actions-on-googlegoogle-smart-homeaccount-linking

Google Smarthome Action account linking missing user information


my code is based on this example
https://codelabs.developers.google.com/codelabs/smarthome-washer

The OAuth process is working. But now I want to know who is the user.

Here
https://developers.google.com/assistant/identity/google-sign-in-oauth?oauth=code
is described that:
After the user gives your Action consent to access their Google profile, Google sends a request that contains a signed assertion of the Google user's identity.

But if I test the authentication I never will be ask to give access to my Google profile.

I think that I have to configure which information my app wants to have from the user. But I didn't know where to do that.

I searched a lot but I couldn't find an example which really explains how to get the user information.

Thank you for your help.
Regards Simon


Solution

  • The OAuth process is working. But now I want to know who is the user.

    Just a note here that the samples and codelabs use a fake OAuth implementation does not implement a user sign-in flow and returns a hard-coded fake access token during account linking.

    Here https://developers.google.com/assistant/identity/google-sign-in-oauth?oauth=code is described that: After the user gives your Action consent to access their Google profile, Google sends a request that contains a signed assertion of the Google user's identity.

    Smart home actions do not support the Google Sign-In account linking flows. You need to implement the OAuth authorization code flow in your account linking integration.

    I think that I have to configure which information my app wants to have from the user. But I didn't know where to do that.

    I searched a lot but I couldn't find an example which really explains how to get the user information.

    This is essentially the opposite of what account linking accomplishes. The goal is not to provide user information from Google to your Action. Instead, account linking is used to authorize Google to access your user's devices by providing Google with an access token that your service considers valid for a particular user within your cloud service.

    So in this case, you are the one that owns the user data. You are simply providing Google scoped access to that data for sending queries and commands to devices.