Google Assistant relay/webserver/broadcast integration using OOB Oauth will die in Feb 23

FYI - for those using some form of google assistant webserver such as

be aware that Google is deprecating the OOB Oauth that most of these use for connecting HA to your Google Assistant account.

Details of the change including dates - Making Google OAuth interactions safer by using more secure OAuth flows - Google for Developers
Migration Guide - Out-Of-Band (OOB) flow Migration Guide  |  Authorization  |  Google for Developers

This is where I’m looking for help…

I’m using this integration - Google Assistant Webserver in a Docker container - it will fail soon. I’m not competent to change the Oauth code to one of the new “secure” recommendations.

Has anyone taken a look?

referencing some of the previous contributors…
@robwolff3 @chocomega @AndBobsYourUncle

2 Likes

I am interested in the same … I found this fix but no idea how to apply it…

1 Like

I could be misunderstanding something here but I use assistant relay and as my google cloud project for this is testing and not published I didn’t think this was affected based on the following, so have I misunderstood something here?

Determine if you are affected

This deprecation is only applicable to production apps (i.e apps with publishing status set to In Production. The flow will continue to work for apps with the Testing publishing status.

as per Setting up your OAuth consent screen - Google Cloud Platform Console Help

Authorizations by a test user will expire seven days from the time of consent. If your OAuth client requests an offline access type and receives a refresh token, that token will also expire.

Thus it is likely that you project is “published” - you can check here https://console.cloud.google.com/apis/credentials/consent?

1 Like

October 3rd looms…

Yep, this was on my todo list for today before I fly away for work… it didn’t happen. Having not looked into it in detail yet, are we screwed?

I think so. :frowning:

There is an deadline extension form here:

There’s no guarantee Google will extend the deadline if you complete the form, but I figured, what the heck, maybe it’ll buy me some time and worst case scenario, Monday’s still doomsday.

Thanks, I’ve just tried the same

Well Google has given me the extension but it’s only a short term solution.

Same. Hopefully someone with the skillset can step up to fix…I only have very very minimal experience with oauth, from a developer perspective, and wouldn’t have any free time to even begin looking into this for at least a couple of months anyway, putting us right back to where we are today, running out of time.

We need a hero! :slight_smile:

I did use this method to set up a new app for assistant relay on 24th August and so far is still working for me

Follow this Youtube comment to set up it properly.

same. still working. until Jan 31 (wonder what time/timezone)

Yup - thats why I started this thread :slight_smile:

1 Like

Thanks for the link, posting the contents of that comment here for others. I’ll hopefully try it out next week.

  1. When creating your OAuth Credentials, set your app as a Desktop App, not TV.
  2. When creating your user in Assistant Relay, the Google authorization flow does not have a specific pop-up that says “Allow” anymore. Instead, there’s a button that says Continue.
  3. When you finish the Google authorization flow, it’s going to open a tab with a blank screen. Your Auth key is in the url. Copy everything between “code=” and “&scope”. You can paste that into the auth key screen in Assistant Relay setup.
  4. After you visit the URL from your logs and enable the API, it will likely take up to 10-15 minutes for it to start working. Even then, I was not able to get it to broadcast from the sandbox.
  5. When creating a test animation and you select the REST command you created as the action, it did not show the “Service Data” field. Click the 3 dots on your action and click “Edit in YAML”. Now you’ll see “data: {}”. Type anything between the curly brackets, then switch back to visual editor and your field for Service Data will be visible.

Dave/Sesame26 - does this different relay avoid using OOB Oauth?

(I looked and the code at GitHub - Apipa169/Assistant-Relay-for-Hassio: Send commands (including broadcasts) to the Google Assistant via Home Assistant then uses the actual relay at Hello from Assistant Relay | Assistant Relay which is the node.js relay referenced above with a possible fix… GitHub - mcmoe/assistant-relay: A Node.js server that allows for sending commands to Google Home/Assistant from endpoints [LOL!] )

I believe it till use OOB verification, to me looks like the only difference is setting authentication up as desktop app, but I am not sure my knowledge not goes that far. All I know is that until now assistant relay is still working good for me :slight_smile:

I can’t add any of these repos to HA:

Is there any working solution to send commands to Google Assistant?

image

They are not HACS repositories. You will need to do all the work yourself.

1 Like

so will still fail in Feb 23…