NAME
goauth - CLI tool with mini http server for negotiating Google OAuth2 Authorisation access tokens that allow offline access to Google API Services on behalf of the user.
VERSION
version 0.13.1
SUMMARY
Supports multiple users OAuth2 for Google. You can find the key (CLIENT ID) and secret (CLIENT SECRET) from the app console here under "APIs & Auth" and "Credentials" in the menu at https://console.developers.google.com/project .
QUICK START
Simply run from the command line
goauth
Optionally you can provide an alternate filename to the default gapi.json as a parameter.
goauth my_differently_named_gapi.json
Once installed as part of the WebService::GoogleAPI::Client bundle, this tool can be run from the command line to configure a Google Project to access a Project configuration that allows authenticated and authorised users to grant permission to access Google API services on their data (Email, Files etc) to the extent provided by the Access Scopes for the project and the auth tokens.
In order to successfully run _go_auth_ for the first time requires the following Google Project configuration variables: Client ID Client Secret List of Scopes to request access to on behalf of users ( must be a subset of those enabled for the project. )
If not already available in the gapi.json file, you will be prompted to supply these as the file is created.
Once this configuration is complete, the go_auth tool will launch a mini HTTP server to provide an interface to request users to authorise your project application.
NB: To run successfully your Google Project must be configured to accept requests from the domain. For initial testing ensure that you include localhost in your allowed domains.
Once you have succesfully created a gapi.json file and ahve authenticated a user that is represented in this file then use WebServices::Google::Client to start making Google API Requests.
perldoc WebServices::Google::Client for more detail.
gapi.json
The ultimate output of this is the gapi.json file that contains both the Google Project Specification as well as the authorised user access tokens. The file describes a set of scopes that must all be configured as available to the Project through the Google Admin Console. You may have multiple gapi.json files for the same project containing a different subset of scopes. The gapi.json file also contains the authorisation tokens granted by users. Multiple users can be described within a single gapi.json file. If users exist across multiple gapi.json files for the same project then (I believe) only the most recently granted set of scopes will be usable.
The user can revoke permissions granted to a project ( Application ) by visiting https://myaccount.google.com/permissions
This file can be used to access Google API Services using the WebService::Google:API:Client Google API Client Library.
References
* probably originally based on https://gist.github.com/throughnothing/3726907
TODO: Improve user interface of the HTML templates beneath DATA section
- More Testing and documentation - explore cases where refresh token is not returned because previous token was issued
- Describe alternative User Agent approaches to WebServices::Google::Client
- Explore service accounts and possible inclusion into gapi.json
AUTHOR
Peter Scott <localshop@cpan.org>
COPYRIGHT AND LICENSE
This software is Copyright (c) 2017-2018 by Peter Scott and others.
This is free software, licensed under:
The Apache License, Version 2.0, January 2004