apps-script-oauth2
apps-script-oauth2 copied to clipboard
Published
20 hours ago •
googleworkspace
googleworkspace
The state token is invalid or has expired. Please try again.
Connecting to non-Google Service from a Gmail add-on using OAuth2. In the resource server part use Laravel Passport (here's an example of using Laravel Passport). Getting "The state token is invalid or has expired. Please try again." error when click Authorize after filling login and password.
Here's my code:
function accessProtectedResource(url, method_opt, headers_opt) {
var service = getOAuthService();
var maybeAuthorized = service.hasAccess();
if (maybeAuthorized) {
// A token is present, but it may be expired or invalid. Make a
// request and check the response code to be sure.
// Make the UrlFetch request and return the result.
var accessToken = service.getAccessToken();
var method = method_opt || 'get';
var headers = headers_opt || {};
headers['Authorization'] =
Utilities.formatString('Bearer %s', accessToken);
var resp = UrlFetchApp.fetch(url, {
'headers': headers,
'method' : method,
'muteHttpExceptions': true, // Prevents thrown HTTP exceptions.
});
var code = resp.getResponseCode();
if (code >= 200 && code < 300) {
return resp.getContentText("utf-8"); // Success
} else if (code == 401 || code == 403) {
// Not fully authorized for this action.
maybeAuthorized = false;
} else {
// Handle other response codes by logging them and throwing an
// exception.
console.error("Backend server error (%s): %s", code.toString(),
resp.getContentText("utf-8"));
throw ("Backend server error: " + code);
}
}
if (!maybeAuthorized) {
// Invoke the authorization flow using the default authorization
// prompt card.
CardService.newAuthorizationException()
.setAuthorizationUrl(service.getAuthorizationUrl())
.setResourceDisplayName("Display name to show to the user 321")
.throwException();
}
}
function getOAuthService() {
return OAuth2.createService('Test Gmail add-on2')
.setAuthorizationBaseUrl('https://example.com/oauth/authorize')
.setTokenUrl('https://example.com/oauth/token')
.setClientId(4)
.setClientSecret('qwerty_client_secret')
.setScope('')
.setCallbackFunction('authCallback')
.setParam('response_type', 'code')
.setParam('state', getCallbackURL('authCallback'))
.setCache(CacheService.getUserCache())
.setPropertyStore(PropertiesService.getUserProperties());
}
function getCallbackURL(callbackFunction) {
// IMPORTANT: Replace string below with the URL from your script, minus the /edit at the end.
var scriptUrl = 'https://script.google.com/macros/d/qwertyuyuioplkjjhggsdfgfgs';
var urlSuffix = '/usercallback?state=';
var stateToken = ScriptApp.newStateToken()
.withMethod(callbackFunction)
.withTimeout(120)
.createToken();
return scriptUrl + urlSuffix + stateToken;
}
function authCallback(callbackRequest) {
var authorized = getOAuthService().handleCallback(callbackRequest);
if (authorized) {
return HtmlService.createHtmlOutput(
'Success! <script>setTimeout(function() { top.window.close() }, 1);</script>');
} else {
return HtmlService.createHtmlOutput('Denied');
}
}
function resetOAuth() {
getOAuthService().reset();
}
And this is my application.json file content:
{
"timeZone": "America/New_York",
"exceptionLogging": "STACKDRIVER",
"runtimeVersion": "V8",
"dependencies": {
"libraries": [
{
"userSymbol": "OAuth2",
"version": "41",
"libraryId": "1B7FSrk5Zi6L1rSxxTDgDEUsPzlukDsi4KGuTMorsTQHhGBzBkMun4iDF"
}
]
},
"oauthScopes": [
"https://www.googleapis.com/auth/script.external_request",
"https://www.googleapis.com/auth/gmail.addons.execute"
],
"addOns": {
"common": {
"name": "Giftsenda",
"logoUrl": "https://www.giftsenda.com/favicon.ico",
"layoutProperties": {
"primaryColor": "#006699"
},
"homepageTrigger": {
"runFunction": "onHomepage"
}
},
"gmail": {}
}
}
This is error link with two state query parameter - https://script.google.com/a/macros/domain.com/d/SCRIPT_ID/usercallback?code=SOME_CODE&state=https%3A%2F%2Fscript.google.com%2Fmacros%2Fd%2F1Y4O73MuraCLhHstyykqNcA5SYtyiwQvYeFaJWdPJOtxWY57cj0WLDKEh%2Fusercallback%3Fstate%3SOME_LONG_HASH
