Multiple oAuth2 authentication packages


EzyOauth2 has now been superseded by Goa, so this document is for legacy information. For more information see OAuth2 for Apps Script in a few lines of code. If you are using EzyOauth2, it's easy to migrate. If you are starting up, consider using Goa instead - it's easier and has more features.

In EzyOauth2 - taking some pain out of Apps Script API authentication, I provided a library to simplify oAuth2, then in EzyOauth2 patterns I showed simple patterns for creating apps. Now you will probably want to have multiple authentication packages for different packages and scopes. Unfortunately, everybody's oAuth2 implementation is a little different, but we can still use  a standard pattern to abstract away those differences. 

To illustrate, I'm going to add a new oAuth2 package - this time for the soundcloud service. 


For other authentication packages, see 
only a few minor modifications are needed from the soundcloud version shown below.

Getting started

Just as described in EzyOauth2 - taking some pain out of Apps Script API authentication, you need to set up your application - this time in the soundcloud developers console. This is a lot simpler than some other consoles, but the principle in the same. You'll get a client id and a secret, and you'll need to give your redirect URI just as for the Google oAuth2 implementation. 

Package Names

To support multiple packages, you can now provide a package name when you set up your credentials for the first time. Here are a few different ones, including the sound cloud one. You need to run this once to store your credentials.

function oneTimeSetProperties () {
  setAuthenticationPackage_ ({ 
    clientId : "1046xxxvum.apps.googleusercontent.com",
    clientSecret : "ejixxx-hRFN",
    scopes : ['https://www.googleapis.com/auth/datastore','https://www.googleapis.com/auth/userinfo.email'],
    service: 'google'
  });
  
  setAuthenticationPackage_ ({ 
    clientId: "avxxxcfs",                                             // linkedin call it apiKey
    clientSecret:"Ji7Oxxx",                                      // linkedin call it secretKey
    scopes : ["r_network"],
    service: "linkedin",
    packageName: "linkedinNetwork"
  });
  
  setAuthenticationPackage_ ({ 
    clientId: "0ecxxx0983ce",               
    clientSecret:"c1exxxxc5",
    scopes : ["non-expiring"],
    service: "soundcloud",
    packageName: "soundcloud"
  });

}

Service names

Note that each package has a service property. cEzyOauth2 knows how to interact with different services (as I mentioned, they are all slightly different). I'll be adding to these over time. Here are some service definitions, which I maintain  in the cEzyOauth2 library.

    var PACKAGELIST = [
      { name:'google',
          authUrl : "https://accounts.google.com/o/oauth2/auth",
          tokenUrl: "https://accounts.Google.Com/o/oauth2/token",
          refreshUrl: "https://accounts.google.com/o/oauth2/token"  
      },
      { name:'linkedin',
          authUrl : "https://www.linkedin.com/uas/oauth2/authorization",
          tokenUrl: "https://www.linkedin.com/uas/oauth2/accessToken",
          refreshUrl: "https://www.linkedin.com/uas/oauth2/authorization" 
      },
      { name:'soundcloud',
          authUrl : "https://soundcloud.com/connect",
          tokenUrl: "https://api.soundcloud.com/oauth2/token",
          refreshUrl: "https://api.soundcloud.com/oauth2/token" 
      } 
      
    ];

a web application.

The only difference between this and the example shown in EzyOauth2 patterns, is that I am calling different function names and package name


/** 
 * this is your web app
 * @param {object} webapp param object
 * return {HtmlOutput} 
 */

function doGet (e) {
  return doGetPattern(e, constructConsentSoundcloud, doSomethingSoundcloud,"soundcloud") ;
}

/**
 * tailor your consent screen with an html template
 * @param {string} consentUrl the url to click to provide user consent
 * @return {string} the html for the consent screen
 */
function constructConsentSoundcloud (consentUrl) {
  return '<a href = "' + consentUrl + '">Authenticate to soundcloud</a> ';
}

/**
 * this is your main processing - will be called with your access token
 * @param {string} accessToken - the accessToken
 */
function doSomethingSoundcloud (accessToken) {
 
   var options = {
     method: "GET"
   };

  var result = UrlFetchApp.fetch("https://api.soundcloud.com/me/connections.json?oauth_token="+accessToken, options);
  return HtmlService.createHtmlOutput (' it worked' + result.getContentText());

}

Summary

Once your credentials are set up, all you have to do is pass the function that does the work to doGetPattern(e, constructConsentSoundcloud, doSomethingSoundcloud,"soundcloud")   and it will be called with a fresh accessCode. Simple!
Comments