Gmail Contextual Gadget (Gmail plugin/extension): Deprecated? Impossible? How? (Can't do OAuth 2.0)

18
votes

We need to develop an in-house gmail extension to process incoming emails, allow recipients to interact with our in-house software. I have been trying to figure out how to use OAuth 2.0 in Gmail Contextual Gadget, but I can't find any specific documentation for this. I couldn't find anything useful when I searched stack overflow with contextual + google-oauth (keyword recommended by Google).

Before you give me standard pages, please make sure it has this:

  • Minimally, an example of Gmail contextual gadget manifest.xml that uses OAuth 2.0
  • Ideally, with explanation of how to deploy it at a domain (not marketplace), so I know it actually was deployed & tested.

For example, the standard hello example in Contextual Gadgets page uses OpenID ("openIdRealm"), and was written before OAuth 2.0:

https://developers.google.com/gmail/contextual_gadgets

OpenID is NOT allowed in OAuth 2.0:

https://developers.google.com/apps-marketplace/practices#3_use_oauth20

Your application must not use OpenID or OAuth1.0. Any evidence of such usage will result in your application failing the review process.

Note that Contextual Gadgets are Client-Side Javascript apps, very different from web server apps and installed apps. So OAuth 2.0 should be used like this:

https://developers.google.com/accounts/docs/OAuth2#clientside https://developers.google.com/accounts/docs/OAuth2UserAgent

But contextual gadgets run in a container, which handles the first call of OAuth (google call, which calls back our website with tokens ...). Living on the client side, contextual gadgets "cannot keep secrets". our website (redirect page, https://example.com/oauth2callback) needs to save access token (and maybe refresh token) to the session that is accessible to our gadget code on the client side.

I would ideally not use SSO, which I see is only "needed for applications deployed on the marketplace". The alternative deployment is "for your domain", which uses Google Apps Extensions Console:

https://developers.google.com/google-apps/extensions-console/

But the extension console says, on top, "We are improving user experience, try the new Developers Console", which links to:

https://console.developers.google.com/?redirected=true

Developers Console:

  • It shows the project that was created before in apps extensions console. I can click on it to open a large menu (aside, on the left)
  • APIs & Auth / Credentials -- I created Client ID and secret for my app. Apparently, I must use Web Apps, not Service account or installed app, because I'm trying to access some user-private data (email access), not just a Google service, and I'm not a standalone installed app.

There is no place to report this client ID anywhere in the contextual gadget. Is it register-and-forget?

Also (a bug?), permissions shows my client ID under "Service Account" even though I did NOT create service account credentials.

And then this: I don't know how to deploy my contextual gadget (which is not a standalone app) on my domain from this new Developers Console. There only seems to be cloud-deployment-related options under overview and Compute tabs on the left.

When I try to deploy from the Apps Extensions Console (which supposedly is not deprecated, only is improved), I get this error:

Google Apps Marketplace    (I never deployed to marketplace, only my own domain)
Application installation not allowed.
The OAuth1.0 version is no longer available.
Instead, try installing the OAuth2.0 version.
[Return to dashboard]   (button)

What is more, return to dashboard button takes me to the Domain admin site which allows neither development nor deployment:

https://admin.google.com/mydomain.com/

By the way, the Apps Extensions Console never accesses the redirect page I have created, and never reads the gadget spec file on my site either (never accessed by google as promised), so error message must be saying the manifest.xml doesn't use OAuth 2.0... Or Apps Extensions Console doesn't use it itself and blames me for it!

So, Gmail Contextual App:

  • Deprecated?
  • Impossible now?
  • Authorized with OAuth 2.0? How?
4
oauth-2.0gmailgoogle-oauthgmail-contextual-gadgets
Did you check this blog post that goes through en explanation by example of using contextual gmail gadget: pipetree.com/qmacro/blog/2010/06/…user3378649
I looked at the post. The post is from 2010, which is before OAuth 2.0, which is now required.Kanat Bolazar

4 Answers

5
votes

The documentation for Google Contextual Gadgets is a bad joke- outdated and wrong, don't waste your time.

The answers here on SO got me closer, but I never actually got the thing working.

Luckily I ended up finding gmail.js, which allowed me to write a Chrome extension to do what I needed...

1- Download the Gmail Chrome Extension Boilerplate project, which is a Hello world example chrome extension using gmail.js.

2- Update the main function in the main.js file to something like this: 

var main = function(){

    gmail = new Gmail();
    gmail.observe.on("open_email", function(id, url, body, xhr) {

        // Inject a toolbar:
        var $email_body = gmail.dom.email_body();
        $email_body.prepend('<div class="my_toolbar"><a>Do something</a></div>');
    });
}

That'll give you this:

enter image description here

4
votes

Had the same issues as well. I (barely) managed to have my gadgets up on my domain emails via the steps below. Here's what I can share;

1) Created a project via (https://console.developers.google.com). Switched on Marketplace SDK under the APIs side navigation menu. Once it's switched on, go at the top of the page and click on the 'gear cogs' for Google Apps Marketplace SDK. This will lead you to a page with a link for (Go to the original console). Click on the link.

2) You should be forwarded into a form page. Fill in all the required fields in the form. Check on the COB extension and declare your extractor ID(I used the pre-canned extractor, haven't tested it out with custom extractors) under text-field Extractor Url, your gadget url via text field Gadget Url, and select the scopes. Click on the Add button, and then the Save changes button once you're done.

3) Go to the API Access menu, and create an OAuth 2 Client ID.

Here's where the steps aren't clear for me, but I'll share what I did to have the gadgets available on my domain.

3) I clicked on the Test Install Flow button on top of the form..

4) I added the admin user as the editor for this project.

5) I then had to log out, clear cache, log in as the admin/domain user to see the contextual gadget at the bottom of the email.

Hope this helps.

2
votes

The way described at https://developers.google.com/gmail/contextual_gadgets seems to be totally outdated. Even the form in the Google Apps console for gadgets seems to be outdated.

You need to follow this description: https://developers.google.com/apps-marketplace/preparing

Contextual Gadgets are now developed using the API console (not app console) and there is a form to create the extractors etc.

0
votes

Please follow the below steps:

  1. Login in to your admin Gmail
  2. open new tab and type http://console.developers.google.com
  3. Click API section from the left panel of your Gmail
  4. Select the following APIs
    i. gmail API
    ii. Google Marketplace API
    iii. Calendar API
    iv. Google Admin SDK
  5. After Enabling all the above APIs please Open the Google Apps Marketplace SDK and click on Configure link(You have to generate the client ID)
  6. Fill the data with appropriate data, you need to upload the proper size images also
  7. Fill all the Required fields and Add the extractors as Google suggested.
    i) param name should be as per contextual API and value for all is ".*" otherwise gadget will not appear in gmail
  8. Enable the Universal Service URL
  9. Enable the COB extension
  10. Add the Gmail Contextual Gadget Extractors , you can add the multiple extractors for the Gadget but the Gadget URL should be same to the all extractors
  11. You can add multiple scopes for every extractor
  12. Save the all changes.

That's all !

You can follow the below link for your reference: https://developers.google.com/apps-marketplace/preparing