OAuth-2.0-google-cloud-storage-api

command
v0.0.0-...-cf25b83 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 22, 2021 License: MIT Imports: 8 Imported by: 0

README

OAuth-2.0-google-cloud-storage-api

*** UNDER CONSTRUCTION - CHECK BACK SOON ***

Using OAuth 2.0 to access a users google cloud storage (based on scopes) via googles api.

GitHub Webpage

AUTHORIZATION OAuth 2.0

Refer to Web Server-Side Flow for a high-level view about OAuth 2.0.

GETTING A TOKEN

The following steps allow you to get a token.

STEP 1 - CREATE OAuth 2.0 CLIENT ID & SECRET

To create Create a OAuth 2.0 Client ID goto credentials page here and select create credentials.

Create a OAuth 2.0 client IDs for a Web Application.

Origin URI,

http://127.0.0.1:3000

Redirect URI,

http://127.0.0.1:3000/GoogleCallback

You will now have a Client ID and a Secret.

The user opens the website and clicks the login button.

In the code is a great way to unmarshalJSONFile() the client secrets .json file.

STEP 2 - APP LOGIN PAGE

Create a link the user may click on to get redirected to the google login page.

In this example it is http://127.0.0.1:3000.

The golang/oauth2 client libraries here to implement OAuth 2.0 in your application.

STEP 3 - GOOGLE LOGIN PAGE

The user gets redirected to the google login handler page via a url similiar to:

https://accounts.google.com/o/oauth2/auth?
    client_id={YOUR_SECRET}&
    redirect_uri=http%3A%2F%2F127.0.0.1%3A3000%2FGoogleCallback&
    response_type=code&
    scope={THE SCOPE YOU CHOOSE}&
    state=jeffrandom

The scopes for this example are: https://www.googleapis.com/auth/devstorage.read_only

The scopes availible are:

  • https://www.googleapis.com/auth/devstorage.full_control Read/write and ACL management access to Google Cloud Storage.
  • https://www.googleapis.com/auth/devstorage.read_write Read/write access to Google Cloud Storage.
  • https://www.googleapis.com/auth/devstorage.read_only Read-only access to Google Cloud Storage.
STEP 4 - USER LOGS IN TO GOOGLE ACCOUNT AND IS DIRECTED BACK

The call back has the state and an authorization code.

/GoogleCallback?
    state=jeffrandom&
    code={SECRET AUTH CODE}
STEP 5 - VERIFY SAME STRING VIA STATE

We verify if it's the same state string.

STEP 6 EXCHANGE AUTH CODE FOR TOKEN

IMPORTANT - Can only use the auth code once.

If it is then we use the code to ask google for a short-lived access token. We can save the code for future use to get another token later.

token, err = googleOauthConfig.Exchange(oauth2.NoContext, code)

PROFIT - USING ACCESS TOKEN FOR API (BASED ON SCOPES)

You can use the google/google-api-go-client client libraries here to use APIs in your application.

For example, to get meta data on YOUR_BUCKET_NAME,

response, err := http.Get("https://www.googleapis.com/storage/v1/b/YOUR_BUCKET_NAME?access_token=" + token.AccessToken)
REFRESH ACCESS TOKEN

TBD

Documentation

The Go Gopher

There is no documentation for this package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL