360-320-6221 caperren@caperren.com

Part 1 – Setting up Google Authentication

Prev    Next

Google is very very strict about their security, and personally I’m glad they are. Hundreds of millions of people rely on them to keep incredible amounts of information secure, yet provide means to access that info via the web and through third party applications like the one you can make using this guide. However, this added security does make things a bit more difficult for us as developers. Take a peek and continue reading to read my simplified explanation of how this system works.

The core of Google’s authorization system is OAuth2. Looking at the graphic we can get an idea of how it works. Basically, the first time a user accesses our application, it OAuth2 prompts the user to log into google using their normal credentials. This process, while started by our application, is handled by Google. Once authenticated and the user gives us permission to access their account, Google sends a token back to our application. Then, all future requests are a simple matter of verifying that the token is valid, then using the token to make an API request.

So, now we have an idea of how the authentication system works, let get our developer API credentials set up.

 

  1. First, we’re going to go to the Google Developer’s Console and make a new project.
  2. Give the project a name, and hit “Create”. After a couple of seconds, you will be redirected to your dashboard.
  3. Click on “Enable and Manage APIs”.
  4. This will bring up a listing of all APIs. Search for drive and click on “Drive API”.
  5. On the Drive API screen, click “Enable” and wait until “Enabling…” disappears and says enabled.
  6. At this point, it will complain that there are no credentials, so click on the credentials sidebar link.
  7. Hit “Create credentials” and choose “OAuth client ID”.
  8. Again, it now complains that we do not have a consent screen set up, so click “Configure consent screen”.
  9. Enter a name for your project that will be seen by the outside world and click “Save”.
  10. Once it’s returned you to your previous page, choose “Web application”.
    1. It will expand the section beneath. Now enter a name for your credentials.
    2. This next part is EXTREMELY IMPORTANT. Enter the authorized addresses that a request to the API can originate from.
      1. If running on AWS or hosted servers of any kind with a permanent public ip or dns resolvable address.
        1. Enter these addresses or IPs into the boxes. (Include ports if necessary.)
      2. If running on a local test environment.
        1. For windows, you’ll need to edit your hosts file to make google think the request is coming from a real server.
          1. Example entry ->     127.0.0.1    myfakedomain.local
        2. Add myfakedomain.local to the authorized origins box.
        3. When testing your webserver, instead of using localhost or 127.0.0.1 use myfakedomain.local in your web browser.
    3. Hit “Save”.
  11. Copy down your client ID for later.

Now that we’ve got usable credentials, go to the next section to get a text web application connected and working!