Update the authentication and API calls to use new Google service and Auth

[agstephens]

The problem

amf-check-writer worked with an old Google Auth service which has been retired.

It used to work like this:

git clone https://github.com/ncasuk/amf-check-writer
cd amf-check-writer/
pip install -r requirements.txt
pip install -e . --no-deps

# then you would follow Google's instructions to set up a `client-secret.json` file with your auth keys from your Google Account

download-from-drive -v v2.0 -s ../client-secret.json josh-demo-outputs
# would download the spreadsheets and process them

The solution

• [ ] Read the Google docs on how to set up access to reading from the Google Drive/Sheets APIs.
• [ ] Get some code that works
• [ ] Re-engineer the amf-check-writer code so that download-from-drive does what it should (using the new authz APIs)

https://developers.google.com/identity/protocols/oauth2/resources/oob-migration

[joshua-hampton]

My afternoon's reading has discovered the following:

1. What Google has deprecated: the manual copy/paste authentication, where the user copies the URL from the console into a web browser, the user authenticates in the web browser and is given an authorisation code, which they then paste back into the console. Apparently, this was too easy to use for bad things.
2. Google recommends using one of its API client libraries, e.g. google-api-python-client; however, at the time of writing using the 'in console' authentication method through there still has the same error.
3. By removing a couple of lines and having the application open a local browser, the authentication still works. This is not ideal for use on a remote machine. An option could be to replace the --noauth_local_webserver flag with --auth_host_port and specify a port on which to run the authentication, which could be tunnelled through to the local machine when ssh'ing in. I have not tested it, but as it is mentioned here I assume it would work.