google-auth-wrapper

google-auth-wrapper

Wrapper to simplify google authentication for server side application.

It provides the following methods:

• authorize
• execute

Together these will allow your application to create the required artifacts to be able to interact with the google apis.

As a pre-req you need to need to add set of credentials for your application in the Google developers console as outlined here (Step 1): [https://developers.google.com/drive/v3/web/quickstart/nodejs] (https://developers.google.com/drive/v3/web/quickstart/nodejs)

authorize

authorize handles the interaction with the google oauth infrastructure and provides a plugable inteface for providing your own interaction to ask the user to navigate to the required url and to provide the code returned.

The authorize method takes the following parameters:

• storagePath - directory in which client secrets are located and where refresh token will be stored once authorization is complete
• clientSecrets - the name of the file which contains the google client secrets minus the '.json' file type
• scopes - the rights you are requesting for your application
• authCallback - your function that will be called to ask the user to naviate to a google url, authorize your application and then provide the code from that url.

authCallback has the following signature:

function(url, provideCode)

with the following parameters:

• the url to ask the user to navigate to
• provideCode a function you must call passing in the code that the user gets when they authorize your application at the url provided.

Once authenticated, there will be a file with the same name as your clientSecrets file but with the '.token' file type. For example, if clientSecrets was 'foo' you should end up with:

• foo.json
• foo.token

It should be possible to copy these files and use them with different machines and or directories.

execute

The execute function uses the contents of the files generated by the authorize call. It has the following paramters:

• storagePath - directory in which client secrets are located and where refresh token will be stored once authorization is complete
• clientSecrets - the name of the file which contains the google client secrets minus the '.json' file type
• executeAction - your function that will be called

executeAction must be a function with the following paramters:

• oauthClient - googleAuth.OAuth2 object you can use to access the google services
• google - instance of googleapis you can use to access the google services

Examples:

list files in your drive

var googleAuth = require('google-auth-wrapper');

function listMyFiles(auth, google) {
  var service = google.drive('v3'); 
  service.files.list({
      auth: auth,
      pageSize: 20,
      space: 'drive',
    },
    function(err, response) { 
      for (var j = 0; j < response.files.length; j++) {
        console.log(response.files[j].name); 
      }
    }
  );
} 
  
googleAuth.execute('./', 'client_secret', listMyFiles); 

authorize your application to generate token file

Although it is intended that you can use the plugable aspect of authorize to integrate the authorization step into your app (using GUI or otherwise) you can also do it through simple command line app as follows:

var googleAuth = require('google-auth-wrapper');
var readline = require('readline');

googleAuth.authorize('./',
                     'client_secret',
                     ['https://www.googleapis.com/auth/drive'],
                     function(url, provideCode) {

  console.log('Please vist this url, authorize the app and return the code provided', url);
  var read = readline.createInterface({
    input: process.stdin,
    output: process.stdout
  });

  read.question('What was the code:?', function(code) {
    read.close();
    provideCode(code, function(err) {
      if (err !== undefined) console.log('err:' + err);
    });
  });
});

In this example the scopes are set so that you have full read/write to your google drive:

['https://www.googleapis.com/auth/drive'],

adjust this to request the level of access required.

For this example you will to have to have stored your credentials from google in the file 'client_secret.json' and the refresh token created by the authorize call will have been stored in 'client_secret.token'. NOTE make sure to protect these two files appropriately as they give full access to whatever access level you have requested.