Oauth2 authentication for Asana


EzyOauth2 has now been superseded by Goa, so this document is for legacy information. For more information see OAuth2 for Apps Script in a few lines of code. If you are using EzyOauth2, it's easy to migrate. If you are starting up, consider using Goa instead - it's easier and has more features.

In EzyOauth2 - taking some pain out of Apps Script API authentication, I provided a library to simplify oAuth2, then in EzyOauth2 patterns I showed simple patterns for creating apps. Multiple oAuth2 authentication packages showed how to create multiple authentication packages in the same project. 

Here's a new one - this time for the  Asana API

For other authentication packages, see 
You'll need the code from EzyOauth2 patterns to build your own app around, and also include access to the library in EzyOauth2 - taking some pain out of Apps Script API authentication

Getting started

You need to set up your application on the Asana App Dashboard  You'll get a client id and a secret. Unlike most Oauth2 flows, Asana does not need/support scopes. You can get the redirect URL for your webapp by publishing it, running it, and taking note of the Url it shows.

Package Names

You need to add these to your one time credential storing function.  I've called it asanaCredentials.

function oneTimeSetProperties () {
  
  setAuthenticationPackage_ ({ 
    clientId: "33654442426661",               
    clientSecret:"6ab682baab027c35312ed0cbad72adc3",
    scopes : [],
    service: "asana",
    packageName: "asanaCredentials"
  });

}

Service names

I've already added the asana service to the latest  cEzyOauth2 library. This maps to the service name in your credentials package.

    var PACKAGELIST = [
      { name:'google',
          authUrl : "https://accounts.google.com/o/oauth2/auth",
          tokenUrl: "https://accounts.Google.Com/o/oauth2/token",
          refreshUrl: "https://accounts.google.com/o/oauth2/token"  
      },
      { name:'linkedin',
          authUrl : "https://www.linkedin.com/uas/oauth2/authorization",
          tokenUrl: "https://www.linkedin.com/uas/oauth2/accessToken",
          refreshUrl: "https://www.linkedin.com/uas/oauth2/authorization" 
      },
      { name:'soundcloud',
          authUrl : "https://soundcloud.com/connect",
          tokenUrl: "https://api.soundcloud.com/oauth2/token",
          refreshUrl: "https://api.soundcloud.com/oauth2/token" 
      },
      { name:'podio',
          authUrl : "https://podio.com/oauth/authorize",
          tokenUrl: "https://podio.com/oauth/token",
          refreshUrl: "https://podio.com/oauth/token" 
      },
      { name:'shoeboxd',
          authUrl : "https://id.shoeboxed.com/oauth/authorize",
          tokenUrl: "https://id.shoeboxed.com/oauth/token",
          refreshUrl: "https://id.shoeboxed.com/oauth/token" 
      },
      { name:'github',
          authUrl : "https://github.com/login/oauth/authorize",
          tokenUrl: "https://github.com/login/oauth/access_token",
          refreshUrl: "https://github.com/login/oauth/access_token",
          accept: "application/json"
      },
      { name:'reddit',
          authUrl : "https://www.reddit.com/api/v1/authorize",
          tokenUrl: "https://www.reddit.com/api/v1/access_token",
          refreshUrl: "https://www.reddit.com/api/v1/access_token",
          basic:true
      },
      { name:'asana',
         authUrl : "https://app.asana.com/-/oauth_authorize",
         tokenUrl: "https://app.asana.com/-/oauth_token",
         refreshUrl: "https://app.asana.com/-/oauth_token",
      }

    ];

A web application.

The only difference between this and the example shown in EzyOauth2 patterns, is that I am calling different function names and package name. You have to run this at least once to set up the token/refresh structure. It will show you the redirect URI, which you can add to your asana application definition, then it will take you through the asana authentication dialog. Future accesses to asana will pick up the access or refresh token from your script properties (webapp or not - they use the same token)



/** 
 * this is your web app
 * @param {object} webapp param object
 * return {HtmlOutput} 
 */

function doGet (e) {
  return doGetPattern(e, constructConsentScreen , doSomething ,"asanaCredrentials") ;
}

/**
 * tailor your consent screen with an html template
 * @param {string} consentUrl the url to click to provide user consent
 * @return {string} the html for the consent screen
 */
function constructConsentScreen (consentUrl,redirectUrl) {
  return '<p>Redirect URI to be added to cloud console is ' + redirectUrl + '</p><a href = "' + consentUrl + '">Click to authenticate to asana</a> ';
}
/**
 * this is your main processing - will be called with your access token
 * @param {string} accessToken - the accessToken
 */
function doSomething (accessToken) {
 
   var options = {
     method: "GET",
     headers: {
       authorization: "Bearer " + accessToken
     }
   };

  var result = UrlFetchApp.fetch("https://app.asana.com/api/1.0/users", options);
  return HtmlService.createHtmlOutput (' it worked ' + accessToken + '<br>' + result.getContentText());

}

and we get this
it worked eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhdXRob3JpemF0aW9uIjozMzY1ODYzNDgwMjY1Niwic2NvcGUiOiIiLCJpYXQiOjE0MzEzNTA4MTcsImV4cCI6MTQzMTM1NDQxN30.h0shNROkGJIv_FGakgTiJVLtG7-WBLm1oRutzZPZZdc
{"data":[{"id":33654198767746,"name":"Bruce Mcpherson"}]}

Summary

Once your credentials are set up, all you have to do is pass the function that does the work to doGetPattern(e, constructConsentScreen , doSomething ,"reddit")   and it will be called with a fresh accessCode. 
Comments