C
C#13mo ago
Thinker

✅ Authenticating using OAuth

Does anyone have any resources on authenticating using OAuth? I wanna interact with the Google Workspaces APIs which require OAuth authentication, but I have no idea how to properly set it up. I have the OAuth2 client secret and ID set up, I'm just unsure of how to use it.
33 Replies
Kao
Kao13mo ago
What are you trying to connect with the oauth Like are you doing a backend to backend or is it a client
Hazel 🌊💃
Hazel 🌊💃13mo ago
I'm not an expert, but I thought it was a simple system of auth with original token, get back auth token, refresh that when it expires?
Thinker
ThinkerOP13mo ago
A client
Kao
Kao13mo ago
A desktop one?
Thinker
ThinkerOP13mo ago
ye I've read through this article and think I get how it works, but there's not reference for how to authenticate and stuff. https://developers.google.com/workspace/guides/auth-overview
Kao
Kao13mo ago
You will need to spin up a webserver in you client so you can listen to the callback from the oauth
Thinker
ThinkerOP13mo ago
Webserver? Like ASP.NET...? Or some other kind of server?
Kao
Kao13mo ago
A simple httplistener is enough
Thinker
ThinkerOP13mo ago
I'm aiming for this to be a simple CLI tool, so it's not gonna be long-running.
Kao
Kao13mo ago
And the listener just need to stay alive for the auth process
Thinker
ThinkerOP13mo ago
ah
Kao
Kao13mo ago
When it's done and you have the token it is fine
Thinker
ThinkerOP13mo ago
So I set up an HTTP listener for the auth process, then discard it when it's done?
Kao
Kao13mo ago
Yeah. And for handling 80% of the process (except the httplistener part hahaha) you can use something like IdentityModel https://identitymodel.readthedocs.io/
Thinker
ThinkerOP13mo ago
Oh also, while I'm at it, would there be a way to store the token somewhere persistent such that the user doesn't need to log in on every invocation of the tool?
Kao
Kao13mo ago
Well tokens have a short lifetime
Thinker
ThinkerOP13mo ago
What I'm imagining is like
> todo
Please log into Google
... (auth stuff here)
Authentication complete

> todo
(list of todo items from Google Tasks)
> todo
Please log into Google
... (auth stuff here)
Authentication complete

> todo
(list of todo items from Google Tasks)
Kao
Kao13mo ago
They won't have to do a full login everything
Thinker
ThinkerOP13mo ago
ah, that's what the refresh token does?
Kao
Kao13mo ago
*everything *EVERYTIME Fuck you corrector Yes But as I was going to say It is not an issue to not keep it in memory because : If they are connected to Google they won't need to re-log It will just send you back a new auth token
Thinker
ThinkerOP13mo ago
So it'll be essentially invisible on subsequent runs?
Kao
Kao13mo ago
Kinda It will still open a browser tab (But you can make it so it closes by having js in it)
Thinker
ThinkerOP13mo ago
hm, doesn't sound ideal but sure ig
Kao
Kao13mo ago
This is very ugly, screened and not syntax highlight example
No description
Thinker
ThinkerOP13mo ago
cool Well, I still have the problem that I have no idea what url to actually call to authenticate harold
Kao
Kao13mo ago
The RefreshTokenHandler handles asking a new token when your http request gets a 401 Google should have give it to you But IdentityModel handles that for you also
Thinker
ThinkerOP13mo ago
It has built-in support for Google APIs?
Kao
Kao13mo ago
Yesnt. It handles oidc standard As long as you manage to find the Authority url in your doc you are fine Also there might be libs more specialised that handle Google My solution is more like general oidc/oauth
Thinker
ThinkerOP13mo ago
Yeah but I can't find it I've tried sending a request to the Tasks API and got back a 401 response (duh) which says something about Bearer realm=https://accounts.google.com Either I'm blind or it just does not say what the authority url is https://developers.google.com/identity/protocols/oauth2 Wait there does seem to be a C# lib for it
Kao
Kao13mo ago
Kao
Kao13mo ago
will make any proper OIDC lib grab the well-known config and do the magic mostly alone
Thinker
ThinkerOP13mo ago
Actually I installed the API wrapper lib by following the sample in the docs and everything works just fine The library's DTOs are horrible tho catsweat

Did you find this page helpful?