Google Sheets ETL | OAuth Setup & Configuration | Fluid Attacks Help

Google sheets ETL

Set up OAuth client

  1. Go to google cloud console.
  2. Create a project and an OAuth client.
  3. Associate the client with a trustful redirect_uri and necessary permissions (scopes).
  4. The created client should provide all the other necessary elements e.g. client_id, client_secret, auth_endpoint, …
Detailed steps can be found on this doc or in the tap-google-sheets docs.

Generate refresh token

  1. Build consent page URL:

  2. Replace the <marks> with the appropriate values

    https://accounts.google.com/o/oauth2/v2/auth?response_type=code&access_type=offline&prompt=consent&client_id=<CLIENT_ID>&redirect_uri=<REDIRECT_URI>&scope=<PERMISSIONS_SCOPE>

    <PERMISSIONS_SCOPE> must be a Google API scope URL

    e.g. spreadsheets.readonly If various scopes are needed, separate them with a URL encoded space, i.e. %20.

  3. User interaction:

  4. Provide this link to the user; when the user authorizes, it will be redirected to the redirect_uri. If the URI is not intended to handle the ‘consent-code’ the redirected URL will have the consent-code inside the URL parameters.

  5. Send consent code:

  6. Send the consent-code together with the other config values like the following:

    curl -0 -v -X POST https://oauth2.googleapis.com/token\
        -H "Accept: application/json"\
        -H "Content-Type: application/x-www-form-urlencoded"\
        -d "grant_type=authorization_code\
        -d "code=<CONSENT_CODE>"\
        -d "client_id=<CLIENT_ID>"\
        -d "client_secret=<CLIENT_SECRET>"\
        -d "redirect_uri=<REDIRECT_URI>"
            This will return a refresh_token if successful.

Idea
Tip
Have an idea to simplify our architecture or noticed docs that could use some love? Don't hesitate to open an issue or submit improvements.