astrada/gd-ocaml-auth

instructions on how to set this up on a server

lcanali opened this issue · 7 comments

We'd like to try and host this on one of our own servers, but need instructions on hwo to do so.

thanks!

This app is used exclusively to authorize google-drive-ocamlfuse access to Drive API. You'd probably want to use your own client_id/client_secret (check https://github.com/astrada/google-drive-ocamlfuse/wiki/Authorization#alternative-authorization-mode or https://github.com/astrada/google-drive-ocamlfuse/wiki/Headless-Usage-%26-Authorization).

Alternative-authroization-mode sounds like it's the way to go. Just not familiar with oauth2. How does the OAuth2 client ID and client secret work with everything? Is it still one authentication point for multiple users? We would have multiple users authenticating against their individual google accounts that we don;t have control of - exactly the type of setup you have with your server

Client ID/secret identify an application, and when a user authorizes the application to access its resources (e.g. Google Drive), Google returns a refresh token that's associated to that client ID. Client ID and refresh token are used together to obtain an access token that allows an application to access user's resources.

Ok, I see. So the clientID and secret are something that needs to be self-generated on the client side and should both be unique. So they are arbitrary and live for the life of the connected session to Google.
Correct?

No, client ID and secret are generated from Google Cloud Console (https://cloud.google.com/endpoints/docs/frameworks/java/creating-client-ids, click on Web Client) once per application. They are used to get refresh tokens (refresh tokens are per user). Refresh tokens are used to get access tokens (that are per session).

After looking at this further, I think the easiest thing to do would be to host our own GAE server. I know the source code is located here https://github.com/astrada/gd-ocaml-auth but do you have installation instructions available? Also, what would need to be changed on the client side to point to our own GAE server? thx!

do you have installation instructions available?

No, but dependencies are embedded, so it should work as is.

Also, what would need to be changed on the client side to point to our own GAE server? thx!

The proxy is referenced here: https://github.com/astrada/google-drive-ocamlfuse/blob/beta/src/gaeProxy.ml#L6