This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
[UPDATE] Google Auth Flows and WebView2 #1647
Comments
|
This is not a solution. I'm not blaming Microsoft for it. Google is a dictator. We need to move away from Google products. The only way we can do so, if Microsoft creates a Gmail. Until then, we are all screwed. The is could get way worse, the sign in with Google is a disaster right now. We can't use it with WebView2. When WebView2 was announced, I was so excited. A powerful, fast, updated Browser embedded to .NET Application. This has been a dream for All Microsoft Developers. And now all of sudden after less than year of it's launch. Google decided to prevent us from accessing Gmail from inside Webview2. Wow. |
|
@markismail7 |
|
We are CEF users thinking about moving to WebView2, just waiting for #20 to be progressed. We have faced exactly this authentication issue in CEF and after some considerable effort I managed to get an OAuth access token by spawning an external browser. from our app. But as it explains in the post I have been unable to find any way of using the token for general web requests. If anyone here has any ideas that would be very useful |
|
So if I use the OAuth, the user can sign in with the main browser, then once the user is signed in, the user can go back to use Webview2? It's like scratching your ear with your toe SMH. It's like we have nothing to do, but to work extra for google. Imagine every website is doing the same thing. I'm really surprised that most people are ok with it? |
|
Rrrrrrrrr is swichtes from cef sharp to webview2 to use google login and now it breaks again i pissed off now |
|
@markismail7 i hate the security change from google now my app loses lot of funtions 40hours of work gone now |
|
Can you help me with the workaround? Not sure why you think WAB is a solution here... That's only a solution in the same way Oauth is a solution, when you know how to set the response into webview2 to make it know you are logged in. PS. I think the solution on this post |
|
@federicorosso1993 I did update to the latest version, still having the same issue. How did you fix it? |
I did not fix it. By solution I mean what should be done by Microsoft, but the problem is still there |
|
Why are we paying the price for Google's problem. When a user attempts to sign in with Google, let the Webview2 opens the Chrome Edge, then after signing in, it'll load automatically back to Webview2. That's a solution. Not make me register my app for something I'm not familiar with. This whole thing is stupid. Real Hackers don't need a browser to attack Google. SMH. I don't think it's about security. |
|
Here's a practice from gg. I can't point the different between my own way and this suggestion.
|
Can you use this sample to navigate on a webview2 after the login like in a regular browser for all the Google website like Gmail and YouTube? I would like the user to be able to use my app as a browser and only use the real browser during log in, is that possible? I used a little of Google drive API for another project and I know how to ask the user the Auth code from an app and wait for the log in response, but after that I can only make another api call to access Google drive files with my own interface, I cannot set that token in a webview2 to make the user able to navigate in Google drive logged in. That's the main problem to solve |
That's not my use case, so I haven't tested that. But I think it's ok, About the HttpListener, I have never used that before, may be there's firewall problem. |
Don't really know what are you talking about for the httplistener, I don't have a problem with that in my other project. The problem is only with my last project where I use a webview2 as a browser and there is no way to log in to Google and watch YouTube videos after that in my own browser like app. If I can only make a oauth2 call to get the video Flux and watch it in my own interface that will only work for YouTube but not for Google drive or Gmail then there is no reason to use a webview in the first place. Of course I cannot only use my interface because I also need my browser to work on all website (not just Google services). It's crazy how difficult they made it just because they refuse to make an alternative for the Google log in... It's not even possible to use a password application like you can do for older outlook. |
@federicorosso1993, yes this sample works fine with webview2 and doesn't require any additional google login for gmail, youtube, etc... it's easy to confirm yourself as i have... add webview2 control (with Name="wv2") to bottom of existing window, then replace the one line that spawns external browser: with webview2 equivalent: it appears the webview2 browser instance maintains full fidelity... we can hit F12 to open typical chrome debugger tools window and inspect that google's login cookies are indeed present. @jasonstephen15 , @markismail7, @jarno9981, @64Soft, @Simon4638 - i'm mainly posting because i want to better understand what roadblocks you are running into, so i don't waste time going down a dead end for my own project... it seems embedded browser approach is still functionally viable... so is this entirely about the change in google's policy? i.e. we're running afoul of rules if we continue to use embedded, even if it works? maybe latest webview2 (v1.0.992.28 stable, published 2021-09-27) closed previous gaps? |
|
@Beej126 thank you for trying it. I'll try to undestand how to implement it in my own app. |
|
@Beej126 thank i am going to try to |
|
@Beej126 still doesn't log me in only on edge browser . and returns this in the textbox of the browser but when i try to login it says unsafe app Winforms |
|
after email in external browser after trying to login in email |
|
if i understand you, you're hoping that embedded webview2 login is shared with external browser... that might be possible with further effort but that's not going to work by default ... i believe they are running under separate "user profiles", i.e. a different bucket of all the browser state, cookies, etc i misunderstood your desired scenario... what i am looking for, and what i thought you all were looking for, was that after you use webview for google oauth flow, you can also then count on the google auth login to be present under the webview for other google sites, youtube, gmail, etc |
|
@Beej126 I want to by abble to login from winforms app that correct |
|
when redirect url is active this shows this is what textbox says : https://www.google.com/redirect URI: http://127.0.0.1:61965/ |
|
this after email clicked |
|
i guess you're not doing what i said, to modify the sample to use the webview2? |
|
this fork has the embedded webview tweak i'm suggesting in the wpf sample: https:/Beej126/oauth-apps-for-windows first image shows the oauth flow in the embedded webview |
|
@Beej126 i will try that like that your doing |
|
returns this for me
no refresh |
|
JFYI: if you configure WebView2 to use the remote debugging port switch, then Google Sign won't work. We describe this in our troubleshooting guide. |
|
@vladimir-ikryanov @jarno9981 is it now possible to sign in to google using an embedded (WebView2) browser? |
yes i've been doing this for months now with solid results. |
It seems the main change required is changing the user-agent? What is the value of that user-agent property you're using (I'm not using C# so can't check) |
|
(i heavily edited my initial response once i'd had a good night's rest =) i found a little orchestration necessary for it to work well for me... two main things:
this is what i got working through trial and error but it feels like there could be other ways if there's willpower to walk through trapping all the various events to refine alternatives. i'll go ahead and mention, every once in a while i'll lose my login context with gmail and i'll have to re-login, this seems pretty typical even in normal browser operation... right after successful login, google presents an interesting page something to the effect of "would you like to continue to the modern gmail page or the old html only one"... i believe this comes from them reading the nonstandard user-agent and assuming that means you're running in a low end browser... it's no harm, i just pick the modern gmail option and off it goes just fine... to me even seeing this dialog is an interesting space to explore sometime... it is a really powerful idea for us to be able to insert our logic in the middle of all these hosted pages and influence what happens to create something more catered to our individual preferences. |
|
For those who managed to login, are you experiencing random log out from the gmail session? |
|
I haven't experienced logging out of my Gmail session.
…--
Mike
чт, 18 авг. 2022 г. в 21:11, hershkoy ***@***.***>:
For those who managed to login, are you experiencing random log out from
the gmail session?
We managed to do login with the user agent solution, but after some time,
the gmail session is logged out. I really would appreciate to know if there
is a solution for this (or to know if I am the only one experiencing it)
—
Reply to this email directly, view it on GitHub
<#1647 (comment)>,
or unsubscribe
<https:/notifications/unsubscribe-auth/AC5IURKX56UPY57XSQRBWK3VZZ4GNANCNFSM5CEAQZIA>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
|
|
it stays logged in for multiple days for me... every once in a while i'll notice i have to log back in but it's very infrequent |
|
@Beej126 same in my case. I keep my Gmail tab open 24/7 and from time to time (once a week) Google asks me to log in again. |
|
From deployment I use a UserAgent = "Chrome", and save it to my Settings, and then login to google. I change UserAgent (To Chrome's Current UserAgen) in my Settings and then restart app and all is fine. |
|
hello, still no normal solution to this problem? if there is a solution, can you tell me where |
|
yeah first google is blocking webview2 now external companies with websites are blocking webview2 on edge or chrome the website works fine |
|
What happens when you remove "Edg/..." part from the WebView2 user agent? |
No idea try it |
|
@jarno9981 That |
For me it gets blocked and on edge en chrome it works fine |
|
google login works for me, maybe webview2 updated? |
Does it work without any workaround @t1soft |
@champnic was my mistake the useragent was messed up |
@jarno9981 From my experience, it does work, however I don't know if others can log in without workaround On two computers, I was able to log into google through webview2 without using any workaround. Gmail works alright, have yet to experience random log-outs. |
This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
and others
Google has recently made a policy update to prohibit Google OAuth requests in embedded browsers (webviews). This means that google auth flows will not be supported in WebView2.
Our short-term recommendation for a workaround is to launch the system browser and handle the auth flow there. Google’s OAuth Sample repo has an example of how to do this. This solution will work for all app types.
Longer term, our suggestion will be to use the Web Authentication Broker (WAB) API. The WAB API is a Windows API, vetted by Google, that will enable auth flows in your native applications. This API is currently UWP-only but has plans to be available in win32 and .NET as part of the WindowsAppSDK. Please follow the team’s GitHub post for updates on that. For more guidance on how to build out these auth flows visit the WAB Sample Code.
Feel free to leave any comments or questions below. Thanks!
The text was updated successfully, but these errors were encountered: