![\"Web](\"https:\/\/www.botreetechnologies.com\/blog\/wp-content\/uploads\/2020\/12\/Web-based-authorization.png\")
<\/figure>\n<\/div>\n\n\nToday we will see how to achieve Web-based authorization. There are two ways with the help of which we can implement this.<\/p>\n\n\n\n
Checkout: Top 12 Website Examples Built with Ruby on Rails<\/a><\/strong><\/p><\/blockquote>\n\n\n\n
How to do it?<\/h2>\n\n\n\n
With auth_url<\/b><\/p>\n\n\n\n
- When the application needs to access a user’s data, redirect the user to Google’s OAuth 2.0 server, Google’s OAuth 2.0 server authenticates the user and obtains consent from the user for your application to access the requested scopes. The response is sent back to your application using the redirect URL you specified.<\/li>
- But here user intervention is frequently required to grant your application the requested access<\/li><\/ul>\n\n\n\n
With Long-lasting refresh token<\/h3>\n\n\n\n
- Access token expires in every 60 min, so you need to refresh it every time. We can get long-lasting refresh token and use it to generate new access token as and when we need.<\/li>
- unlike auth_url<\/i> option, frequent user intervention is also not required here<\/li><\/ul>\n\n\n\n
Today We will be looking at, how authorization can be implemented with long lasting refresh token. So here we Go! We will use the Google API client Ruby to see how long lasting refresh token can be used.<\/em><\/p><\/blockquote>\n\n\n\n
Step-1: Create a Web app and obtain refresh token and other credentials.<\/b><\/p>\n\n\n\n
This can be done with the Oauth2 Playground at https:\/\/developers.google.com\/oauthplayground<\/a>.<\/p>\n\n\n\n
Then,<\/p>\n\n\n\n
- Create the Google Account (eg. my.drive.app@gmail.com)<\/li>
- Use the API console to register the mydriveapp (https:\/\/console.developers.google.com\/apis\/credentials\/oauthclient?project=mydriveapp<\/a> or just https:\/\/console.developers.google.com\/apis\/<\/a>)<\/li>
- Create a new set of credentials (NB OAuth Client ID<\/i> not<\/b> Service Account Key<\/i> and then choose “Web Application” from the selection)<\/li>
- Include https:\/\/developers.google.com\/oauthplayground<\/a> as a valid redirect URI<\/li>
- Note the client ID (web app) and Client Secret<\/li>
- Login as my.drive.app@gmail.com<\/li>
- Go to Oauth2 playground<\/li>
- In Settings (gear icon), set\n
\n
- Oauth flow: server<\/li>\n
- Access type: offline<\/li>\n
- Use your own OAuth credentials: TICK<\/li>\n
- Client Id and Client Secret: from step 5<\/li>\n<\/ul>\n<\/li>
- Click Step 1 and choose Drive API https:\/\/www.googleapis.com\/auth\/drive<\/a> (having said that, this technique also works for any of the Google APIs listed).<\/li>
- Click Authorize APIs. You will be prompted to choose your Google account and confirm access<\/li>
- Click Step 2 and “Exchange Authorization code for tokens”.<\/li>
- Copy the returned Refresh Token and paste it into your app, source code or into some form of storage from where your app can retrieve it.<\/li><\/ol>\n\n\n\n
Now we have our credentials Client Id, Client Secret and refresh token with us from the Google API client library for Ruby.<\/p>\n\n\n\n
Lets write some ruby code to get it to work…<\/p><\/blockquote>\n\n\n\n
Here we will be using the googleauth<\/em> library, so create a simple Google API client ruby file and include this library.<\/p>\n\n\n\n
require \"googleauth\"<\/code><\/p><\/blockquote>\n\n\n\nNow we have to create an instance of
Google::Auth::UserRefreshCredentials<\/code><\/i> so set credentials for our user,<\/p>\n\n\n\n