Authorizing the Google Calendar API in Zapier Code - google-calendar-api

I'm trying to write a Zap which will get events from a Google Calendar for the current week and generate a string describing when I'm in the office "Mon, Wed, Fri". The only thing that's stumping me is step 0. How do I auth for the Google Calendar API in a Zapier Code block? It appears that Google calendar only supports Oauth2.0 and only gives out short-lived tokens but I want this scheduled job to only run in the background and have no recourse for user-interaction. Is there any way to generate a long-lived access token?

David here, from the Zapier Platform team.
Unfortunately, that's not something that's easily doable. Part of what Zapier does for you is refresh the tokens and ensure everything is running as expected. Searching for a bunch of data (this week's events) isn't really in the zapier wheelhouse at this time.
If you're only concerned with new events, you could set up a "new event" trigger that adds the date of the event into Storage and a second zap that runs weekly, reads storage, figures out what dates are busy, and generates your string. That wouldn't hold up for recurring events though, so it may not be what you're looking for.
Alternatively, you could try and do the refresh loop in your code block, but that's really tough. You'd need somewhere to persist the token (while Storage technically works, it's open to the public so it's not a great place to store creds, even if they are hard to find). You could try your request, refresh if the token is stale, then send the eventually present value onto a later step.
Sorry I don't have better news. ​Let me know if you've got any other questions!

Related

Log analytics event when verifying email in firebase

Not sure if this is possible but maybe someone knows how to work around this.
I have a web application and I'm using the new analytics for firebase. I want to create a funnel for the registration process.
My funnel will look something like this
Pretty simple right. The issue is that I don't have a way of tracking when the users verify it's own email. Maybe the firebase team can add a new automatic event like the ones described here
If you want to file a feature request, Stack Overflow is not the right spot. You cn file a feature request with Firebase support.
But until such a feature is added, you'll have to implement the analytics event yourself. The most common way to do that is by sending the event from the client when you first detect that the email address is verified.
There are some subtle differences between this approach and one where the Firebase servers log it automatically, but it's as close as you can get for the moment, and relatively straightforward to implement.

How do you apply for a refresh token in the LinkedIn API?

We have a client application that runs on Windows that is used by thousands of users in the financial market in order to make analyses and charts. Since long we have an integration with Twitter where you can easily post a chart together with short text. Many users have asked us to implement a similar feature for LinkedIn since this is becoming increasingly popular among our users.
The API for sharing on LinkedIn works fine for us, but we need to refresh the access token every 60th day, which cannot be made completely seamless for the user. Since our application is not a web app, we need to launch a browser on order to refresh the access token and this is disruptive for the users.
The docs at Authorization Code Flow (3-legged OAuth) says that some selected partners can get refresh tokens as a complement to access tokens. That would be perfect for our integration. How can we become one of those "partners"? I have not found any information how to apply for this.
I have looked for a way to apply to become a partner that can get a refresh token, but failed to find any information.

Google Calendar: limit API access to a single calendar?

I'd like for my app to add/delete/update events on a user's Google Calendar. The app only needs to delete and update events that the app itself has added.
Have I understood it correctly, that in order for this to work, the users have to give the app full access to their Google Calendars, meaning that the app could potentially read and delete private events on any calendar?
Or, is there a way to limit the access that a user gives to the app, for example, allowing the app to create a single calendar and only giving it access to events on that one calendar?
I've read through the relevant Google Calendar API, and I'm not seeing that this is possible. However, giving full access seems crazy and unnecessary!
It seems that this isn't possible. Google, why!?
What I ended up doing was skipping the API and using a calendar subscription. Limited use since the user needs to be able to set up a subscription and, especially, because Google takes up to a day to update subscribed calendars.

How can I test subscription renewal flows in stripe?

I want to test my application's handling of webhook events from stripe when a subscription payment has been made (or failed). Here is what I've tried so far:
Set up a new subscription
Update user's credit card to be the one that can be added to an account, but will fail to actually be charged
Change the trial end date to be in one second
Wait a few seconds expecting the webhook to be sent
However, According to the documentation:
If you have configured webhooks, the invoice will wait until one hour after the last webhook is successfully sent (or the last webhook times out after failing).
One hour is a long time to wait, since I am trying to do this as part of an automated integration test suite.
One suggestion (from IRC) is to fake out the webhook request, so that my integration test sends the event, instead of Stripe sending it. However, since Stripe doesn't include any sort of HMAC in the webhooks, I can't trust the data in the payload. So, my application just takes the event ID from the webhook payload and fetches the event from the Stripe API:
If security is a concern, or if it's important to confirm that Stripe sent the webhook, you should only use the ID sent in your webhook and should request the remaining details from the API directly.
This will obviously not work if I am trying to inject fake events for my test (by design).
What are the best practices for testing this sort of scenario?
It seems there isn't a perfect way to do this. As suggested by #koopajah in a comment, I added a configuration value in my application that will disable fetching the event from Stripe, and instead just trust the event data in the webhook. This allows me to test my flow in almost the same way as it would work on production, since the event data in the webhook and the event fetched from Stripe are identical (assuming it is an authentic webhook request :)
Unless/until Stripe includes an HMAC signature in the webhook request to authenticate that it came from them, I think this is the best way to solve the problem.
One hour is a long time to wait, since I am trying to do this as part of an automated integration test suite.
You can shorten the wait by going to the invoice and selecting the "Charge customer" button, as shown below.

Google calendar API calls blocked by captcha

I have successfully written a tool to display upcoming calendar events on a website using Google's calendar API (v2). I am using the username/password method outlined at https://developers.google.com/google-apps/calendar/v2/developers_guide_dotnet#AuthClientLogin. Today an instance of this code would not return data or a decent error message. I finally logged into the web server and browsed directly to http://calendar.google.com and logged in using the credentials. I was challenged by Google's captcha and then my code worked.
How do I get around API calls being blocked by Google's captcha security? I don't want to have to re-code for magic cookies but I will if I have to. I have read some about generating tokens but I dont know if that is something I have to do once or every time the code is called.
If your app is a service that is getting used by many people, you might be running into API call bandwidth limitation. That is, google is limiting the number of API requests per time interval.
If this IS getting used by many people, you may have to upgrade to a paid account.

Resources