If you are like me, you will dread projects that involve oAuth2. It never seems to work first time and it's fiddly. It's also irritating that UrlFetchApp gives you the impression (false hope) that it's going to help you with oAuth, but forgets to mention that it's talking about oAuth, not oAuth2.
If you are writing webapps and accessing some of the Google JSON APIs services, you're going to need to deal with oAuth2. I decided that I was fed up with it, and provide here a library that should help get it right first time. EzyOauth2 prefers you to store access and refresh tokens it obtains, probably in your propertiesService store. That way, it should only take you through the authorization dialogue once, since it automatically refreshes tokens when they expire. You'll find example application patterns here.
In many cases, you can get an access token with ScriptApp.getOAuthToken(), and as long as you Script has the scopes you need to use already, then you don't need to do any of this. But for many services that have not yet been enabled in Apps Script, you have to create your own authentication dialog. Here's how.
I'm assuming that if you are here, you'll know about the cloud console. First you need to go there and create a project, and some credentials.
Ignore the redirect URIs for now, we'll fix that later.
I'm creating a project to access the cloud DataStore, so I need these scopes.
I find that the Oauth2 playground is the best place to find out what you need for each API
Now create a new blank script.
We're going to first of all store the credentials we just created in its script properties to keep them secret. Use the code below, substituting your credentials and scopes, then run initialStore(). You should use whichever property store is most appropriate. I'm using ScriptProperties, but UserProperties might be more appropriate, depending on your objectives, but that's up to you.
var PROPERTY_KEY = "EzyOauth2Datastore";
You can check it worked by looking at your project properties. If it did you can delete all that again, since you now have your credentials safely stored.
add a reference to this library
In order that it can check that you are really you, accessing the service from where you intended, you have to enter a redirectURI into the cloud console. Copy in the code below - and publish your web app.
You'll get something like this, and you'll copy the url into the redirect URIs section of the cloud console.
this is where you start your work. The access code will be passed to it. In this case, I'm doing a cloud datastore lookup
The library code
here is the code for the EzyOauth2 library. You can include it in your project by referencing MSaYlTXSVk7FAqpHNCcqBv6i_d-phDA33, or fork it by copying https://script.google.com/d/1lW9pn80yQH1hbbKsZDJiZTtvioJw8MWppFj8G3FBz7BegvhOSSI6pNYf/edit?usp=sharing
For help and more information join our forum,follow the blog or follow me on twitter .