Set up OAuth client
- Go to google cloud console.
- Create a project and an OAuth client.
- Associate the client with a trustful redirect_uri and necessary permissions (scopes).
- The created client should provide all the other necessary elements e.g. client_id, client_secret, auth_endpoint, …
Generate refresh token
- Build consent page URL:
Replace the <marks>
with the appropriate values
https://accounts.google.com/o/oauth2/v2/auth?response_type=code&access_type=offline&prompt=consent&client_id=<CLIENT_ID>&redirect_uri=<REDIRECT_URI>&scope=<PERMISSIONS_SCOPE>
<PERMISSIONS_SCOPE>
must be a Google API scope URL
e.g.
spreadsheets.readonly If various scopes are needed, separate them with a URL encoded space, i.e.
%20
.
- User interaction:
Provide this link to the user; when the user authorizes, it will be redirected to the redirect_uri. If the URI is not intended to handle the ‘consent-code’ the redirected URL will have the consent-code
inside the URL parameters.
- Send consent code:
Send the consent-code
together with the other config values like the following:
curl -0 -v -X POST https://oauth2.googleapis.com/token\
-H "Accept: application/json"\
-H "Content-Type: application/x-www-form-urlencoded"\
-d "grant_type=authorization_code\
-d "code=<CONSENT_CODE>"\
-d "client_id=<CLIENT_ID>"\
-d "client_secret=<CLIENT_SECRET>"\
-d "redirect_uri=<REDIRECT_URI>"
This will return a refresh_token
if successful.