Generate Access Token Using OAuth
Learn how to use the client credentials to generate tokens.
We'll cover the following...
We've created a developer project on Google and fetched the required client credentials we need to initialize the OAuth process. Now, the next step is to generate an access token using the OAuth 2.0 client credentials.
We'll use the authorization code grant workflow to generate the token. The workflow has been demonstrated in the figure below:
The token generation process involves the following two endpoints:
https://accounts.google.com/o/oauth2/v2/authis used to redirect the resource owner to Google's consent screen. The resource owner logs in using their Google ID and approves or denies the request to access their Google resources. Once the resource owner approves our request, the client gets a code in response.https://oauth2.googleapis.com/tokenis then used to exchange the code the client got with an access token.
Generate the authorization code
The application below contains the code to generate an access token. Click the "Run" button to execute the code.
const port = 3000
// Client Keys
const CLIENT_ID = "{{CLIENT_ID_GOOGLE}}"
const CLIENT_SECRET = "{{CLIENT_SECRET_GOOGLE}}"
// GOOGLE URLS
const GOOGLE_AUTH_URL = "https://accounts.google.com/o/oauth2/v2/auth"
const GOOGLE_TOKEN_URL = "https://oauth2.googleapis.com/token"
// Server-side Parameters
const REDIRECT_URI = "{{EDUCATIVE_LIVE_VM_URL}}/callback"
const SCOPE = "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/drive https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/drive.file https://www.googleapis.com/auth/drive.readonly https://www.googleapis.com/auth/drive.metadata.readonly https://www.googleapis.com/auth/drive.appdata https://www.googleapis.com/auth/drive.metadata https://www.googleapis.com/auth/drive.photos.readonly"
const RESPONSE_TYPE = "code"
const GRANT_TYPE = 'authorization_code'
app.get('/', (req, res) => {
res.redirect(GOOGLE_AUTH_URL+'?response_type='+RESPONSE_TYPE+'&client_id='+CLIENT_ID+'&redirect_uri='+REDIRECT_URI+'&scope='+SCOPE+'&access_type=offline&prompt=consent')
})
app.get('/callback', (req, res) => {
headers = {
'Content-Type': 'application/x-www-form-urlencoded',
'Host': 'oauth2.googleapis.com'
}
request.post({url:GOOGLE_TOKEN_URL+'?code='+ req.query.code+'&client_id='+CLIENT_ID+'&client_secret='+CLIENT_SECRET+'&redirect_uri='+REDIRECT_URI+'&grant_type='+GRANT_TYPE,headers:headers}, (err, response, body) => {
if (err) {
console.log(err);
} else if (response.statusCode === 200) {
let struct = JSON.parse(body);
const access_token=struct.access_token;
const refresh_token=struct.refresh_token;
console.log(struct);
res.set('Content-Type', 'text/html');
res.send('<div class="container"><h2>OAuth 2.0</h2><hr><br><div class="text-center" style="text-align: center;"><p><h3>ACCESS TOKEN<br></h3>'+access_token+'</p> <button class="btn btn-outline-secondary" type="button" id="button-addon2" onClick={navigator.clipboard.writeText("'+access_token+'");}>Copy Access Token</button> <p><h3>REFRESH TOKEN<br></h3> '+refresh_token+'</p> <button class="btn btn-outline-secondary" type="button" id="button-addon2" onClick={navigator.clipboard.writeText("'+refresh_token+'");}>Copy Refresh Token</button> </div></div>');
} else {
console.log(response.statusCode);
res.json(body)
}
});
});
app.listen(port, () => {
console.log(`Auth app is listening on port ${port}`)
})Once the application is up and running, go to the ...