i need to get credentials of google calendar user without the user going into the consol?google.com website

Question

hi can do the crud of google calendar in my own application on an mvc app .net 5. but i need to get the credentials of a user when he logs in so that i can store them in my own database. is there a way to skip the console.google.com part so that the user gets only needs to log in?

public ActionResult OauthRedirect()
        {
            var credentialsFile = "C:\\Users\\credentials.json";

            JObject credentials = JObject.Parse(System.IO.File.ReadAllText(credentialsFile));
            var client_id = credentials["client_id"];

            var redirectUrl = "https://accounts.google.com/o/oauth2/v2/auth?" +
                               "scope=https://www.googleapis.com/auth/calendar+https://www.googleapis.com/auth/calendar.events&" +
                               "access_type=offline&" +
                               "include_granted_scopes=true&" +
                               "response_type=code&" +
                               "state=hellothere&" +
                               "redirect_uri=https://localhost:44311/Reservation/Calendar&" +
                               "client_id=" + client_id;
            
            return Redirect(redirectUrl);
        }

i am doing it like this for the moment to get al credentials. i downloaded the credentials.json file from console.goole.com but i need it have it practical for the end user so that the end user only needs to login.

Answer 1

I think you may have misunderstood what the Client credentials (client id, client secrete and api key) are used for.

When you want to create a new application, that will access Google apis. You go to Google cloud console you create a new project. Within that project you would create the client credentials you need and under library denote what apis you will be using.

These are project / application based credentials they are used by your application request access of users. There is no limit to the number of users your application can request access of using these application credentials.

An api key will give your application access to public data. The client id and client secrete will give your application the ability to request consent to access user data from any number of users.

When your application requests consent of a user to access their data

Assuming they consent and grant you access. An access token and refresh token is returned to you

{
"access_token" : "ya29.1.AADtN_VSBMC2Ga2lhxsTKjVQ_ROco8VbD6h01aj4PcKHLm6qvHbNtn-_BIzXMw",
"token_type" : "Bearer",
"expires_in" : 3600,
"refresh_token" : "1/J-3zPA8XR1o_cXebV9sDKn_f5MTqaFhKFxH-3PUPiJ4"
}

These tokens are user specific and linked to your client id.

For each user you authorize you will get a new access token and refresh token which your application can use to access the users data.

but does every user of the app needs to give there api key and credentials to the developer?

No every user does not give your an api key and credentials. those are specific to your application and your application alone. You create them. You use them to request consent of the user.

Please watch this video it will explain how the oauth2 flow works Understanding Google OAuth 2.0 with curl