First experience with Google API (for example, ContactsAPI) and OAuth2.0 on pure HTTP
During the writing of the project, I needed to add entries to the Google contact book. It seems that everything is simple, there is an API, take it and use it, but it did not work right away at all. A lot of documentation, cross-references (of course not in Russian). It took me a long time to figure it all out. In addition, I needed an example of using pure HTTP with no code in any other language. After everything turned out, I decided to write here to save someone a lot of time, spreading all the steps on the shelves. For many, there will be nothing new here, especially since this article is for the most part a translation and simplification of Google documentation.
So, specifically for my purposes, you had to use the Contacts API. Go to your google account in which we want to enable the API. Follow the link
console.developers.google.com/iam-admin/projects and click "Create Project":
Then we do everything that Google offers, without turning anywhere. Name the project, etc.
')
After the creation of the project is completed, you can download the file with all the project data (ID, secret, etc.).
You must also enable the API. To do this, go to console.developers.google.com/apis/ , select the required API from the list and in the opened tab click “Enable API”. That's it, the first step is over.
To access the API, you need to get access tokens according to the OAuth 2.0 standard. This, perhaps, was the most difficult for me. Understanding how, where and what requests to send, in what order is not so easy.
To get tokens that I could later use in my program, I used an extension for Firefox called HTTPRequester.
1. Get the code
At this step, the user is prompted for access. Request example (some data from my application is simply replaced with *):
More about some parameters:
scope is the service we are accessing. For contacts, it's www.google.com/m8/feeds . For a list of addresses of various services, follow the link developers.google.com/identity/protocols/googlescopes ;
access_type is an access type. If you need to update tokens without user intervention, be sure to use the value offline. It is also possible the value is online, but when it is selected, it will be necessary each time to request permission from the user in the browser;
redirect_uri and client_id - data that is specified in the project file that was downloaded in the first stage;
When executing this GET request, the permissions page will appear:
If you click "Allow", you will receive a code that looks something like this (* - replacing my data):
4 / iLcXnhpU8NvMHT5aTy8JjXhcROERzkvKq ********
2. Get tokens
To receive authorized access tokens, you must send a POST request to the address
www.googleapis.com/oauth2/v4/token ( Required content request must be application / x-www-form-urlencoded).
The request body must contain the following parameters:
Where
code - data obtained in the previous step;
grant_type is a required parameter that should be equal to “authorization_code” (not any authorization code, but exactly so, in letters - authorization_code).
You will receive the answer in JSON format, which will contain the access token and the access token update token.
Sample answer:
3. Update access token
The access token (access_token) is valid for a limited time specified in the expires_in parameter. After the expiration date, the access token can be updated by refreshing token (refresh_token).
To do this, you must make a POST request to www.googleapis.com/oauth2/v4/token ( Required , the content-type of the request must be application / x-www-form-urlencoded).
Request body:
In response, again in JSON format, you will receive a new access token.
All the data obtained can be used to perform your tasks. All that was written above is application authorization using the OAuth 2.0 protocol. Further, to perform authorized requests, you need to pass an access token in the parameters (http: //google..................com/? Access_token = ya.23 ****** ***********).
For my task, I needed only three actions: Add contact, get contact list and delete contact.
1. Getting a list of contacts
To get a list of contacts, just send a GET request with parameters. Request example:
www.google.com/m8/feeds/contacts/gmm ********@gmail.com/full?access_token=ya29.GlwbBFzl0uXJG6yt_Wdgr6vI4KJ88Djw85H***************** **************************************.
In response, you can parse the data and get the number of contacts, their description and their ID.
gmm**********@gmail.com - the address of my account.
2. Adding contacts
To add contacts to the address book, you must send a POST request with an access token in the parameters. ( Required content request must be application / atom + xml). Request example:
www.google.com/m8/feeds/contacts/gmm *********@gmail.com/full?access_token=ya29.GlwYBLz6AgOE9Xs**************** ************************************************= **********.
Request body (taken from google documentation):
We leave the whole structure the same, changing only personal data (name, number, etc.).
3. Delete contact
To delete a contact, you need to know its ID (you can get it either in response when adding a contact or when you receive the entire list of contacts) and send a DELETE request.
IMPORTANT! In the header of the request it is necessary to add the If-Match parameter and set its value as *. Without this, delete the contact will not work.
Request example:
www.google.com/m8/feeds/contacts/gmm ***@gmail.com/base/5a5415d78e677387?access_token=ya29.GlwYBLz6AgOE9Xsnt8Z1raYaa3fB********************* *
5a5415d78e677387 - Contact ID.
Original google docs:
→ Using OAuth 2.0 for Web Server Applications.
→ Google Contacts API.
That's all, I will be very happy if someone useful article. Personally, to me, the person who first encountered the google API, it was quite difficult to deal with all this.
First part. Application creation and configuration
So, specifically for my purposes, you had to use the Contacts API. Go to your google account in which we want to enable the API. Follow the link
console.developers.google.com/iam-admin/projects and click "Create Project":
Then we do everything that Google offers, without turning anywhere. Name the project, etc.
')
After the creation of the project is completed, you can download the file with all the project data (ID, secret, etc.).
You must also enable the API. To do this, go to console.developers.google.com/apis/ , select the required API from the list and in the opened tab click “Enable API”. That's it, the first step is over.
The second part of. Getting tokens
To access the API, you need to get access tokens according to the OAuth 2.0 standard. This, perhaps, was the most difficult for me. Understanding how, where and what requests to send, in what order is not so easy.
To get tokens that I could later use in my program, I used an extension for Firefox called HTTPRequester.
1. Get the code
At this step, the user is prompted for access. Request example (some data from my application is simply replaced with *):
https://accounts.google.com/o/oauth2/v2/auth?scope=https://www.google.com/m8/feeds&access_type=offline&include_granted_scopes=true&redirect_uri=urn:ietf:wg:oauth:2.0:oob&response_type=code&client_id=921647******-l5jcha3bt7r6q******bhtsgk*****um6.apps.googleusercontent.com More about some parameters:
scope is the service we are accessing. For contacts, it's www.google.com/m8/feeds . For a list of addresses of various services, follow the link developers.google.com/identity/protocols/googlescopes ;
access_type is an access type. If you need to update tokens without user intervention, be sure to use the value offline. It is also possible the value is online, but when it is selected, it will be necessary each time to request permission from the user in the browser;
redirect_uri and client_id - data that is specified in the project file that was downloaded in the first stage;
When executing this GET request, the permissions page will appear:
If you click "Allow", you will receive a code that looks something like this (* - replacing my data):
4 / iLcXnhpU8NvMHT5aTy8JjXhcROERzkvKq ********
2. Get tokens
To receive authorized access tokens, you must send a POST request to the address
www.googleapis.com/oauth2/v4/token ( Required content request must be application / x-www-form-urlencoded).
The request body must contain the following parameters:
code=4/iLcXnhpU8NvMHT5aTy8JjXhcROERzkvKq********&client_id=921647******-l5jcha3bt7r6q******bhtsgk*****um6.apps.googleusercontent.com&client_secret=hi1W9GAKGer************&redirect_uri=urn:ietf:wg:oauth:2.0:oob&grant_type=authorization_code Where
code - data obtained in the previous step;
grant_type is a required parameter that should be equal to “authorization_code” (not any authorization code, but exactly so, in letters - authorization_code).
You will receive the answer in JSON format, which will contain the access token and the access token update token.
Sample answer:
3. Update access token
The access token (access_token) is valid for a limited time specified in the expires_in parameter. After the expiration date, the access token can be updated by refreshing token (refresh_token).
To do this, you must make a POST request to www.googleapis.com/oauth2/v4/token ( Required , the content-type of the request must be application / x-www-form-urlencoded).
Request body:
client_id=921647******-l5jcha3bt7r6q******bhtsgk*****um6.apps.googleusercontent.com&client_secret=hi1W9GAKGer************&refresh_token=1/rCIfgox0M7ul5uKHasqk****************&grant_type=refresh_token In response, again in JSON format, you will receive a new access token.
All the data obtained can be used to perform your tasks. All that was written above is application authorization using the OAuth 2.0 protocol. Further, to perform authorized requests, you need to pass an access token in the parameters (http: //google..................com/? Access_token = ya.23 ****** ***********).
Work with the Contacts API
For my task, I needed only three actions: Add contact, get contact list and delete contact.
1. Getting a list of contacts
To get a list of contacts, just send a GET request with parameters. Request example:
www.google.com/m8/feeds/contacts/gmm ********@gmail.com/full?access_token=ya29.GlwbBFzl0uXJG6yt_Wdgr6vI4KJ88Djw85H***************** **************************************.
In response, you can parse the data and get the number of contacts, their description and their ID.
gmm**********@gmail.com - the address of my account.
2. Adding contacts
To add contacts to the address book, you must send a POST request with an access token in the parameters. ( Required content request must be application / atom + xml). Request example:
www.google.com/m8/feeds/contacts/gmm *********@gmail.com/full?access_token=ya29.GlwYBLz6AgOE9Xs**************** ************************************************= **********.
Request body (taken from google documentation):
<atom:entry xmlns:atom="http://www.w3.org/2005/Atom" xmlns:gd="http://schemas.google.com/g/2005"> <atom:category scheme="http://schemas.google.com/g/2005#kind" term="http://schemas.google.com/contact/2008#contact"/> <gd:name> <gd:givenName>Elizabeth</gd:givenName> <gd:familyName>Bennet</gd:familyName> <gd:fullName>Elizabeth Bennet</gd:fullName> </gd:name> <atom:content type="text">Notes</atom:content> <gd:email rel="http://schemas.google.com/g/2005#work" primary="true" address="liz@gmail.com" displayName="E. Bennet"/> <gd:email rel="http://schemas.google.com/g/2005#home" address="liz@example.org"/> <gd:phoneNumber rel="http://schemas.google.com/g/2005#work" primary="true"> (206)555-1212 </gd:phoneNumber> <gd:phoneNumber rel="http://schemas.google.com/g/2005#home"> (206)555-1213 </gd:phoneNumber> <gd:im address="liz@gmail.com" protocol="http://schemas.google.com/g/2005#GOOGLE_TALK" primary="true" rel="http://schemas.google.com/g/2005#home"/> <gd:structuredPostalAddress rel="http://schemas.google.com/g/2005#work" primary="true"> <gd:city>Mountain View</gd:city> <gd:street>1600 Amphitheatre Pkwy</gd:street> <gd:region>CA</gd:region> <gd:postcode>94043</gd:postcode> <gd:country>United States</gd:country> <gd:formattedAddress> 1600 Amphitheatre Pkwy Mountain View </gd:formattedAddress> </gd:structuredPostalAddress> </atom:entry> We leave the whole structure the same, changing only personal data (name, number, etc.).
3. Delete contact
To delete a contact, you need to know its ID (you can get it either in response when adding a contact or when you receive the entire list of contacts) and send a DELETE request.
IMPORTANT! In the header of the request it is necessary to add the If-Match parameter and set its value as *. Without this, delete the contact will not work.
Request example:
www.google.com/m8/feeds/contacts/gmm ***@gmail.com/base/5a5415d78e677387?access_token=ya29.GlwYBLz6AgOE9Xsnt8Z1raYaa3fB********************* *
5a5415d78e677387 - Contact ID.
Original google docs:
→ Using OAuth 2.0 for Web Server Applications.
→ Google Contacts API.
That's all, I will be very happy if someone useful article. Personally, to me, the person who first encountered the google API, it was quite difficult to deal with all this.
Source: https://habr.com/ru/post/324982/
All Articles