Google Sheets ETL | OAuth Setup & Configuration | Fluid Attacks Help

Google sheets ETL

Set up OAuth client

  1. Go to google cloud console.
  2. Create a project and an OAuth client.
  3. Associate the client with a trustful redirect_uri and necessary permissions (scopes).
  4. The created client should provide all the other necessary elements e.g. client_id, client_secret, auth_endpoint, …
Detailed steps can be found on this doc or in the tap-google-sheets docs.

Generate refresh token

  1. Build consent page URL:

    2. Replace the <marks> with the appropriate values

    https://accounts.google.com/o/oauth2/v2/auth?response_type=code&access_type=offline&prompt=consent&client_id=<CLIENT_ID>&redirect_uri=<REDIRECT_URI>&scope=<PERMISSIONS_SCOPE>

    <PERMISSIONS_SCOPE> must be a Google API scope URL

    e.g. spreadsheets.readonly If various scopes are needed, separate them with a URL encoded space, i.e. %20.

  2. User interaction:

    3. Provide this link to the user; when the user authorizes, it will be redirected to the redirect_uri. If the URI is not intended to handle the ‘consent-code’ the redirected URL will have the consent-code inside the URL parameters.

  3. Send consent code:

    4. Send the consent-code together with the other config values like the following:

    curl -0 -v -X POST https://oauth2.googleapis.com/token\
    -H "Accept: application/json"\
    -H "Content-Type: application/x-www-form-urlencoded"\
    -d "grant_type=authorization_code\
    -d "code=<CONSENT_CODE>"\
    -d "client_id=<CLIENT_ID>"\
    -d "client_secret=<CLIENT_SECRET>"\
    -d "redirect_uri=<REDIRECT_URI>"
            This will return a refresh_token if successful.

Idea
Tip
Have an idea to simplify our architecture or noticed docs that could use some love? Don't hesitate to open an issue or submit improvements.