how to make a oauth consent screen?
from [lolxdyt6950as]
[sec account? cuz my original project is in this acc and im working on it]
Can you share info on the consent server. I’m not familiar with this.
1 Like
Sure, will give an example tomorrow using Google Consent Server.
2 Likes
can you show me what to do next?
1 Like
The standard way to execute the OAuth2 is to provide your own HTML page to be redirected to it but this does not fit native applications in Android and in iOS.
The next best alternative is to use a deep linking URL which will cause the response of the OAuth2.0 server to be sent back to the app itself and life would be easier this way but Thunkable does not support this feature.
There are other options but in general they are not considered secure.
This leaves us with one last option which is using a specific Google generated code which tells the Google OAuth server to send back the response to the calling app. With this option the Redirect URI should be exactly urn:ietf:wg:oauth:2.0:oob
A fully qualified URL would look like
https://accounts.google.com/o/oauth2/v2/auth?client_id=198034694630-d756p82jkewnyodlp0k198tmoq0nc8d7.apps.googleusercontent.com&redirect_uri=urn:ietf:wg:oauth:2.0:oob&scope=https://www.googleapis.com/auth/gmail.modify&response_type=code
In this way, the consent screen will show and once the user accepted the consent screen will send back the response (which is the Authentication code) to the app. This works with HTML pages and also works will with GAS (Google Apps Scrip) which the URL of the GAS Web App can be executed by the Web API component.
I wanted to show you a demo but Google has not yet approved my test credentials.
The error details shows the Redirect URI used in this process
[Update]
Please see this note from Google Docs (The method still works but should not be used)
3 Likes
wat should i do to setup the auth to onfigure GFit
1 Like
I tried to find you an easier solution and I found that you can use the Google Apps Script to create an Access Token to any Google API. Then you can borrow the token from Google Apps Script and use it or run the API from within the script and return the response to your app.
See an example from Google developers forum
1 Like
I created a script and added the Google Fitness API scopes to the script. The script is very basic. It returns the Access Token.
This is my script
function doGet() {
var token = ScriptApp.getOAuthToken();
return ContentService.createTextOutput(JSON.stringify(token))
.setMimeType(ContentService.MimeType.JSON);
}
I added all the read only scopes from the Fitness API like this
"oauthScopes": [
"https://www.googleapis.com/auth/script.external_request",
"https://www.googleapis.com/auth/fitness.activity.read",
"https://www.googleapis.com/auth/fitness.blood_glucose.read",
"https://www.googleapis.com/auth/fitness.blood_pressure.read",
"https://www.googleapis.com/auth/fitness.body.read",
"https://www.googleapis.com/auth/fitness.body_temperature.read",
"https://www.googleapis.com/auth/fitness.heart_rate.read",
"https://www.googleapis.com/auth/fitness.location.read",
"https://www.googleapis.com/auth/fitness.nutrition.read",
"https://www.googleapis.com/auth/fitness.oxygen_saturation.read",
"https://www.googleapis.com/auth/fitness.reproductive_health.read",
"https://www.googleapis.com/auth/fitness.sleep.read"
],
I deployed the script as a web app and when I executed the web app URL I get the access token.
If I would do this function then I will store the token to a google sheet so I can pick it up from Thunkable and execute the required APIs.
Hope this is clear.
2 Likes
ahh. i see. it’s not a ‘any user’ auth token, it’s user-specific. the owner of the gscript I’m guessing?
I think the only way, atm, for any user to be able to get their access token is by authenticating on a website, storing the refresh token on their server under the user object, then calling that from the app and grabbing a valid token via an API call to the refresh endpoint.
1 Like
When deploying the script as a web app you can choose to run the script as the owner of the script or the user executing the script and in this way, the token will be user specific.
I compiled this way and expected it in two different phones and the consent screen popped up for each user.
1 Like
Thanks for sharing. I’d have to see this in action to understand it fully, i think. Sounds great! Hopefully oAuth from google/apple will come out to thunkable apps soon and we’ll be able to do stuff like this and more!
1 Like
Check this GitHub - googleworkspace/apps-script-oauth2: An OAuth2 library for Google Apps Script.
This is a GitHub repository of Google sample apps for OAuth2 using different providers.
1 Like
whoosh! (over my head!)
thanks for sharing @muneer - this will be bookmarked under muneers_tips and stuff_to_learn - which are really one and the same folder!
thanks again, @muneer
2 Likes
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.