Issue metadata
Sign in to add a comment
|
Identity API contains wrong content
Reported by
m.k...@texthelp.com,
Oct 1
|
||||||||||||||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36 Steps to reproduce the problem: 1. Use the latest stable Chrome with the latest stable OS X. 2. Log into chrome as a user with access to admin.google.com 3. Install a chrome extension that uses chrome.identity 4. Revoke any permissions if it has any 5. Use the extension in such a way that it call chrome.identity.getAuthToken What is the expected behavior? The "Identity API Scope Approval UI" window will pop up allowing the user to select and account or sign in. Once signed in the extension will use the credentials provided. What went wrong? The "Identity API Scope Approval UI" window pops up but the displayed page is admin.google.com/AdminHome The user can not log in or authorise in any way. Did this work before? Yes Previous version. Does this work in other browsers? Yes Chrome version: 69.0.3497.100 Channel: stable OS Version: OS X 10.14.0 Flash Version: This works fine on Windows. If I log in on a Windows machine with syncing turned on the Mac will then work correctly. Only if the identity screen needs to appear does it fail.
,
Oct 1
,
Oct 1
Hi, I can confirm that I am seeing exactly the same behaviour on versions 69 (Windows), 70 (Chrome OS) and 71 (Chrome OS). It, therefore, seems to be cross-platform. The issue only seems to occur when calling the Identity API (chrome.identity.getAuthToken) and a user interaction is required. A background token refresh works fine. It also _only_ seems to happen for G-Suite Admin/Super-Admin users (as noted by the original poster). Regular G-Suite or Gmail users are fine. As the Approval UI window will not allow developer tool access, it isn't possible to view the redirects that end up with the admin console window displaying, although I note that typically the admin console requests the user re-enter their password before displaying in a normal session - but that does not appear to be the case here (e.g. a password is not requested). It is quite frustrating for builders of extensions, as a number of small G-Suite customers are Admins in some way, and are essentially now prevented from using these tools (if they interact with the G-Suite world). Many thanks in advance, JD
,
Oct 2
We have Enterprise customer reporting this issue in case# 17072865
,
Oct 2
-> msarda@ for identity triage
,
Oct 3
Thanks for filing the issue. This seems to be Enterprise related to issue, hence forwarding it to Inhouse team for further triaging of the issue. Thanks.!
,
Oct 4
David: Would you have time to look at this issue? I will send you an account that is an admin account and that has access to admin.google.com
,
Oct 4
I tried on trunk on linux and could not repro so far. If you are able to repro, can you send a screenshot of: chrome://identity-internals
,
Oct 5
Has something changed on the server end as it appears to be working correctly for me again? I've tried on several accounts. I'm now reaching out to several customers who had the issue to see if it now works correctly for them too. I'll update when they get back to me.
,
Oct 5
I can also confirm that the errant admin.google.com page is now no longer being shown on sign-in for G-Suite Admin users (at least, on the extensions I have tested) - the identity flow seems to be working again as intended. Yours, JD
,
Oct 5
Marking as wont fix per comment #12. Please reopen if this reproduces again. This may have been a server-side issue. |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by pi...@sobie.ch
, Oct 1