HTTP Auth and OAuth 2.0 with Google Sheets and Google Calendar

[Tom Sherratt]

I've been playing around with HTTP Auth and OAuth 2.0 in Tasker to add a row in Google Sheets (using the example) and to create a calendar event in Google Calendar.

I've got it all to work but yesterday evening a task ran which, amongst other things, adds a row in Google Sheets and creates a calendar event in Google Calendar. Some time later when I opened up Google Chrome, I found two tabs opening asking me to re-consent my OAuth app for access to Google Sheets and access to Google Calendar. In the meantime the task had completed without being able to add a row to Google Sheets or create a calendar event in Google Calendar so I lost the data those should have contained.

Reading through Google's documentation, it asked me to re-consent my OAuth app because as its publishing status is 'testing' the consent expires every 7 days. I'm wondering if either I can avoid a repeat of this situation using AutoWeb and AutoWeb Authentication because I'm then using Joao's OAuth app (but then I'm not sure how to use the %awaccesstoken and %awaccesstokenheaderprefix variables in place of the %http_auth_headers variable HTTP Auth produces) or if it's possible to set the task to wait until the OAuth app has been re-consented and it's been supplied with the %http_auth_headers?

Suggestions welcome!

[João Dias]

Oh, that's a bummer :( I didn't realize that testing apps would lose the consent after 7 days. Do you not have a way to put the app in production so you don't have that limitation?

Thank you for your contact.

   Join: connect multiple devices (send pushes, remote SMS, notifications) on Android, Windows, Mac, Linux

   Tasker: customize/automate anything on your phone!

   AutoApps: add advanced functionality to Tasker via plugins

     

João Dias

--
You received this message because you are subscribed to the Google Groups "Tasker" group.
To unsubscribe from this group and stop receiving emails from it, send an email to tasker+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/tasker/68ff6f6a-724b-4f25-80ec-692cbb8ed873n%40googlegroups.com.

[Tom Sherratt]

Not easily, to push the app to production you need:

[João Dias]

Oh, right... This used to be so easy... 😫 The only workaround I can see is to create official API keys for everyone to use, but that wouldn't be very safe...

[Tom Sherratt]

I'm not sure I understand but that's because I'm quite new to all this OAuth and the Google APIs... all because of your example, which was so helpful! I presume what you mean is that each user needs a unique Client ID and Client Secret which you would need to provide them with.

I've pushed my OAuth app to 'In production' but now it needs verification because it uses sensitive scopes, so I'm not sure if it will suffer from the same 7 day problem. Google do say an app doesn't need to be verified if it's for personal use, however there isn't a button specifically for that option so you still have to provide a website link and a link to a YouTube video... does anyone have any experience of this?

Is there any way that Tasker could alert you if the HTTP Auth and OAuth 2.0 doesn't return a useful value for %http_auth_headers, or could I do a wait until %http_auth_headers is set for example?

[João Dias]

Yes, that's what I mean. Each user needs their own unique client ID and secret or else I'd need to provide one and users would use up all my quota and I would pay the bills :)

Can you please show me where it says that for personal projects you don't need verification?

I do have experience with that actually since I had to do it some times now, but I do have a website and did create YouTube videos for my apps....

[Tom Sherratt]

FAQ article here.

Is there a way users could get their own Client ID and Client Secret like now with HTTP Auth but it somehow used a Tasker OAuth consent screen app and you didn't get charged? I always find it difficult to find prices on Google Cloud Platform but I know I'm easily within my free credit...

[João Dias]

Hhmm, I think you just need to put it into production and then not submit for verification then :)

The way users should get the Client ID and Secrets is just the way you did it in this case!

[Tom Sherratt]

I'll let you know if it asks to be re-consented again in 7 days XD

[João Dias]

Great! :)

[Tom Sherratt]

Update - I had to reconsent again yesterday, however this may be because when I reconsented a week ago my OAuth consent app was still in 'testing'. Hopefully now it's 'in production' I won't need to reconsent again in seven days!

[João Dias]

Great! :) Let's hope it works!

[William “Justin” Baker]

tomsh...@gmail.com, 

I would love to know if and how you got your calendar event creation to work. I'm currently trying to create a Google Calendar Event from an email in Gmail that I receive once a week for therapy and I can't seem to get it to work. I call it "AutoTherapy" in the profile on Tasker but, I'm sure @joaomgcd has that naming convention down already. ;)