I'm using oauth to authenticate in google calendar, but i'm trying to send user and password to avoid open the authentication popup.
I'ts like automatic authentication.
Is it possible?
Thanks.
Since you want your application to always create events in a single calendar that is under your control, here is how I would do it:
Create a service account in Google Cloud Console - recent instructions on how to do so can be found here: google oauth2 how to get private key for service account
Share your calendar with that service account: https://support.google.com/calendar/answer/37082?hl=en
Write your code to use the service account credentials (private key downloaded in step 1).
I didn't post any sample code, as I'm not sure what language you are using. The following has some discussion of this use-case in PHP: Access Google calendar events from with service account: { "error" : "access_denied" }. No google apps
Related
I have requirement of creating website in c# to integrate the GA4. On which I can connect with GA4 API with any gmail account (userid/password), then select the property account from the list and get respective data without using any specific client key. Any help would be greatly appreciated.
On which I can connect with GA4 API with any gmail account (userid/password)
You cant this is / was called client login google shut this down in 2015. In order to access private user data you must use oauth2 to request consent of the user in order to access their data.
without using any specific client key.
You cant oauth2 requires that your application be registered and verified by google in order to access private user data. Then in order to request authorization you will need to use your client id and client secret.
Any help would be greatly appreciated.
Start looking into how to the Google analytics data v1 api
I am currently writing an online-booking-module and I want to store events (beside in the database) in a owned google-calendar (this calendar is then added to the responsible employee in outlook).
My idea was just to give the API my auth-data and the calendar-id and then being able to insert and delete events.
The calendar must be private, not public!
Now I see it is more designed to access user's calenders getting their permission etc...
Answer:
Yes, you can authenticate the application as yourself and add the events to a private calendar owned by you.
More Information:
Once the application has been published and contains your credentials and token, there will be no issue running the Events add Calendar API method as you, regardless of who runs the program.
Other option:
Alternatively, you could create a Service account to impersonate your account and run the calendar API queries, though you would need to provide the Service Account with access to your private Google Calendar.
References:
Google Calendar API - Events: insert
Authorizing Requests to the Google Calendar API
Google Developer Admin Console
Google Cloud - Service Accounts
Understanding Service Accounts
Creating and Managing Service Accounts
Creating and Managing Service Account Keys
Granting Roles to Service Accounts
I want to be able create calendar events in my Action that runs through Google Assistant.
Right now I was able to modify this Quickstart guide (https://developers.google.com/calendar/quickstart/nodejs) and use it in my current Dialogflow fulfillment. However, it's a little tedious to have the user have to copy and paste the authentication code after allowing Google Calendar access. Are there any better ways to do this that doesn't require the copy-paste flow? Thanks in advance!
Use Account linking with Google Sign-In
https://developers.google.com/actions/identity/google-sign-in
Then send a card to the user device with a link to authorise Google Calendar access. Store the authentication code securely against the user. Use the authentication code to make requests.
Broadly speaking, the approach you can take is to use Google Sign-In, as outlined in this SO answer: Google Home Authorization Code and Authentication with Google Account.
With this scheme, you use a website to get the user to authorize your use of the Calendar API scope, and you store the auth token against their UserID. Then you use Google Sign-In with the Assistant to get that ID. This works well if they go to your web page first, but not as well if they go to the Assistant first.
You can also setup an OAuth server that lets users sign-in using Google Sign-In on a web page (or use something like Auth0 and, as part of that sign-in, get authorization for the Calendar scope. Then use OAuth Account Linking in the Google Assistant to get an auth token which you can use to get the user's ID. You can then use this ID to lookup the authorization token.
Referencing this post
, I tried to create an access token for my Google Actions. I enabled Google sign in, and end up with a user-id. The top post says "You can combine this with a web- or app-based Google Sign-In to get their permission to access OAuth scopes if you need to access Google's APIs" but I honestly have no idea how to do that. What I'm trying to do is get an access token from Google Actions/ Dialog flow to send to my server-end code in order to make a successful API POST request to Google Calendar API.
The post you reference that points to another StackOverflow answer that discusses the approach. It basically says that you need to combine two things to do what you want:
You use Google Sign In on a web page to let the user authorize you to access the calendar on their behalf.
You probably should use the hybrid flow so the access/refresh tokens are only handled on the server side - not in your web client.
Your server will store the access/refresh tokens in some way so you can use them as part of your Action later.
You will use Google Sign In for Assistant to authenticate the user when they connect through the Assistant and determine if they have already authorized you to access their calendar. If they have, you'll be able to get their access/refresh tokens out of your store and access their calendar.
You can't do it completely through AoG/Dialogflow because there is no way for the user to grant OAuth permissions to you by voice alone - this is why you need to direct the user to a web page for them to grant you permission to access their calendar.
I want to be able to access other users Google Calendars through a service account so I am not prompted for authorization. I am doing this in a simple .net c# console app. When I attempt to create my credentials in the Google API Manager, it gives me the following alert when I specify I am using a non UI app and I want to access User Data. Isn't the purpose of using the service account to access other users data without a UI?
"User data cannot be accessed from a platform without a UI because it requires user interaction for sign-in."
You may have misunderstood the meaning of using a service account to impersonate a user. To help you with Authentication, you might want to check this tutorial : Google Calendar API Authentication with C# by Daimto.
Things to take note of :
To be able to access other calendars by service account, users who own the calendar should share it to the service account.
To impersonate a user, you must know the email address.
From the tutorial:
If you are only accessing data that you own there is no reason to ask a user for permission to access it. You can use a Service account. (Privacy)
If you want to be able to access data owned by someone else you will need to be authenticated.
Hope this helps!