Google Authentication.
In order to be able to use the google APIs you need to be authenticated. To determine your authentication the APIs request a Token that proves who is trying to use the services and if that configuration has permissions to access the requested api.
There are two types of identities (principals) that can be granted access to a resource:
User accounts are managed as Google Accounts, and they represent a developer, administrator, or any other person who interacts with Google Cloud. They are intended for scenarios where your application needs to access resources on behalf of a human user. See Authenticating as an end user for more information.
Service accounts are managed by IAM, and they represent non-human users. They are intended for scenarios where your application needs to access resources or perform actions on its own, such as running App Engine apps or interacting with Compute Engine instances. See Authenticating as a service account for more information.
In this document you are going to see how you can create a google application to configure to use User Accounts and how you can use the Google Authentication Component to configure it for your environment.
Go to Google Developers Console and create a new project
After giving it a name you’ll have to configure the consent screen. Go to your app and go to the OAuth consent screen. You need to select a Type and then the mandatory data. You can skip the scope. If you select the Type “external” please configure your test users
Go to Credentials, click on Create Credentials and select OAuth client ID.
Select the application type web application and select and give a name to this application.
Click on ADD URI and add the url to the oAuthCallback of the core application on OutSystems. (https://<your environment>/GoogleAuthenticationCore/oAuthCallback)
Click save and you will have your client id and client secret needed to configure on the OutSystems side. This information is also available if you go to Credentials and click on the created OAuth 2.0 Cliend IDs.
To be able to use the APIs you need to go to Library, search for the APIs you want to use with this configuration (ex: Google Sheets API, Google Calendar API, Google Drive API) and click on on the button Enable.
To manage your configurations with google projects you can use the Google Authentication Management. This will allow you to configure a connection with a google project and use the Google Authentication Core login block easily authenticate in your apps with a google user.
To create a configuration you’ll need to :
1. Go to https://<yourenvironment>/GoogleAuthenticationManagement/login and login.
2. Click on Add Google App Registration to add a new configuration. Select a name for it and add the client id and client secret that you can get from your project from the google developers console.
3. After clicking on the save button you’ll need to add the scopes. These scopes exist so the generated token can have authorization to call the certain rest apis. For more information about them consult https://developers.google.com/identity/protocols/oauth2/scopes.
For the Google Components Demo you should configure the following:
https://www.googleapis.com/auth/drive.scripts
https://www.googleapis.com/auth/drive.metadata
https://www.googleapis.com/auth/drive.appdata
https://www.googleapis.com/auth/spreadsheets
https://www.googleapis.com/auth/drive.file
https://www.googleapis.com/auth/drive
https://www.googleapis.com/auth/calendar.events
https://www.googleapis.com/auth/calendar
https://www.googleapis.com/auth/userinfo.email
https://www.googleapis.com/auth/userinfo.profile
4. After adding the scopes that you need, you need to add to Modules that will use this configuration. Only Modules that are associated with this configuration will use the client id, client secret and scopes stored in this configuration. For the Google Components Demo associate the GoogleComponentsDemo module.