apps-script-oauth2 | An OAuth2 library for Google Apps Script | REST library
kandi X-RAY | apps-script-oauth2 Summary
kandi X-RAY | apps-script-oauth2 Summary
An OAuth2 library for Google Apps Script.
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
- Encodes an challenge .
- Gets all the service names in the given dataStore .
- Create a JWT for a given payload
- turns an object s keys into a new object
- Validate parameters
- Extend the destination object .
- Storage class .
- Build a URL request .
- Decode a JWT .
- Encodes a base64 string
apps-script-oauth2 Key Features
apps-script-oauth2 Examples and Code Snippets
Community Discussions
Trending Discussions on apps-script-oauth2
QUESTION
After days of reading and attempting trial-and-error, I am trying to make a call from a GAS Web App (executed as any Google User) to a GAS API Executable (executed as Me), but consistently receive an error message after Reviewing/Granting permissions:
...ANSWER
Answered 2021-Nov-19 at 14:20If I understand correctly, your current flow is as follows:
- Use the OAuth2 library to do a one-time capture of the auth token for your own Google account.
- Use that stored token to authenticate the request to the API Executable (when running the web app as another user).
Apps Script has a built-in method for accomplishing step 1: ScriptApp.getOAuthToken(), so I'm not sure you even need the OAuth2 library for this. (You would need that library for authorizing services other than Google.)
Possibly you can avoid using the OAuth2 library completely by doing the following:
Add this function to your web app project and run it once from the editor, i.e. under your own authorization:
QUESTION
The URL needs to be https://admin.googleapis.com/admin/directory/v1/groups/{groupKey}/members and not https://admin.googleapis.com/admin/directory/v1/groups/{groupKey}/members/insert (without the insert, even though it's the insert method)
I am trying to build a script with Google Apps Script that would be able to add users to a Google Group with a service account. Now, using the AdminDirectory service is straightforward, so this code works:
ANSWER
Answered 2021-Aug-27 at 13:31This is why you are getting an Not Authorized error.
- The service account needs to impersonate the super-user with the respective privelleges.
- For this, in addition to enabling domain-wide delegation, you need to specify the impersonated user programmatically by seetting him as subject with
.setSubject("EMAIL OF SUPER USER").
Sample:
QUESTION
I'm setting up a Google Sheet to download data from my Next device and would like it to run unattended.
I've been using OAuth2 for Apps Script to provide access tokens. Unfortunately, the authorization tends to expire every seven days and needs to be reapplied. I also looked into ScriptApp.getOAuthToken(), but it can't access my Nest project, probably because it hasn't been authorized.
My ideal solution would be to remove the bulk of the authorization code needed by OAuth2 for Apps Script, but I'll happy settle for just not having to log in every week just to re-auth the project.
Is what I'm looking for possible? If so, how do I go about it?
...ANSWER
Answered 2021-Mar-26 at 09:47I'm having the same problem. The documentation says that an app with a "Testing" publish status will only get a refresh token for 7 days. The issue isn't the access token which only lasts for 1 hour. Basically, unless you certify the app with google they won't let you refresh the access token for more than 7 days. Very annoying as I'm not trying to write an app I want to release! I'm tinkering with my own home and nothing more. I hope google will reconsider how they provide access for individual projects...
QUESTION
i'm currently setting up an automatic signature system for every user of a google organisation but I haven't succeed to do so. I followed this guide but I have the following error : Service_.getAccessToken @ Service.gs:454. The problem is that: I don't have access to the file Service.gs and when I googled my error, no answers, either on google's github or stack overflow's website suits me well.
Here is the code (from the guide, I of course changed the auth values):
...ANSWER
Answered 2021-Feb-12 at 23:37Thanks to the answers above and some personal research, I managed to set up an automatic signature with Google Console and Gmail API.
This is a step by step guide on how to set up the system.
DISCLAIMER: I'm not a professionnal and I may do mistakes (so feel free to correct me if i'm wrong :) ), but I still want to make this "guide"... maybe it can help someone, who knows ?
1. GOOGLE APPS SCRIPTS
The steps are for the "New" Editor.
- Go to this link (google apps scripts) and create a new script.
- Go to Settings > Check "Show
appsscript.jsonmanifest file in editor" - Editor > edit
appsscript.jsonand add the oauthScopes:
QUESTION
In Postman, I have my GET request set up to where I can get the correct access key using grant_type, client_id, client_secret, and resource in my request body.
I'm trying to get this working in Google App Script, however there does not appear to be a setResource function. I've looked through the documentation and could not find an alternative. Is it possible to somehow set the resource to get the proper access key with Google App Script OAuth2? https://github.com/googleworkspace/apps-script-oauth2/blob/master/dist/OAuth2.gs
...ANSWER
Answered 2020-Nov-24 at 21:06You can set an additional parameter for constructing the authorization URL by using .setParam().
QUESTION
The Google Drive API v3 recently changed so that files can only exist in one folder. This broke the Apps Script tool I use to load folders into each domain user's My Drive (with the folder Id 'root').
What is the new way to add a folder to My Drive?
...ANSWER
Answered 2020-Nov-06 at 13:18Use Google Drive's new shortcut MIME type! You can reference Google's example Create a shortcut to a Drive file for hints. Keep in mind that Advanced Drive Services is limited to Drive API v2, but URLFetchApp can also use Drive API v3.
The code below is for URLFetchApp. If you would rather use Advanced Drive Service, see this answer instead: How to create a shortcut in Google Drive Apps Script instead of multiple parents
QUESTION
I have an Appscript app that uses Google's OAuth2 library to perform a variety of functions on a G suite domain. I wanted to add the ability to transfer user data using the Transfer API but I'm having trouble authorizing the service. I have no issues authorizing the gmail, drive, and directory APIs and I made sure the service is on in the GCP project. However, I can't get my OAuth2 service to authorize, I get the logged message that my service account isn't authorized each time. What's missing here?
Here's my code:
...ANSWER
Answered 2020-Oct-02 at 10:21The code itself seems to be all right, assuming that requestBuilder returns the correctly formatted advanced parameters for the UrlFetch call.
Considering the kind of error you're getting, I think you didn't add the scope https://www.googleapis.com/auth/admin.datatransfer on the Domain wide delegation pane on the Admin console.
When using the service account to impersonate other users, you need to add to this pane any scope which the service account should be able to access. It's not enough that the API is enabled on the GCP project or that the scope is added to the consent screen. You need to add them there too.
To do that, follow these steps, as specified here:
Important note:Then, a super administrator of the G Suite domain must complete the following steps:
1. From your G Suite domain’s Admin console, go to Main menu > Security > API Controls.
2. In the Domain wide delegation pane, select Manage Domain Wide Delegation.
3. Click Add new.
4. In the Client ID field, enter the service account's Client ID. You can find your service account's client ID in the Service accounts page.
5. In the OAuth scopes (comma-delimited) field, enter the list of scopes that your application should be granted access to. For example, if your application needs domain-wide full access to the Google Drive API and the Google Calendar API, enter:https://www.googleapis.com/auth/drive,https://www.googleapis.com/auth/calendar.
6. Click Authorize.
- Make sure the service account is impersonating a user (
.setSubject(email)) who has the appropriate admin privileges to actually transfer data.
QUESTION
I have a script using Google's OAuth2 library, which recently started to fail with the error
You have exceeded the property storage quota. Please remove some properties and try again.
I inspected the properties and did not find any unexpected differences from my original configuration. The full stringified text length of my properties is around 5000 characters, which is well below the 500kB/property store quota and the longest individual property ~2500 characters (below the 9kB/value quota).
I've discovered that this error only occurs when I use Google's OAuth2 library with a service account. However, if I include the library dist directly in my project, the error disappears.
Why is there a difference in how the properties service behaves between the library and the local copy if they appear to be the same versions?
(In other scripts where I use the OAuth2 library with a standard authorization code grant flow, I have no issues.)
This script will replicate the error, but requires that you create a service account and set the correct script properties as defined in getAdminDirectory_(). (Using Rhino interpreter.)
ANSWER
Answered 2020-Sep-25 at 21:09This seems to be a known issue. Consider adding a star(on top left) to this issue to let Google developers know that you're affected. Consider adding a comment to the tracker with details requested from #7
Possible solutions:As said in the question, directly use the library code by copy pasting instead of using the buggy library feature.
Switch to v8-#21
Wait for random/Auto resolution -#14
QUESTION
I use OAuth library from Google in order to set connection with Spotify. There is a problem. When createService() and authCallback() is part of auth object, raised error:
Couldn't find script function:
authCallback()
Why is the callback function not visible inside the auth object?
The code for this case:
...ANSWER
Answered 2020-Sep-06 at 19:03The value you pass into setCallbackFunction() actually gets passed into the StateTokenBuilder.withMethod() method, which does not require the argument to be available in the global scope. But that means you need to pass it the string 'auth.authCallback'. Simply passing it 'authCallback' won't work because there is no function in the global scope with that name.
So then it also means that you need to expose authCallback in your return statement so that it becomes available in the global scope as auth.authCallback.
QUESTION
I've been using Spreadsheets and upwork, as I want to integrate between them.
So I'm trying to make authorization for upwork through spreadsheets, using the documentation steps and everything is going fine. But when i authorize my account i see that the response_type is not a token, it's a code.
ANSWER
Answered 2020-Aug-27 at 17:12.setTokenUrl('https://www.upwork.com/ab/account-security/oauth2/token')
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install apps-script-oauth2
Click on the menu item "Resources > Libraries..."
In the "Find a Library" text box, enter the script ID 1B7FSrk5Zi6L1rSxxTDgDEUsPzlukDsi4KGuTMorsTQHhGBzBkMun4iDF and click the "Select" button.
Choose a version in the dropdown box (usually best to pick the latest version).
Click the "Save" button.
https://www.googleapis.com/auth/script.external_request
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page
