exampleName",
"description": "Description",
"version": "0.0.1.7",
"default locale": "en",
"icons": { "128": "imgs/pledge_pin.png"},
"content_scripts" : [
{
"matches": ["*://mail.google.com/mail/*"],
"js": ["js/jquery.js", "js/compose.js", "bower_components/jqnotifybar/jquery.notifyBar.js"],
"css": ["css/stylesheet.css", "bower_components/jqnotifybar/css/jquery.notifyBar.css"]
}
],
"background": {
"scripts": ["scripts/background.js"]
},
"permissions": [
"identity"
],
"oauth2": {
"client_id": "<client id>",
"scopes": ["https://www.googleapis.com/auth/gmail.modify"]
}
}
I suspect this is because I am trying to use Chrome Auth for the Gmail api, but other posts I read have led me to believe that this is a viable option.
In case my code didn't issue it, I'm a newbie, so any help is appreciated and I really appreciate your time.
source to share
key
intended for shared application secrets. For custom tokens, you need to use access_token
. And the token doesn't have to be wrapped in {}
. If mail%40gmail.com
is the actual value you are using in the url it will not work. It must either be the email address of the authenticated user, or me
.
So change:
"https://www.googleapis.com/gmail/v1/users/mail%40gmail.com/threads?key={" + thisToken + "}"
For this:
"https://www.googleapis.com/gmail/v1/users/me/threads?access_token=" + thisToken
source to share