Google Assistant relay/webserver/broadcast integration using OOB Oauth will die in Feb 23

walaj · August 23, 2022, 11:53pm

FYI - for those using some form of google assistant webserver such as

home-assistant/addons/blob/77d9b201eb1c30a71f4012c01b85384f8e6c5d9b/google_assistant/README.md

# Home Assistant Add-on: Google Assistant SDK

A virtual personal assistant developed by Google.

![Supports aarch64 Architecture][aarch64-shield] ![Supports amd64 Architecture][amd64-shield] ![Supports armhf Architecture][armhf-shield] ![Supports armv7 Architecture][armv7-shield] ![Supports i386 Architecture][i386-shield]

## About

[Google Assistant][google-assistant] is an AI-powered voice assistant that runs on the Raspberry Pi and x86 platforms and interact via the [DialogFlow][dialogflow-integration] integration with Home-Assistant. You can also use [Google Actions][google-actions] to extend its functionality.

This add-on allows you to access Google Assistant using the microphone and speaker attached to the computer or device running Home Assistant. You can say "Ok Google" followed by your command, and Google Assistant will answer your request.

## ℹ️ Integration your mobile or Google/Nest Home with Home Assistant

If you want to use Google Assistant (for example, from your phone or Google Home device) to interact with your Home Assistant managed devices, then you want the [Google Assistant integration][google-assistant-integration].

[amd64-shield]: https://img.shields.io/badge/amd64-yes-green.svg
[armhf-shield]: https://img.shields.io/badge/armhf-no-red.svg
[armv7-shield]: https://img.shields.io/badge/armv7-yes-green.svg
[dialogflow-integration]: https://www.home-assistant.io/integrations/dialogflow/

This file has been truncated. show original

be aware that Google is deprecating the OOB Oauth that most of these use for connecting HA to your Google Assistant account.

Details of the change including dates - Making Google OAuth interactions safer by using more secure OAuth flows - Google for Developers
Migration Guide - Out-Of-Band (OOB) flow Migration Guide | Authorization | Google for Developers

This is where I’m looking for help…

I’m using this integration - Google Assistant Webserver in a Docker container - it will fail soon. I’m not competent to change the Oauth code to one of the new “secure” recommendations.

Has anyone taken a look?

referencing some of the previous contributors…
@robwolff3 @chocomega @AndBobsYourUncle

sesame26 · August 23, 2022, 11:59pm

I am interested in the same … I found this fix but no idea how to apply it…

rossk · August 24, 2022, 6:38am

I could be misunderstanding something here but I use assistant relay and as my google cloud project for this is testing and not published I didn’t think this was affected based on the following, so have I misunderstood something here?

Determine if you are affected

This deprecation is only applicable to production apps (i.e apps with publishing status set to In Production. The flow will continue to work for apps with the Testing publishing status.

walaj · August 24, 2022, 7:11am

as per Setting up your OAuth consent screen - Google Cloud Platform Console Help

Authorizations by a test user will expire seven days from the time of consent. If your OAuth client requests an offline access type and receives a refresh token, that token will also expire.

Thus it is likely that you project is “published” - you can check here https://console.cloud.google.com/apis/credentials/consent?

walaj · September 28, 2022, 6:40am

October 3rd looms…

sparkydave · September 29, 2022, 7:57am

Yep, this was on my todo list for today before I fly away for work… it didn’t happen. Having not looked into it in detail yet, are we screwed?

walaj · September 30, 2022, 4:34am

I think so.

gonzotek · October 2, 2022, 4:59pm

There is an deadline extension form here:

There’s no guarantee Google will extend the deadline if you complete the form, but I figured, what the heck, maybe it’ll buy me some time and worst case scenario, Monday’s still doomsday.

sparkydave · October 3, 2022, 4:12am

Thanks, I’ve just tried the same

sparkydave · October 4, 2022, 8:55am

Well Google has given me the extension but it’s only a short term solution.

gonzotek · October 4, 2022, 6:45pm

Same. Hopefully someone with the skillset can step up to fix…I only have very very minimal experience with oauth, from a developer perspective, and wouldn’t have any free time to even begin looking into this for at least a couple of months anyway, putting us right back to where we are today, running out of time.

We need a hero!

sesame26 · October 4, 2022, 7:30pm

I did use this method to set up a new app for assistant relay on 24th August and so far is still working for me

Follow this Youtube comment to set up it properly.

walaj · October 5, 2022, 12:39am

same. still working. until Jan 31 (wonder what time/timezone)

walaj · October 5, 2022, 12:42am

Yup - thats why I started this thread

sparkydave · October 5, 2022, 1:12am

Thanks for the link, posting the contents of that comment here for others. I’ll hopefully try it out next week.

When creating your OAuth Credentials, set your app as a Desktop App, not TV.
When creating your user in Assistant Relay, the Google authorization flow does not have a specific pop-up that says “Allow” anymore. Instead, there’s a button that says Continue.
When you finish the Google authorization flow, it’s going to open a tab with a blank screen. Your Auth key is in the url. Copy everything between “code=” and “&scope”. You can paste that into the auth key screen in Assistant Relay setup.
After you visit the URL from your logs and enable the API, it will likely take up to 10-15 minutes for it to start working. Even then, I was not able to get it to broadcast from the sandbox.
When creating a test animation and you select the REST command you created as the action, it did not show the “Service Data” field. Click the 3 dots on your action and click “Edit in YAML”. Now you’ll see “data: {}”. Type anything between the curly brackets, then switch back to visual editor and your field for Service Data will be visible.

walaj · October 5, 2022, 3:14am

Dave/Sesame26 - does this different relay avoid using OOB Oauth?

(I looked and the code at GitHub - Apipa169/Assistant-Relay-for-Hassio: Send commands (including broadcasts) to the Google Assistant via Home Assistant then uses the actual relay at Hello from Assistant Relay | Assistant Relay which is the node.js relay referenced above with a possible fix… GitHub - mcmoe/assistant-relay: A Node.js server that allows for sending commands to Google Home/Assistant from endpoints [LOL!] )

sesame26 · October 12, 2022, 5:36am

I believe it till use OOB verification, to me looks like the only difference is setting authentication up as desktop app, but I am not sure my knowledge not goes that far. All I know is that until now assistant relay is still working good for me

tjk · October 12, 2022, 7:59pm

I can’t add any of these repos to HA:

Is there any working solution to send commands to Google Assistant?

walaj · October 13, 2022, 1:11am

They are not HACS repositories. You will need to do all the work yourself.

walaj · October 13, 2022, 1:12am

so will still fail in Feb 23…