SYNOPSIS

Script to create an OAuth2 token that can be stored and used later to authorize REST API access to your Google account.

Based on code from https://gist.github.com/hexaddikt/6738162

INITIAL GOOGLE CLOUD SETUP

Before running this script you need a Google Cloud project with OAuth credentials and the relevant APIs enabled. This is a one-time setup per project.

1. Create a Google Cloud Project

Go to https://console.cloud.google.com and sign in.
Click the project dropdown at the top and select New Project.
Give it a name and click Create.

2. Enable the APIs You Need

In the left menu go to APIs & Services > Library.
Search for and enable each API you intend to use. For this package the relevant APIs are:
- Google Drive API
- Google Sheets API
- Google Calendar API
- Google Docs API
- Gmail API
- Tasks API
You only need to enable the APIs you actually plan to use. Each failing scope check test will print the exact Cloud Console URL to enable that specific API.

Go to APIs & Services > OAuth consent screen.
Choose External and click Create.
Fill in the required fields (app name, support email) and click Save and Continue through the remaining steps.
On the Test users page, add the Google account(s) you will use for testing. Only listed users can authorise your app while it remains in Testing mode.

4. Create OAuth Credentials

Go to APIs & Services > Credentials.
Click + Create Credentials and select OAuth client ID.
Choose Desktop app, give it a name, and click Create.
Copy the Client ID and Client Secret shown in the confirmation dialog.

5. Create a Config File

Create a YAML file with your credentials. If the config file is shared with other applications, nest the Google::RestApi configuration under an optional google_restapi top-level key; otherwise place it at the root:

---
# shared config — google_restapi section is used by this package:
google_restapi:
    auth:
        class: OAuth2Client
        client_id: <client-id-from-google>
        client_secret: <client-secret-from-google>
        token_file: <filename-for-the-stored-token>  # bare filename (resolved against the config file's directory) or an absolute path
        scope:
            - https://www.googleapis.com/auth/drive
            - https://www.googleapis.com/auth/spreadsheets
            # add further scopes as needed:
            # - https://www.googleapis.com/auth/calendar
            # - https://www.googleapis.com/auth/documents
            # - https://www.googleapis.com/auth/gmail.modify
            # - https://www.googleapis.com/auth/tasks
other_app:
    some_key: some_value

# or, without the google_restapi wrapper (root-level config):
---
auth:
    class: OAuth2Client
    client_id: <client-id-from-google>
    client_secret: <client-secret-from-google>
    token_file: <filename-for-the-stored-token>
    scope:
        - https://www.googleapis.com/auth/drive
        - https://www.googleapis.com/auth/spreadsheets

The scope list controls which Google APIs the token is authorised to access. Only include the scopes for APIs you actually use — requesting unnecessary scopes may cause Google to show a warning during authorisation. If omitted, a minimal default scope is used (userinfo only).

If token_file is a bare filename it is written to the same directory as the config file; if it is an absolute path it is written there directly. The same config file is used by this package at runtime to access the Google APIs.

6. Run This Script

perl bin/google_restapi_oauth_token_creator /path/to/your/config.yaml

Follow the prompts:

Copy the printed URL and paste it into a browser.
Log in to your Google account if prompted, then click Allow.
Copy the authorisation code from the resulting page and paste it back into the terminal.

The script will store the token and then run a scope check to confirm that all enabled APIs are reachable. Any failing check will print the Cloud Console URL needed to enable that API.

7. Use the Token

use Google::RestApi;
my $rest_api = Google::RestApi->new(config_file => '/path/to/your/config.yaml');

See Google::RestApi for further details.

RE-RUNNING THE SCOPE CHECK

If you enable additional APIs later and want to verify without re-creating the token, run:

GOOGLE_RESTAPI_CONFIG=/path/to/your/config.yaml \
  TEST_CLASS='Test::Google::RestApi::ScopeCheck' \
  prove -v t/run_unit_tests.t

This requires a cloned copy of the repository. See the NOTE printed by this script if the test file is not found.

1 POD Error

The following errors were encountered while parsing the POD:

Around line 268:: Non-ASCII character seen before =encoding in '—'. Assuming UTF-8

To install Google::RestApi, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Google::RestApi

CPAN shell

perl -MCPAN -e shell
install Google::RestApi

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	Go to GitHub issues (only if GitHub is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)