Google Drive Api Authentication - Make Authentication On Client?

I am calling the following code on my back end when a user want to access their google drive through my service. public static DriveService GetService(string app_userID) {

Solution 1:

Well, this is how I finally solved it.

The authentication must be done on the client side and therefore also implemented in the java script code. The authentication will result in an authentication code.

Since I do my implementation in vue I used this library: vue-google-oauth2

If you want to implement in javascript directly this tutorial may help (first part up until you get the "code").

The authentication code can be used once for requesting access token. The authentication code needs to be passed to the backend server, in this case by using the API implemented in ASP.NET.

On the backend side I used this library together with this implementation. The only exception is that I set the redirect_uri to "postmessage". With that approach I can get the access token without using a redirect_uri. Not sure of the purpose of redirect_uri. However, no redirect_uri needs to be set in the Google console when using "postmessage".

I used the same clientID on both the server and on the web client. It worked fine but I am not sure if that is how it is supposed to be.

Finally, you need to understand oauth2 to some degree in order to be able to implement oauth2. The diagram at the bottom on this page give a quite good overview. However, if you plan to implement this in a real production environment you should make sure that you master the topic or get help from someone that do.