发表新帖
发表新帖

Calling a Google Apps Script web app with access token

前端 未结
关注
3 1890
独厮守ぢ
独厮守ぢ 2020-12-14 13:28

I need to execute a GAS service on behalf of a user that is logged to my system. So I have her/his access token. I would like somehow to transfer the token to the web app an

3条回答
  • 时光说笑
    时光说笑 (楼主)
    2020-12-14 14:07

    Martin's answer worked for me in the end, but when I was making a prototype there was a major hurdle.

    I needed to add the following scope manually, as the "automatic scope detection system" of google apps script did not ask for it: "https://www.googleapis.com/auth/drive.readonly". This resulted in UrlFetchApp.fetch always giving 401 with additional information I did not understand. Logging this additional information would show html, including the following string

    Sorry, unable to open the file at this time.

    Please check the address and try again.

    I still don't really understand why "https://www.googleapis.com/auth/drive.readonly" would be necessary. It may have to do with the fact that we can use the /dev url, but who may use the /dev url is managed is checked using the drive permissions of the script file.

    That said, the following setup then works for me (it also works with doGet etc, but I chose doPost). I chose to list the minimally needed scopes explicitly in the manifest file, but you can also make sure the calling script will ask for permissions to access drive in different ways. We have two google apps script projects, Caller and WebApp.

    In the manifest file of Caller, i.e. appsscript.json

    {
  ...
  "oauthScopes": 
  [
    "https://www.googleapis.com/auth/drive.readonly",
    "https://www.googleapis.com/auth/script.external_request"]
}

    In Code.gs of Caller

    function controlCallSimpleService(){

  var webAppUrl ='https://script.google.com/a/DOMAIN/macros/s/id123123123/exec';

//  var webAppUrl = 
//  'https://script.google.com/a/DOMAIN/macros/s/id1212121212/dev'

  var token = ScriptApp.getOAuthToken();

  var options = {
    'method' : 'post'
    , 'headers': {'Authorization': 'Bearer '+  token}
    , muteHttpExceptions: true
  };

  var response = UrlFetchApp.fetch(webAppUrl, options);
  Logger.log(response.getContentText());
}

    In Code.gs of WebApp (the web app being called)

    function doPost(event){
  return ContentService.createTextOutput("Hello World");
}

    0 讨论(0)
 看不清?
提交回复
热议问题