Google OAuth2
Last updated
Last updated
4WS.Platoform provides methods to get Google OAuth2 credentials based on a Google Developer Console service account. As already explained above, it is necessary di create a service account in the cloud project where 4WS.Platform is installed or in the project target of our Google API requests.
First of all, go to the "Credentials" section and "Create a new Client Id". Choose "Service Account" and then "Generate new P12 key". This will cause the download of a file with extension .p12. Then this file must be base64 encoded in order to store it in the parameters tables (CON07 or CON44) of 4ws.Platform. In Linux/OSX environments this can be done in the following way: openssl base64 -in <orig file>.p12 -out <orig file>.p12.base64 After this, the "Email Address" above and the base64 encoded p12 key must be saved in 4WS.Platform. If the project target of the Google API requests is the current cloud project, save them in the default Google parameters:
Google Service Account Email – GOOGLE_SERVACC_EMAIL
Google Service Account Key (p12 key Base64 encoded) – GOOGLE_SERVACC_KEY
If the project target of requests is antoher project, it is better to specify the same parameters under the custom section, with a signicative suffix in upper case:
GOOGLESERVACC_EMAIL
GOOGLESERVACC_KEY
For example:
GOOGLE_SERVACC_EMAIL_MYGOOGLEPROJECT
GOOGLE_SERVACC_KEY_MYGOOGLEPROJECT
The second step is to enable the APIs we want to call, going in the "APIs" section of the projects. For example if we want to call Cloud SQL API, enable "Google Cloud SQL API" in this section. This step is fundamental, instead we can get an authorization error. Now that the service account credetianls are in place, it is possible to call the Bean methods in GoogleOAuth2Bean:
More frequently, the JS utils wrapper will be used from 4WS.Platform designer.
scopes – a list of strings containing the API scopes for the request. Every API has its own scopes, see more at https://developers.google.com/oauthplayground/.
projectId – the project ID of the target project. Must match in UPPER CASE with the suffix of the parameters stored as explained above. scopes – a list of strings containing the API scopes for the request. Every API has its own scopes, see more at https://developers.google.com/oauthplayground/.
What can I do with the access token? When the access token is generated, HTTP requests to Google APIs are possible. For example to enquiry Google Cloud SQL see:
If we want to get Cloud SQL instance information we can create a server side JS action like this:
and then make HTTP requests towards https://www.googleapis.com/sql/v1beta4/projects/instances with the following HTTP headers
The answer is a JSON containing the requested information, for example:
