This describes the pattern for sidebars and dialog boxes using the Goa library as described in Oauth2 for Apps Script in a few lines of code (which you should read first for background).
If you have initialized the credentials as described in Goa Setup, you are now ready to set your app for an authentication dialog. If you are using the service account flow there is no need for this. In fact, once you have run this once for you script you won’t need to run it again.
Note- Goa now supports automatic dialog and sidebar support – so this might be a better solution Automatic UI support for OAUTH2 Goa dialogs

The pattern

With the doGet() webapp pattern, returning the goa.getConsent() dialog if one is needed, is followed by returning the result of your application as HtmlOutput to be rendered by the published app.
For a sidebar, the pattern is almost the same, except that another sidebar call is used to render the result as below.

Google Auth dialog notes.

When using a sidebar, the consent dialog created by Goa is rendered in the sidebar. When the Google Auth dialog initiates it does so in a separate browser tab. I haven’t yet found a way of making that happen in the sidebar, with the result that you get an untidy message in a tab that can just be closed.
The script completed but did not return anything.
If anyone can find a way of closing this tab post-authentication, I’d be interested in your thoughts.
Why not join our forum, follow the blog or follow me on Twitter to ensure you get updates when they are available.