مكتبة OAuth2.0
تنظيم صفحاتك في مجموعات
يمكنك حفظ المحتوى وتصنيفه حسب إعداداتك المفضّلة.
إنشاء عنصر للطلبات المفوَّضة من OAuth2
/**
* Simple library for sending OAuth2 authenticated requests.
* See: https://developers.google.com/google-ads/scripts/docs/features/third-party-apis#oauth_2
* for full details.
*/
/**
* Adds a OAuth object, for creating authenticated requests, to the global
* object.
*/
(function(scope) {
/**
* Creates an object for making authenticated URL fetch requests with a
* given stored access token.
* @param {string} accessToken The access token to store and use.
* @constructor
*/
function OAuth2UrlFetchApp(accessToken) { this.accessToken_ = accessToken; }
/**
* Performs an HTTP request for the given URL.
* @param {string} url The URL to fetch
* @param {?Object=} options Options as per UrlFetchApp.fetch
* @return {!HTTPResponse} The HTTP Response object.
*/
OAuth2UrlFetchApp.prototype.fetch = function(url, opt_options) {
const fetchOptions = opt_options || {};
if (!fetchOptions.headers) {
fetchOptions.headers = {};
}
fetchOptions.headers.Authorization = 'Bearer ' + this.accessToken_;
return UrlFetchApp.fetch(url, fetchOptions);
};
/**
* Performs the authentication step
* @param {string} tokenUrl The endpoint for use in obtaining the token.
* @param {!Object} payload The authentication payload, typically containing
* details of the grant type, credentials etc.
* @param {string=} opt_authHeader Client credential grant also can make use
* of an Authorisation header, as specified here
* @param {string=} opt_scope Optional string of spaced-delimited scopes.
* @return {string} The access token
*/
function authenticate_(tokenUrl, payload, opt_authHeader, opt_scope) {
const options = {muteHttpExceptions: true, method: 'POST', payload: payload};
if (opt_scope) {
options.payload.scope = opt_scope;
}
if (opt_authHeader) {
options.headers = {Authorization: opt_authHeader};
}
const response = UrlFetchApp.fetch(tokenUrl, options);
const responseData = JSON.parse(response.getContentText());
if (responseData && responseData.access_token) {
const accessToken = responseData.access_token;
} else {
throw Error('No access token received: ' + response.getContentText());
}
return accessToken;
}
/**
* Creates a OAuth2UrlFetchApp object having authenticated with a refresh
* token.
* @param {string} tokenUrl The endpoint for use in obtaining the token.
* @param {string} clientId The client ID representing the application.
* @param {string} clientSecret The client secret.
* @param {string} refreshToken The refresh token obtained through previous
* (possibly interactive) authentication.
* @param {string=} opt_scope Space-delimited set of scopes.
* @return {!OAuth2UrlFetchApp} The object for making authenticated requests.
*/
function withRefreshToken(
tokenUrl, clientId, clientSecret, refreshToken, opt_scope) {
const payload = {
grant_type: 'refresh_token',
client_id: clientId,
client_secret: clientSecret,
refresh_token: refreshToken
};
const accessToken = authenticate_(tokenUrl, payload, null, opt_scope);
return new OAuth2UrlFetchApp(accessToken);
}
/**
* Creates a OAuth2UrlFetchApp object having authenticated with client
* credentials.
* @param {string} tokenUrl The endpoint for use in obtaining the token.
* @param {string} clientId The client ID representing the application.
* @param {string} clientSecret The client secret.
* @param {string=} opt_scope Space-delimited set of scopes.
* @return {!OAuth2UrlFetchApp} The object for making authenticated requests.
*/
function withClientCredentials(tokenUrl, clientId, clientSecret, opt_scope) {
const authHeader =
'Basic ' + Utilities.base64Encode([clientId, clientSecret].join(':'));
const payload = {
grant_type: 'client_credentials',
client_id: clientId,
client_secret: clientSecret
};
const accessToken = authenticate_(tokenUrl, payload, authHeader, opt_scope);
return new OAuth2UrlFetchApp(accessToken);
}
/**
* Creates a OAuth2UrlFetchApp object having authenticated with OAuth2 username
* and password.
* @param {string} tokenUrl The endpoint for use in obtaining the token.
* @param {string} clientId The client ID representing the application.
* @param {string} username OAuth2 Username
* @param {string} password OAuth2 password
* @param {string=} opt_scope Space-delimited set of scopes.
* @return {!OAuth2UrlFetchApp} The object for making authenticated requests.
*/
function withPassword(tokenUrl, clientId, username, password, opt_scope) {
const payload = {
grant_type: 'password',
client_id: clientId,
username: username,
password: password
};
const accessToken = authenticate_(tokenUrl, payload, null, opt_scope);
return new OAuth2UrlFetchApp(accessToken);
}
/**
* Creates a OAuth2UrlFetchApp object having authenticated as a Service
* Account.
* Flow details taken from:
* https://developers.google.com/identity/protocols/OAuth2ServiceAccount
* @param {string} tokenUrl The endpoint for use in obtaining the token.
* @param {string} serviceAccount The email address of the Service Account.
* @param {string} key The key taken from the downloaded JSON file.
* @param {string} scope Space-delimited set of scopes.
* @return {!OAuth2UrlFetchApp} The object for making authenticated requests.
*/
function withServiceAccount(tokenUrl, serviceAccount, key, scope) {
const assertionTime = new Date();
const jwtHeader = '{"alg":"RS256","typ":"JWT"}';
const jwtClaimSet = {
iss: serviceAccount,
scope: scope,
aud: tokenUrl,
exp: Math.round(assertionTime.getTime() / 1000 + 3600),
iat: Math.round(assertionTime.getTime() / 1000)
};
const jwtAssertion = Utilities.base64EncodeWebSafe(jwtHeader) + '.' +
Utilities.base64EncodeWebSafe(JSON.stringify(jwtClaimSet));
const signature = Utilities.computeRsaSha256Signature(jwtAssertion, key);
jwtAssertion += '.' + Utilities.base64Encode(signature);
const payload = {
grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer',
assertion: jwtAssertion
};
const accessToken = authenticate_(tokenUrl, payload, null);
return new OAuth2UrlFetchApp(accessToken);
}
scope.OAuth2 = {
withRefreshToken: withRefreshToken,
withClientCredentials: withClientCredentials,
withServiceAccount: withServiceAccount,
withPassword: withPassword
};
})(this);
إنّ محتوى هذه الصفحة مرخّص بموجب ترخيص Creative Commons Attribution 4.0 ما لم يُنصّ على خلاف ذلك، ونماذج الرموز مرخّصة بموجب ترخيص Apache 2.0. للاطّلاع على التفاصيل، يُرجى مراجعة سياسات موقع Google Developers. إنّ Java هي علامة تجارية مسجَّلة لشركة Oracle و/أو شركائها التابعين.
تاريخ التعديل الأخير: 2025-05-01 (حسب التوقيت العالمي المتفَّق عليه)
[[["يسهُل فهم المحتوى.","easyToUnderstand","thumb-up"],["ساعَدني المحتوى في حلّ مشكلتي.","solvedMyProblem","thumb-up"],["غير ذلك","otherUp","thumb-up"]],[["لا يحتوي على المعلومات التي أحتاج إليها.","missingTheInformationINeed","thumb-down"],["الخطوات معقدة للغاية / كثيرة جدًا.","tooComplicatedTooManySteps","thumb-down"],["المحتوى قديم.","outOfDate","thumb-down"],["ثمة مشكلة في الترجمة.","translationIssue","thumb-down"],["مشكلة في العيّنات / التعليمات البرمجية","samplesCodeIssue","thumb-down"],["غير ذلك","otherDown","thumb-down"]],["تاريخ التعديل الأخير: 2025-05-01 (حسب التوقيت العالمي المتفَّق عليه)"],[[["Provides a simplified library for sending OAuth2-authenticated HTTP requests within Google Apps Script."],["Offers different authentication methods including refresh token, client credentials, service account and password."],["Uses `UrlFetchApp` to perform the actual HTTP requests after obtaining an access token."],["Abstracts away the complexity of OAuth2 authentication flows for various use cases."],["Returns an `OAuth2UrlFetchApp` object enabling authorized requests with the access token."]]],[]]
