Getting unique ClientID from chrome extension?

by

To uniquely identify a user, I would suggest to generate a random token and store it in your extension’s storage (chrome.storage). The userid has to be generated only once, when the token does not exist in storage.

For example:

function getRandomToken() {
    // E.g. 8 * 32 = 256 bits token
    var randomPool = new Uint8Array(32);
    crypto.getRandomValues(randomPool);
    var hex = '';
    for (var i = 0; i < randomPool.length; ++i) {
        hex += randomPool[i].toString(16);
    }
    // E.g. db18458e2782b2b77e36769c569e263a53885a9944dd0a861e5064eac16f1a
    return hex;
}

chrome.storage.sync.get('userid', function(items) {
    var userid = items.userid;
    if (userid) {
        useToken(userid);
    } else {
        userid = getRandomToken();
        chrome.storage.sync.set({userid: userid}, function() {
            useToken(userid);
        });
    }
    function useToken(userid) {
        // TODO: Use user id for authentication or whatever you want.
    }
});

This mechanism relies on chrome.storage.sync, which is quite reliable. This stored ID will only be lost in the following scenarios:

  • The user re-installs the extension. Local storage will be cleared when uninstalling the extension.
  • One of the storage quotas has been exceeded (read the documentation).
    This is not going to happen because the only write operation occurs at the first run of your extension.
  • Chrome’s storage gets corrupted and fails to save the data.
    Even if the user does not have Chrome Sync enabled, data will still be saved locally. There have been bugs with Chrome’s internals that resulted in data loss, but these are incidents.
  • The user has opened the developer tools for your extension page and ran chrome.storage.sync.clear() or something similar.
    You cannot protect against users who possess the knowledge to mess with the internals of Chrome extensions.

The previous method is sufficient if you want to uniquely identify a user. If you really want to get a hardware-based ID, use chrome.storage.cpu and chrome.storage.memory as well. I don’t see any benefits in using these additional sources though, because they can change if the user replaces hardware, and they are not unique either (two identical laptops would report the same values, for instance).

More Related Contents:

  1. How can I get the current Crome URL?
  2. Chrome extension that enables chatting with users on same page [closed]
  3. Persistent Service Worker in Chrome Extension
  4. How to wait until an element exists?
  5. How to import ES6 modules in content script for Chrome Extension
  6. How to use jQuery in chrome extension?
  7. Chrome extension: How to save a file on disk
  8. Chrome Extension: Port error: Could not establish connection. Receiving end does not exist.
  9. Unchecked runtime.lastError while running tabs.executeScript?
  10. Contexts and methods for communication between the browser action, background scripts, and content scripts of chrome extensions?
  11. How do I auto-reload a Chrome extension I’m developing?
  12. Chrome Extension: Make it run every page load
  13. Chrome Extension: Get Page Variables in Content Script
  14. Upload File as a Form Data through chrome extension
  15. Check if user has a third party Chrome extension installed
  16. Chrome extension: Inject JS before page load
  17. How to make side panel in chrome extension?
  18. Does extension messaging like chrome.runtime.sendMessage internally use JSON.stringify?
  19. google chrome extension :: console.log() from background page?
  20. Can I prevent an alert() with a Google Chrome Extension
  21. How can I save information locally in my chrome extension?
  22. How to get the currently opened tab’s URL in my page action popup?
  23. How to get errors stack trace in Chrome extension content script?
  24. How do I send an HTTP request from a Chrome extension?
  25. Sending message to background script
  26. Pass a variable from content script to popup
  27. Prevent window.open from focusing
  28. Associate a custom user agent to a specific Google Chrome page/tab
  29. How to develop Chrome extension for Gmail?
  30. How to to initialize keyboard event with given char/keycode in a Chrome extension?

Leave a Comment