- Goa should be instructed to store the token infrastructure in the userPropertyStore rather that the scriptPropertyStore.
- The project credentials are stored in the scriptPropertyStore and Goa will clone them to the userPropertyStore as required (if they change .. for example a new scope, or on the first time a particular user is encountered).
- The webapp will be published as follows.
All the demo code is available on github. Note that I’m using the same code for all these examples, so the final source on github will have evolved in some details from the writeup here.
The example
where the ‘Change folder’ buttons launches the googlePicker, from which the user can select the folder to process,as below.
After that, the app works in exactly the same was as Using OAUTH2 with a webapp published ‘as me’, and will pass the images in the user’s folder to the cloud vision API for processing according to the type of detection selected, producing a result like this;
MZx5DzNPsYjVyZaR67xXJQai_d-phDA33
Creating credentials
Storing the credentials.
cGoa.GoaApp.setPackage (propertyStore ,
cGoa.GoaApp.createPackageFromFile (DriveApp , {
packageName: 'cloudvision',
fileId:'0B92xxxxxxFreTVPdjQ',
scopes : cGoa.GoaApp.scopesGoogleExpand (['cloud-platform','drive']),
service:'google',
apiKey:'AIzxxxxxxGvZKbdg' // you can store arbirary properties in goa too.
}));
I’ve added the drive scope, and also a new property called apiKey. Picker doesn’t have any scope of its own, but will need Drive scope to be able to access the user’s drive. The picker needs an API key in addition to Oauth2 authorization. An API key can be created in the developers console in the cloud vision project, as described below. Goa is able to retrieve any arbitrary properties in addition to the ones it needs for working with tokens, so I’ll store the API key here too and get it later when needed.
Creating an API key
Some APIs need an API key to measure usage. An API key can also be assigned a domain from which to expect requests using this key- which means that if someone gets hold of your key he would need to issue requests from a registered domain to be able to use it. Of course, in the case of Apps Script, all requests come from Google, so it doesn’t help too much. In any case, here’s how to create an API Key.
In the credentials area of your developer console entry for the cloud vision project (the one you enabled the cloudvision API in).
Store the API key in the goa one off script and execute it to write the whole thing away for later.
cGoa.GoaApp.setPackage (propertyStore ,
cGoa.GoaApp.createPackageFromFile (DriveApp , {
packageName: 'cloudvision',
fileId:'0B92xxxxxxFreTVPdjQ',
scopes : cGoa.GoaApp.scopesGoogleExpand (['cloud-platform','drive']),
service:'google',
apiKey:'AIzxxxxxxGvZKbdg' // you can store arbirary properties in goa too.
}));
Enabling the API
Since I want to enhance this project by including the Picker, I also need to enable the Drive API and the Picker API in the developers console in the project created for this cloudvision project.
The webApp
/**
* this is how to do a webapp which needs authentication
* @param {*} e - parameters passed to doGet
* @return {HtmlOurput} for rendering
*/
// since Im using the same webapp for multiplt purposes
// these describe what each do
// change TYPE to the run required
var PARAMS = {
TYPE:'asuser', // or asme
PACKAGE_NAME:'cloudvision', // always this
asuser: {
props:PropertiesService.getUserProperties(),
clone:true,
html:'asuser'
},
asme: {
props:PropertiesService.getScriptProperties(),
clone:false,
html:'asme'
}
};
function doGet (e) {
// this is pattern for a WebApp.
// passing the doGet parameters (or anything else)
// will ensure they are preservered during the multiple oauth2 processes
// im using this same for each, so need a way to swicth between
var demo = PARAMS[PARAMS.TYPE];
if (!demo) {
throw 'set PARAMS.TYPE to match one of the properties of PARAMS';
}
// it may need cloning if user props required
if (demo.clone) {
cGoa.GoaApp.userClone(
PARAMS.PACKAGE_NAME,
PropertiesService.getScriptProperties() ,
demo.props
);
}
// get the goa
var goa = cGoa.GoaApp.createGoa(
PARAMS.PACKAGE_NAME,
demo.props
).execute(e);
// it's possible that we need consent - this will cause a consent dialog
if (goa.needsConsent()) {
return goa.getConsent();
}
// if we get here its time for your webapp to run
// and we should have a token, or thrown an error somewhere
if (!goa.hasToken()) {
throw 'something went wrong with goa - did you check if consent was needed?';
}
// now return the evaluated page
return HtmlService
.createTemplateFromFile(demo.html)
.evaluate()
.setSandboxMode(HtmlService.SandboxMode.IFRAME)
.setTitle('Web app Oauth2 ' + demo.html)
}
Webapp walkthrough
// since Im using the same webapp for multiplt purposes
// these describe what each do
// change TYPE to the run required
var PARAMS = {
TYPE:'asuser', // or asme
PACKAGE_NAME:'cloudvision', // always this
asuser: {
props:PropertiesService.getUserProperties(),
clone:true,
html:'asuser'
},
asme: {
props:PropertiesService.getScriptProperties(),
clone:false,
html:'asme'
}
};
Aside from the parametrization, the only difference between this pattern and the one used in Using OAUTH2 with a webapp published ‘as me’ is that I am using the userPropertyStore to keep the token infrastructure in. That means I need to handle cloning the credentials as new users come along. Goa takes care of all of that by cloning the package from the scriptProperties to the userProperties as needed. This code needs to be at the start of the pattern to make that happen. From then on, all interaction is with the UserProperties.
// it may need cloning if user props required
if (demo.clone) {
cGoa.GoaApp.userClone(
PARAMS.PACKAGE_NAME,
PropertiesService.getScriptProperties() ,
demo.props
);
}
The Picker
<!-- javascript. --> <script src="https://www.google.com/jsapi"></script> <?!= requireJs(['mainasuser']); ?> <?!= requireGs(['Client','Server','App','Render','Picker']); ?>
The mainasuser.js html file is also slightly different as it loads the picker code from the Google API as follows, then initializes the App when it is completely loaded.
// this version uses the picker to get at the users drive
google.load('picker', '1');
google.setOnLoadCallback(function () {
App.init();
});
The picker code itself is actually quite simple, although it could be improved by playing around with the (very complicated) extensive options that the picker API offers.
var Picker = (function myFunction(ns) {
/**
* get a picker
* @param {string} accessToken
* @param {string} developerKey
* @param {function} callback when picked
*/
ns.getFolderPicker = function (accessToken, developerKey , callback) {
var docsView = new google.picker.DocsView()
.setIncludeFolders(true)
.setMimeTypes('application/vnd.google-apps.folder')
.setSelectFolderEnabled(true);
var picker = new google.picker.PickerBuilder()
.addView(docsView)
.setOAuthToken(accessToken)
.setCallback(callback)
.setDeveloperKey(developerKey)
.setOrigin(google.script.host.origin)
.setTitle('Pick a folder with images to analyze')
.build();
picker.setVisible(true);
};
return ns;
})(Picker || {});
Since the picker is invoked client side, it needs a way to get the api key and oauth token from the server and ensure they are fresh. This method is in the Client namespace.
/**
* for the picker we need to get the access token
* @param {function} func what to do after we have it
*/
ns.getPickerKeys = function (func) {
google.script.run
.withFailureHandler ( function (err) {
App.reportMessage (err);
})
/**
* called back from server
*/
.withSuccessHandler ( function (result) {
return func (result);
})
.expose('Server','pickerKeys');
};
Which as usual, asks the Server namespace to do something on its behalf – namely to get a token and an apikey that can be used with the picker.
/**
* return s tokens and keys needed for pcier
* @return {object}
*/
ns.pickerKeys = function () {
return {
token:Goth.getToken(PARAMS.PACKAGE_NAME, PARAMS[PARAMS.TYPE].props),
key:Goth.getGoa (PARAMS.PACKAGE_NAME, PARAMS[PARAMS.TYPE].props).getProperty ('apiKey')
}
};
All this is kicked off by listening for a click on the Change folder button, and the selected folder details are displayed and stored in the folder controls.
// handle a picker to get a different folder
listen (ns.globals.divs.getFolder , "click" , function (e) {
// first get the token and the developer key from the server
Client.getPickerKeys (function (keys) {
// then do a picker, passing them
Picker.getFolderPicker (keys.token, keys.key , function (pickerData) {
// couple of shortcuts
var p = google.picker;
var g = ns.globals.divs;
// see if we got something picked;
if (pickerData[p.Response.ACTION] === p.Action.PICKED) {
// the first one
var folder = pickerData[p.Response.DOCUMENTS][0];
// show what was picked
g.folderId.value = folder[p.Document.ID];
g.folderLabel.innerHTML = folder[p.Document.NAME] + ' (' + folder[p.Document.ID] + ')';
}
});
});
});
Why not join our forum, follow the blog or follow me on Twitter to ensure you get updates when they are available.