Does Google AppScript (GAS) supports O-Auth 2.0 Implicit Grant-Type

本秂侑毒 提交于 2020-01-15 09:32:12

问题


I'm trying to create a new Gmail add-on using Google Apps Script and trying to access third-party, non-Google API. For that I am using O-Auth 2.0 Implicit Grant-Type for authentication.

This is how the AuthService looks like :

function getOAuthService() {
  return OAuth2.createService('Podio O-Auth')
    .setAuthorizationBaseUrl('Base Url')
    .setTokenUrl('Token Url')
    .setClientId('clientId')
    .setClientSecret('clientSecret')
    .setParam('redirect_uri', 'https://script.google.com/macros/d/' + scriptID + '/usercallback')
    .setScope('GLOBAL')
    .setCallbackFunction('authCallback')
    .setCache(CacheService.getUserCache())
    .setParam('response_type', 'token')
    .setParam('response_mode', 'query')
    .setParam('state', getStateToken('authCallback')) // function to generate the state token on the fly
    .setPropertyStore(PropertiesService.getUserProperties());
}

The script correctly generates an URL that includes my redirect_uri
Auth picks up the request, generates a token, and redirects me to the scripts.google.com domain.

Once hitting scripts.google.com, I am redirected to an URL that includes my custom domain, e.g.

https://script.google.com/a/macros/[custom-domain]/d/[script-id]/usercallback#access_token=[token]&expires_in=7200&token_type=Bearer&state=[state]&id_token=[token]

Which results in this error:

because the url is fragmented by #. If I replace the # with ?, then it works as expected.

Can anyone please tell me how can I fix this issue? If not then do I have to Authorization code grant flow for this purpose ?

Note: I have used setParam('response_type', 'token') for Implicit Grant-Type


回答1:


Per your question in the apps-script-oauth2 GitHub repo, your particular implementation of OAuth in Apps Script (using that library) does not support Implicit Grant. Given that Apps Script executes in the server (and not the client, where implicit grant is most useful), it is not likely that the library you use will be extended to support it either.




回答2:


The library currently doesn't support implicit grants. Google AppScript supports server side flow. So, I set the response_type = code and this is the working authorization service looks like:

function getOAuthService() {
  return OAuth2.createService('Podio O-Auth')
    .setAuthorizationBaseUrl('Base Url')
    .setTokenUrl('Token Url')
    .setClientId('clientId')
    .setClientSecret('clientSecret')
    .setParam('redirect_uri', 'https://script.google.com/macros/d/' + scriptID + '/usercallback')
    .setScope('GLOBAL')
    .setCallbackFunction('authCallback')
    .setCache(CacheService.getUserCache())
    .setParam('response_type', 'code')
    .setParam('response_mode', 'query')
    .setParam('state', getStateToken('authCallback')) // function to generate the state token on the fly
    .setPropertyStore(PropertiesService.getUserProperties());
}

It internally first calls the autorizatiionBaseUrl and recieves the authorization code. And with this authorization code it agains makes a post request to TokenUrl to get the auth_token, refresh_token and other details. Thanks. :)



来源:https://stackoverflow.com/questions/52671507/does-google-appscript-gas-supports-o-auth-2-0-implicit-grant-type

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!