Open tekacs opened 2 years ago
sergioeliot2039
commented
2 years ago Integrating Google Keep requires to use OAuth 2.0 protocol for authentication. Check Google Keep quickstart. This links to Google''s Authentication and authorization overview which discusses Oauth 2.0 authentication
sergio-eliot-rodriguez
commented
9 months ago We are blocked on a known issue with Google Keep API's OAuth, where its scope can't be surfaced to the Google OAuth consent at the moment.
Context from this slack thread:
there is an issue with Google not enabling Google Keep's scopes to be able to appear in the OAuth consent screen. According to this article Google keep api responds with invalid scope when using documented scopes, this is a known bug: In both instances I get the following error message As you can see from the error message this the library is passing the proper scope as documented. Its the Google keep api itself that is refusing the scope. In my opinion this is a bug in the api and i have posted an issue on the issue tracker 210500028 ... ... Google has now verified this as a bug. And are investigating internally. The alternative is to have PD users have a service account to access this API. This would be made accessing the APi without user interaction: Service Account: As an Administrator you can grant domain wide delegation to a service account and that service account issues calls impersonating the user, in this case your own account as that's what your goal is. This is an extremely privileged call given that the users don't explicitly need to authenticate themselves. When you use this authorization method you need to allow it on your Admin console.
Now, while using a service account is a workaround in general for Google Keep developers, internal at Pipedream we are blocked because using service account requires a preflight signature, which currently is not supported by the submit an app ui, used to submit new apps to the Pipedream app store, thus, using services account to access Google Keep can't be easily done at Pipedream, the present moment.
Like mentioned, when checking the details, I found out preflight signing is required. It's totally possible, not easily, not in current submit an app ui. For reference, here is an SO article on how to authenticate with Google service account and Postman. https://stackoverflow.com/questions/55205823/how-to-authenticate-with-google-service-account-credentials-using-postman-and-ht That links based in this medium tutorial. https://medium.com/kinandcartacreated/google-authentication-with-postman-12943b63e76a On top, based on this gist: https://gist.github.com/dinvlad/425a072c8d23c1895e9d345b67909af0
TLDR; Google Keep blocked OAuth 2.0 strategy --- Google bug with Google Keep scopes Service Accounts (API Key strategy + preflight signature) --- Requires pre flight signature, not supported by Pipedream at the moment API Keys -- Not supported by Google
Name of app / service
Google Keep
Link to developer documentation
https://developers.google.com/keep/api/reference/rest/
Is lack of support preventing you from building workflows, or do you have a workaround?
Without building a source here, there isn't really a way to request the scopes associated with Google Keep via OAuth... I think? So I'm stopping until this is done, currently.
Are there specific actions, or triggers, you'd like to see for this app? Please let us know here or use the Action and Trigger issue templates to open requests for each!
I can take the rest manually once an integration exists, but there's only a tiny handful of endpoints, so I'd suggest wrapping those!