How to get calendarId (user's email) from OAuth token object?
Details: Using the Google Javascript Client Library.
After authorization, I need to get the user's email, which is the calendarId from the token object.
For Google Plus, the docs say that 'me' keyword can be used to refer to current authenticated user. It doesn't work for Calendar API.
What should I do for calendar API?
Please help
The attendee list of an event will contain addresses. Are you saying that you are unable to initialize the Calendar service?
I resolved the problem in the following way:
https://developers.google.com/+/web/people/
The above link says how to retrieve the user information from the authToken by using the API: gapi.auth.setToken();
Related
In my web application I have integrated user Firebase Authentication using Google Sign-in. After successful sign-in Firebase returns AccessToken and RefreshToken. Using this AccessToken I am able to call Google APIs (eg; calendar API).
What I wanted to know: If I store user's RefreshToken in DB, later on (may be after a week or so) application backend can get user's RefreshToken from DB and call some Google API (don't know which and how) to retrieve user's AccessToken. This AccessToken will be used to call Google APIs without any issue.
In short, is it possible for backend to retrieve user's AccessToken by using user's RefreshToken for calling Google APIs?
I cant say i have tried with something that came from firebase auth but in theory it should work
This is the call you make.
HTTP POST https://accounts.google.com/o/oauth2/token
client_id={ClientId}&client_secret={ClientSecret}&refresh_token=[REFRESHTOKEN]&grant_type=refresh_token
Love to hear if it works or not.
I created custom Auth Token via createCustomToken(), see https://firebase.google.com/docs/auth/admin/create-custom-tokens.
But later on when I try to verify this token via verifyIdToken() function it throws following error
Error: verifyIdToken() expects an ID token, but was given a custom token. See https://firebase.google.com/docs/auth/admin/verify-id-tokens for details on how to retrieve an ID token.
Which is rational, because there is no such ID... But what I need - is to simply verify the token, similar to jwt.verify()...
Has anyone came across this problem and what solution was found? Is it possible to verify Firebase auth token via jsonwebtoken library?
P.S. I am gonna use verification in Google Cloud Function endpoints
SOLUTION: Looks like I just found a solution https://firebase.google.com/docs/auth/admin/verify-id-tokens#verify_id_tokens_using_a_third-party_jwt_library Just need to grap public key from https://www.googleapis.com/robot/v1/metadata/x509/securetoken#system.gserviceaccount.com and use jsonwebtoken library to verify it...
verifyIdToken like the name is to verify IdToken, not custom token.
CustomToken is for client to sign in. This custom token can be verify using simple JWT verification like your solution (it expire after one hour).
But the IdToken is another story, you need to do sign in process using firebase auth.
To Get The Id Token from client after signIn, it's depend whether the client is Android, Web, or IOS.
The code to get the IdToken can be read in this section
If I intercept an access_token from an example on this page:
https://developers.google.com/picker/docs/
...it looks like this:
ya29.Glx7BW_OsFJ1CSjJ_kdt9iZixJAZHjvllMtJO09EccpURJPbCXudNP6teBz6HZ0T_ioaQLNna323UPpBQN-N0aCLWXfDVCvq4xXkbi5kKQhfwS0xakcsrNmzD5B8OA
If I paste that into here:
https://jwt.io/
...I'm told it's malformed. However, if I paste a Firebase auth token into there, it's well-formed and you can see its payload.
Ultimately, I'm trying to use the Firebase auth token in the Google Picker API, but I can't figure out how to translate it.
I was using firebase.auth().currentUser.getIdToken, but it looks like firebase.auth().getRedirectResult() gets an auth token that is the same format as the Picker API.
Google API access is scope based https://developers.google.com/identity/protocols/googlescopes
You must specify the scopes needed when requesting an access token.
Each access token you receive back, is limited to the scope and application from its original request. They are not inter-changeable.
You will need to setup a specific Google Picker API request, in order to get the access token you require https://developers.google.com/identity/protocols/OAuth2
Hope this helps
"ya29.*" token is Google's access token and it is not a jwt (it is opaque for the api callers).
Yes firebase allows you to add scopes during the sign-in process. After that you get an id token that says who the user is and a separate access token that you can use to access Google APIs.
If you look at https://firebase.google.com/docs/auth/web/google-signin you will see this:
Then, you can also retrieve the Google provider's OAuth token by calling getRedirectResult when your page loads:
firebase.auth().getRedirectResult().then(function(result) {
if (result.credential) {
// This gives you a Google Access Token. You can use it to access the Google API.
var token = result.credential.accessToken;
// ...
}
// The signed-in user info.
var user = result.user;
I was creating new google calendar event using google calendar API through service account email in c#. I succeeded in creating the event but the invitation mail I received has service account email address as 841212832218-vaqgheuempaamjpprglaa9d36q55gq7a#developer.gserviceaccount.com instead of the actual gmail id as rags1.2#gmail.com. Could you please let me know anybody has the solution for this.
Thanks
I'm using oauth to authenticate in google calendar, but i'm trying to send user and password to avoid open the authentication popup.
I'ts like automatic authentication.
Is it possible?
Thanks.
Since you want your application to always create events in a single calendar that is under your control, here is how I would do it:
Create a service account in Google Cloud Console - recent instructions on how to do so can be found here: google oauth2 how to get private key for service account
Share your calendar with that service account: https://support.google.com/calendar/answer/37082?hl=en
Write your code to use the service account credentials (private key downloaded in step 1).
I didn't post any sample code, as I'm not sure what language you are using. The following has some discussion of this use-case in PHP: Access Google calendar events from with service account: { "error" : "access_denied" }. No google apps