viral basin
I have an issue with the google calendar integration and oauth consent, as it is a complicated topic, I might have misunderstood something, but here we go.
I use the integration to show upcoming activities on central screen in my home, based on this, I do not want the integration to allow for write activities (adding, changing or deleting events). However, this does not seem to be possible with the integration.
-
I have changed the scope for the oauth in google api:
-
I have deleted the old token issued and created a new token
-
I have added the new token to HA Application Credentials
-
I disabled the Google Calendar integration and enabled it again
-
I have selected the new token for Google Calendar Integration and deleted the old one in HA
-
I have revoked the app access for the integration in my personal google account
-
I have re-authorized the app for my google account
Now, the following is happening:
- If I select read-only access in the "configure" menu of the Google Calendar integration, the authorization fails with the following: Failed to set up: Required scopes are not available, reauth required
- Clicking "reconfigure" and reauthorizing just gives the same error, the consent screen still list the following permissions requested: See, edit, share and permanently delete all the calendars that you can access using Google Calendar
- Changing back to read/write in the "configure" menu for the Google Calendar integration and reauthorizing fixes the error in HA
- I can now still view AND DELETE events in my calendars using the integration...even if the scope in Google API is set to read only
Is this the way it is supposed to work? My understanding of the scope granting in Google Calendar API and the consent screen is that this scope should override any client claims, even if I approve them in the personal authorization screen.
Why is there a read-only setting and how would you set this up to work as read-only in the Google Calendar integration?
