I have developed a google apps script web app, in conjunction with an MIT App Inventor app, that will/should allow a user to access their own google drive/sheets/documents.
I am having trouble connecting to the web app through the Appinventor app's web component (not a webview), after the user had given their authorization to use the web app via their device's default browser (Chrome).
My Web App is connected to Google Cloud Console and has been verified by the Trust and Safety Team at Google. The app is set to "User who assesses the app" and "Anyone". I can't use the native webview in AppInventor, because Google blocked this off for authentication in 2016.
The web component offers GET/POST/PUT HTTP functions but I have no idea how to get the authorisation codes and tokens for a user in order to access the web app. (Note; the web app has no GUI, it simply receives GET requests and returns text/stringified json output for a range of functions.) I have been able to translate many curl examples in other situations to good effect with the web component, but not for 0Auth.
I have done my best to read up and use the offerings from Google on 0Auth, but just get lost halfway through, as always, nothing I do is quite the same as the examples or documentation provided.
How do I, therefore, construct HTTP GET URLs, with all the various authorization codes and tokens already in place, that will authorize the Web App to work for the user?
A simple request would be like this:
https://script.google.com/macros/s/AKfycbyZ_27nLOKi8ssX........Bz40yAbGfJt_TRswvm6zpY/exec?func=authenticate
which would return the text output "Authenticated"
With a web browser (Chrome) all of this is fairly straight forward for a user. If they are logged into their Google account in the browser they go to the URL provided for my web app, they will be asked to authenticate, and give my Web App access to their google account. Once accepted, 'magic' happens in the browser (any 'magic' happen at the web app end?), and as long as they stay logged in, they can use the browser to send GET requests (URLs with parameters) to the Web App and see the results returned in their browser. Happy days.
In my scenario, I do not have a suitable web browser capable of all of the above. I have a web component that can send GET/POST requests to web services, and handle the server responses. (think of it as a web 'terminal'). I can, therefore (hopefully) construct URLs with all the right content, codes, and parameters. Remember that this has to be straight forward for the user, who will not be interested in 'back end' activities, they will just want to use the app to do things on their google drive.
They need to, I guess, at the very least, perform the authentication in a web browser, to connect their Google account with the web app. Then with the web component connect to the web app using authorization codes and access tokens, as them (their google account) so that actions by the web app occur on their google drive. As stated above, the web app is set to "User who accesses the app" and "Anyone". This is the part I need help with. I do not understand what I need to do to connect the user to the web app without using a web browser.
This is the kind of thing I mean:
https://developers.google.com/gdata/articles/using_cURL
Your setting of Web Apps and goal is as follows.
Web Apps is deployed as Who has access to the app: Anyone.
You want to make users access to Web Apps.
Issue and solution:
In the current situation, there are the following situations for using Web Apps.
When the users access to the Web Apps by each browser, the users can access by logging in to each Google account.
When you want to make users access to the methods (for example, curl command and script) except for the browser, it is required to share the Google Apps Script project of Web Apps with the users.
Unfortunately, it seems that above situation is the current specification. I confirmed the change of this specification at April 11, 2018. Before this change, the users had been able to access to the Web Apps by the curl command and script with the access token without sharing the Google Apps Script project. By the change of specification, when the project is shared with the users, the users can access to Web Apps using the access token.
In this case, it is required to include the access token to the request headers. Because in the current stage, access_token=### as the query parameters cannot be used. Ref
Note:
From this situation, I think that when sharing the Google Apps Script project is not the direction you expect, in the current stage, the Web Apps with Who has access to the app: Anyone cannot be used by the method except for the browser.
References:
Taking advantage of Web Apps with Google Apps Script
Web Apps
I am new to apps-scripts and want anonymous users to access my web app script that is container bound to a spreadsheet.
The web app displays a form that collects information that the script stores in the containing spreadsheet, it works perfectly when I am logged into my google account, but when logged out the web app url displays a google login screen instead of my form.
I am struggling for the way to troubleshoot this. I have checked:
the script is deployed to execute as 'me' and with access by anyone + anonymous
I am using the 'exec' url
I have put the oauth scopes into the manifest and reduced scope as I can
I have approved the unverified app.
Here are some extra elements that I don't know whether they are causing issues or not:
I add a single query parameter to the web app exec url before sending it to the user for them to use anonymously.
I have a number of other functions in the script apart from the doget(), these process data from the web app form, write data to the containing spreadsheet and return some of it to the user. In the same script I also add a menu to the containing spreadsheet.
There seem very few ways to get logging or troubleshooting information for this problem - especially with container bound scripts. Can anyone with more experience please explain why this problem might occur and suggest how I can troubleshoot and resolve it? As I say the web app url works perfectly when I'm logged in, but when I'm logged out or in incognito mode I get a Google account sign in form. Thank you.
I solved this whilst creating a minimal reproducible example as requested.
The problem lay in my confusion over deployments, /exec, /dev and V8 versus rhino.
This answer about /dev /exec is very helpful.
What I discovered is:
/dev always asks you to login to your google account if you're not logged in in your browser e.g. incognito mode.
As commented there has been some confusion under what circumstances V8 getUrl() returns /dev or /exec.
My suggestions for troubleshooting this for an anonymous web app:
Be very careful when testing anonymous web app using /dev - it will always lead to login request
Check very carefully what getURL() is returning - in combination with whether you are using rhino or V8.
I solved my particular problem by 'downgrading' to rhino by putting into the manifest: "runtimeVersion": "DEPRECATED_ES5"
I have currently a simple Hello World Google App Script following Google Documentation
I published it, giving access to anyone on the internet (including anonymous users) and then get both a xxx/dev and xxx/exec urls (latter for "published versions" usage, latter for work in progress usage).
None of those URL are currently working when I call it in my Browser (or through a cURL command) :
Any idea on what could go wrong ?
Note : I already published some Google App Scripts in the past and they are still working today. It is as if my "new" google app scripts was not getting published.
This could be because you are logged into multiple Google accounts. Try:
deleting the "u/0" from the URL
signing out of all of your Google accounts, and back into just one
trying the /exec in an "incognito" window
The web application has been running fine with no pushes to live site for three weeks and is suddenly not working. There are no error messages.
The /exec live site is not working.
The /dev site was working but as soon as I saved a change to it, it stopped working.
A national team relies on this application daily.
What are my options for troubleshooting?
Is there a place to view status for this service?
The app is provided through Google Apps for business.
(Edit: For context, as a developer I don't have access to support for Google Apps (but the IT department do and aren't open for a few hours), hence this query to see what others had done to troubleshoot in a similar situation)
I'm trying to develop a simple web app using google script web app service and access it from another script using the UrlFetch service.
My problem is that in order to try the code on my web app I have to publish a new version every time because trying to access to the dev URL returns returns and HTML file telling me to sign in even though I've set the permissions for the web app to everyone, including anonymous (if I hit the production URL it does work, though).
I'm assuming that Google is limiting the access to the dev URL for security reasons but can someone shed a light on that assumption?
PS: I don't know if this is relevant but my google account is in a Google Apps for Education domain
Edit
I've found a method to avoid publishing the application for each code change: instead of calling it from the UrlFetch service, I've created a function in the web App code that does call the doPost or the doGet method (I've to create the request param, but that's easy) and I've changed the end of the script to log the result insted of returing it to the client. When the application will be ready, I can publish and develop the client using the UrlFetch.
Anyhow, if anyone knows about the limitation of the dev URL that would be great!
your assumption is correct, the dev url ignores your publishing permissions on purpose, only the developer has access to that url.
you could accomplish what you want using libraries. move the code in your called script to a library and add it to that script as "development mode" and publish your script service.
changing library code should also change your service because its on development mode.
Note that this can easily break your app if you save partial code changes, and makes it hard to test your changed code unless you make all changes and tests in a separate script copy. Making several changes at once in multiple apps script editor files is possible with their "Save all" File menu command (after manually pasting all code changes from your tested copy).