I'm new at Actions on Google and I've never done account linking. I'd like to link my web server with Google account. Can anyone explain me how to do account linking step by step. I found link https://developers.google.com/actions/develop/identity/account-linking but when I run simulation it says "It looks like your apial account is not linked yet. You can link apial to your Google Account from the Google Home app.". What am I supposed to do next?
In the web simulator, when it states "It looks like your XYZ account is not linked yet", it'll provide something like the following on the response log on the right:
"name": "Account Linking Url",
"debugInfo": "https://assistant.google.com/services/auth/handoffs/auth/start?provider=google-project-id-123455_dev&return_url=https://www.google.com/"
You can copy & paste that link into your browser, and it'll take you to the OAuth provider that you set up, asking you to authorize your API.AI app. If the process succeeds, you'll eventually be redirected to https://www.google.com/?result_code=SUCCESS&result_message=Accounts+now+linked, as an indication that the process worked.
Of course, if you have an actual Google Home, you can open your Google Home app and follow the process there instead.
Related
I'm trying to get the Google Sheets API to work with node and I've got as far that it asks me to sign it with my Google account and the allow the app to view my Google Spreadsheets. After I press allow it redirects me to a Page not found saying "ERR_CONNECTION_REFUSED". In the URL it reads "code=4" but I can't find what this stands for. I'm currently stuck in my console waiting for a code from this page. .
My code is the exact same as on the API documentation but I had to change "credentials.installed" to just "credentials" because otherwise it didn't work.
Has it maybe something to do with my callback URIs? I have both "Authorised JavaScript origins" and Authorised redirect URIs" as just "http://localhost:8080".
My credentials.JSON looks like this
{
"client_id":"XXXX",
"project_id":"XXXX","auth_uri":"https://accounts.google.com/o/oauth2/auth",
"token_uri":"https://oauth2.googleapis.com/token",
"auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs",
"client_secret":"XXXX",
"redirect_uris":["http://localhost:8080"],
"javascript_origins":["http://localhost:8080"]
}
In summary: I get a "Page not found" instead of the code that you're supposed to paste to the console after I press the "Accept" button.
I selected "web application" instead of "desktop application". Just download credentials JSON and copy code directly from quick start and it will work. My bad.
Introduction
I've been trying to build a Google Home, Smart Home Activity that integrates with Azure AD. I've been able to correctly sign in so the ClientId/endpoints/scopes must be correct.
When I try to connect to the Smart Home skill using the simulator it shows me an error that this functionality isn't supported in the simulator. So I then moved to my actual android phone. However when I try to link to the smart home service in the google home app it correctly asks me to login, but after logging in the login screen disappears and I'm back to selecting a service I want to link to.
Flow to activate service:
So after the 4th image it just goes back to the original screen and no skill was ever added.
I've also setup NGROK as my fullfillment URL but I see no activity other then some of my own tests:
My configuration
This is the way I've set everything up:
Azure AD:
I've also configured the direct URL to be: https://oauth-redirect.googleusercontent.com/r/davysmarthome
Google Home (Action):
Google Home (OAuth):
Summary
My question would be why my skill doesn't want to be linked to. I have not yet implemented anything in my actual API yet but I would expect NGROK to at least show some data traffic if google home would actually try to link itself and request what devices are connected.
After analyzing the 4th image, it can be seen that you haven't enabled "Testing" on your project, sometimes the Account Linking process fails if testing has been disabled for any reason. To make sure testing is enabled for the project, go to AoG Console > Develop > Account Linking > Test (Upper Right Corner).
But, in this case, it does not necessarily mean that the account linking failed, it is also possible that account linking succeeded, but failed in SmartHome Sync. To make sure if account linking has succeeded, please visit https://myaccount.google.com/accountlinking?hl=en and check if the account has been linked correctly.
There are other tools available that can help you with debugging OAuth issues such as "OAuth Playground". It helps in finding out the exact issue causing the error.
I am creating a new Google smart home Action, and step one is to create an OAuth 2.0 server for account linking.
https://developers.google.com/actions/identity/oauth2?oauth=code&hl=ko&refresh=1
I have follow all of the steps on the Google documentation under the Auth code UP UNTIL 'start the authentication flow'. I do not know if this is required or where this code would go, but that is a different topic.
However, there is an error with my Authentication page. Linking is done with my iPhone's Google Home app, currently which has the generated [test] prefix. When I click the [test] MYAPP, the service runs through till the redirection correctly. The webpage closes and informs me 'MYAPP is linked. As soon as this notification disapears, a new notification 'Something went wrong. Try again' appears.
Clicking the [test] MYAPP to link any time afterwards leads to a blank webpage that says 'Account now linked', but the MYAPP does not move to the 'linked' portion of the Google Home app.
https://developers.google.com/actions/smarthome/develop/error-logging
After checking the logs, I was initially getting 'OPEN_AUTH_FAILURE' for days. Now, I am getting 'BACKEND_FAILURE'.
What is the next step? How can I debug this?
You can use the Google OAuth Playground to verify that your account linking implementation is working properly. Here is how you can configure this tool to test your endpoint:
Open the Settings gear, change OAuth endpoints to Custom
Enter your authorization and token URLs from the Actions console
Enter your client ID and secret from the Actions console
You won't be authorizing any Google APIs, so for Step 1 you can just enter something like "devices" and click Authorize APIs. You can follow through with the flow in Step 2 to verify that the authorization and token exchange work properly. The tool will report if any errors occur in the flow.
If you can successfully verify your account linking implementation, but you are still seeing errors returned in the Cloud console, please file an issue.
I have been trying to implement the OAuth v2 for Microsoft Accounts for my website. Its currently in development stage and so am testing on localhost. The Website is an ASP.NET Core MVC 5 Application.
I have followed the tutorial here to implement OAuth for Twitter, Google and Facebook accounts. I found this to be quite simple with only a few small issues that I was able to solve with simple google searches.
However I have spent several days trying to understand what is happening when trying to use Microsoft Account authentication on my site.
I have watched the video here on registering an application in the Microsoft App Registration Portal. At around minute 6 in the video a short demo shows how to set up the App. You can see my App details in the following screen shot:
In the video at about 7.5 mins in, there is a small section explaining how to test the App by building a URL string.
On submitting the query string to the browser the page is redirected as expected to my App page as you can see here:
In this instance I was all ready signed into my Microsoft Outlook account. If I wasn't signed in I would be prompted to login to a Microsoft account. Logging in, in this case choosing my already signed in Outlook account causes the page to be redirected back to my site as seen in the following screen shot but because the site didn't send the request its not expecting a token sent back for login so nothing really happens. This is expected behaviour, at this point as I was only testing that the Apps end point was working as expected.
[
The next stage is to test the functionality from my website. This is where I always have issues. To activate the OAuth functionality for Microsoft Account login requires simply un-commenting a couple of lines of code within the Startup.Auth.cs file in my websites App_Start folder and passing in the Apps ClientKey and ClientSecret values as can bee seen in the following code snippet:
app.UseMicrosoftAccountAuthentication(
clientId: System.Configuration.ConfigurationManager.AppSettings["MicrosoftOAuthClientID"],
clientSecret: System.Configuration.ConfigurationManager.AppSettings["MicrosoftOAuthClientSecret"]);
This code basically adds a little button to the login page that allows you to choose Microsoft login as can be seen here:
[
When I click the Microsoft button I get the following error page:
And the query string returned contains the following:
https://login.live.com/err.srf?lc=2057#error=unauthorized_client&error_description=The+client+does+not+exist.+If+you+are+the+application+developer%2c+configure+a+new+application+through+the+application+management+site+at+https://apps.dev.microsoft.com/.&state=JMxMRuKaOiYWCQw_Uqkhv3gLQn3ULlkG2miM4ymcHhTK5niXVQl5n4L0a6VoWeEKmFM7T1ciU2oQAh26_Y0i2DMjdt6BOAtpjNeMaSpBq4wbCjva9lOuctOUIWwoFdTEGvxJ4M904lUsoudd9e9cYi6eiH3JF81HB5ouQSus2ddE1sVUQLw-YB1GjUL79y2muFaBFIOIOk75oCV2IxX4cFO2rJU04K9Se6gxu698WpzR8taUB2c6tK9u0dBisckhavf0IvKB9dWQq-IVwQgvaA
Anybody know why or what is happening????
Now I have read in several of my many searches while trying to understand whats happening when I try to test the App from my site rather than a URL directly in the browser that I should have
/signin-microsoft
appended to my Redirect URL in the App Portals configuration. I have Tested with my Redirect URL set like that and this does not work. I get a HTTP ERROR 500 sent back because the page signin-microsoft does not exist. So this is not my problem.
Please help if anyone has had the same issues and solved it.
EDIT: I should have mentioned that I was initially trying this using Local IISExpress but after reading some posts saying it can be done only on IIS so I published my site locally to IIS.
I am trying to run the sample Google Apps Script Service Account OAuth example taken from here:
https://github.com/googlesamples/apps-script-oauth2/blob/master/samples/GoogleServiceAccount.gs and keep getting a server timed-out error. I copied the exact code and just substituted in the private key, client email, and a user email. The example code looks to be current as there was an update to it on July 30th.
I have authorized https://www.googleapis.com/drive/v2/files through the admin console as well as https://accounts.google.com/o/oauth2/token and have listed these as scopes in the admin settings (and domain-wide delegation is enabled). I am using an admin account to run the script.
I keep getting the ubiquitious "Server Timed Out" error and nothing shows up in the Execution Logs.
What might be the problem? Any help would be appreciated. Thanks in advance.
Thanks, Gerardo, for pointing me in the right direction. It turned out that our organization manages permissions for the Google Developer's Console by Organizations (in the Google Admin console). Somehow a few accounts, including mine, were kicked out of the Organization that had permissions to access the Developer's Console. After adding myself back in, the sample worked without problems.