I am dealing with an issue where the OAuth consent screen for my app is asking for scopes that I am not requesting.
I am using gapi js library and using gapi.auth2.init I am requesting just one scope:
gapi.load('auth2', () => {
gapi.auth2.init({
client_id: this.clientId,
cookiepolicy: 'single_host_origin',
fetch_basic_profile: false,
scope: [
'https://www.googleapis.com/auth/adwords'
].join(' ')
});
const googleButtons = this.elementRef.nativeElement.querySelectorAll(`#google-ads`);
googleButtons.forEach(element => {
this.attachSignin(element);
});
});
public attachSignin(element) {
gapi.auth2.getAuthInstance().attachClickHandler(element, {},
async (googleUser) => {
let authResponse = await googleUser.grantOfflineAccess();
this.googleCodeRetreived.emit(authResponse.code);
}, (error) => {});
}
Also this matches the scope listed in my OAuth consent screens settings in my Google developers console.
This means that the user should only be asked to consent to providing adwords permissions. However my consent screen shows this:
I am wondering if anyone has run into this issue. Are these extra permissions required for Adwords to work? Also if it matters my app is for internal use only.
question from:
https://stackoverflow.com/questions/65893578/google-oauth-consent-screen-asking-for-permissions-not-asked-for 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
