You can go this way…
or you can manually revoke and request every 55mins…
Thanks, mate! Where exactly in the API connector that can be mentioned?
add a query parameter with the key access_type and value offline as you redirect to the oauth server. that should do the trick.
Do you mean somewhere here? i don’t see an option for query string parameter. And adding a shared header works only for the calls themselves not to the authentication flow.
first try just putting
access_type=offline in the scope. so
login scope address?access_type=offline
@levon Did you break google sheets? lol literally just got an email to say Sheets, drive, docs and gmail are having issues at the moment… so heads up if your having issues this could be playing a role in it.funny how they can get an email to me though.
something big (and bad) is going on with Google!
Google classroom is down, sorry kiddies no school today.
Please stop! Your productivity is putting me to shame!
I’m looking to learn how to build these APIs. I have been trying and failing with Zoho CRM. Where would you recommend I start? Is there a plugin on Bubble that is similar to Zoho’s from where I could start?
I’ve just tried Jarrad, but it simply opens a blank screen with one symbol "#"
I tried appending the same parameter to “login dialog redirect URL” and access token endpoint URL - with the same result.
appending to user profile endpoint returns an error during the authentication.
Any other ideas?
How are you planning to use that integration? Maybe there are better tools than Zoho CRM for your use case…
just so we are on the same page first though, the way i go about it is using the offline type added to the call and here is why.
you need an access token to get an authorization token, then once you have an auth token you can get the refresh token. as you go for the auth token thats when you want to use the param to define the offline request. now what this means is you will still need to take a time stamp and refresh the token each 55mins. its easy, just on your flow for each api call if users timestamp + 5min => current time grab new refresh, BUT because the user has given your app offline permission they will not have to go through the google signin redirect and for aps that want to perform tasks for a user as that user without them…
just store the current users token on as a users thing available only to the user, only your app can use it if your https and if your worried you can add your own custom secrets to the calls.
im not sure what your planning for this plugin but if you set the scope https://www.googleapis.com/auth/drive all doc services will be avail to your plugin meaning a user wont get stuck not being able to convert on the fly or end up with multiple plugins to work with there docs.
dont forget to make use of the param login_hint as it will reduce what your users have to input to signup/in.
another good tip if your worried about saving the token is to create your own challenges:
A space-delimited, case-sensitive list of prompts to present the user. If you don’t specify this
the user will be prompted only the first time your app requests access. Possible values are:
none Do not display any authentication or consent screens. Must not be specified with other values.
consent Prompt the user for consent.
select_account Prompt the user to select an account.
if your having issues making this happen using the oauth agent flow you can achieve the same effect by using no auth and creating the calls.
here is the call to turn the returned users code into a refresh token as offline. code is where you push the returned auth token.
Also give this a shot as i didnt get an error but already had the access token so i couldnt go all the way to make sure…
when the server-side open’s up for us these little issues will properly go away… or bubble will get broken although like i say the token is safe if your treating the situation right so maybe i will make a little plugin to deal with the refresh issue… Ive just finished Firebase and am not using bubble at all for auth both ways… (plugin will be out soon for those who are chasing it!)…
Oh, keep in mind to if you get a token during testing you will return an error until it expires (1hr) but that giant bottle shop looking receipt in your looking at has the param code in it and that is valid so you can grab it and continue with refresh tests…
thanks for such a detailed explanations and congrats with the Firebase plugin! it looks awesome!
Using the offline access doesn’t seem working with Bubble’s Oauth2 agent flow. I tried adding the parameter in the header but after the token expires it simply returns an error.
So I"m trying to implement this not in the Plugin buidler but in the API connector defining a few no-auth calls setting all the parameters as you suggested. However when i try to do the first step and send the call to auth api I get a text response which is an HTML page. Should i instead redirect the user to an external page which would open that HTML?
see the plugin configuration screenshot below
Levon, thanks for the non-stop work and contributions from the Bubble Wits team. These are fantastic.
Thanks a lot Clayton, nice to hear
Founder @ Zeroqode
can you help me out here please? I’ve added ?access_type=offline to the auth URL (https://accounts.google.com/o/oauth2/auth?access_type=offline) in that case according to Google docs the call returns not only the access_token but also a refresh_token that can be used to get a new access_Token when it’s expired without asking for user’s consent again. and in that case the value of the refresh token should be sent as a “grant_type” parameter to the token endpoint. Can Plugin API Oauth2 handle this automatically or something else should be defined or changed?
Add the ?access_type=offline to the auth URL alone doesn’t change anything. The token gets expired and the access gets lost.
here is the link to the google docs regarding offline access https://developers.google.com/identity/protocols/OAuth2WebServer#offline
and here is the screenshot of the plugin API settings
Thanks in advance!
Quick question on contact uploader plugin. Off the top of your head do you have any idea on how to deal with setting the redirect url’s in the google developer console for links that are dynamically created in bubble? E.g., if I want a user to be able to upload their contacts to their own profile page with the hyperlink structure https://bubble.is/[current user’s username], how can you let google know that redirect uri is valid since you can’t possibly input every combination in the developer console? I tried using in this case the hyperlink without the path but am getting the 400 series error that redirect uri is invalid.
one idea that comes to my mind - if it’s absolutely necessary for the user to stay on that page - then maybe you could show an iframe with another page of your app that would have a static URL (which will be authorized in Google). in case you need to use dynamic data on that page you can still identify the user as “current user”. What do you think?
Ok, so one bit of info that might help out depending on how your implementing is google will only issue one refresh at a time otherwise it will error, so if your going to go about this by storing the refresh key and telling wf’s to get a new key if the hour is nearly up or is up then try a revoke token first before getting a new key.
on the other hand if you were to setup your very first call with a new user to include the offline param, then after this use another call that always presents the param prompt=“none” this might do the trick. failing none another option is consent, the user will get a consent screen but it will issue a refresh and continue.
fyi, if you dont include the prompt param in the initial call the user will be prompted only the first time your app requests access.
Thanks @levon for the pretty creative idea. Just gave it a test and hitting a few hiccups. iframe displays properly in a popup on the page that I want the contacts to connect to but seems like I can’t get to the authentication page with google (progress bar at top just hangs).
Also, from my experience with the contact uploader it seems that the contacts will be “connected” to the redirect url’s page. Even if we were able to authenticate properly with google I don’t know how I would get the contacts to display on the dynamic page (I don’t upload contacts to the user data type on my backend since it’s a very data intensive process).
Your thinking also allowed me to experiment a little with creating a new page in my bubble application that would only be suited to signing up and logging in with google contacts on page load but I face the same issue with the contacts not being connected to the redirect url’s page in my bubble application.
Going to continue experimenting with this over the next day or so and will report my progress back.