Tag Archives: ruby

Google Apps API and Ruby – Part 2

My last post dealt with calling Google Apps API methods from a Ruby script.  I had hoped that I’d be able to do everything I needed with RESTful methods, but after a short while it became increasingly difficult, and I had to resign to using the Google API client GEM.  Initially I was resistant to using the pre-packaged solution as I like to know what’s going on under-the-hood when I’m interfacing with something, but it became apparent that the advantages to using the GEM far outweighed the simplicity of RESTful calls, especially with some of the APIs that I was going to be interfacing with.

As it turns out there are some very good reasons to use the google-api-client gem.  Since you can easily inspect the object’s methods and properties you can determine all the methods associated with an API.  For instance, to get the methods available for the version 3 Calendar api, once you’ve created a client object do the following:

api = client.discovered_api('calendar', 'v3')
puts api.methods

Nice right?

Even more useful is the ability to determine the APIs available, and their version numbers:

puts "Title \t ID \t Preferred"
client.discovered_apis.each do |gapi|
  puts "#{gapi.title} \t #{gapi.id} \t #{gapi.preferred}"
end

And that gives you a great start for attacking the Google API documentation.

There are some additional differences for creating a client connection.  You’ll need to have a private key file accessible to your script, on top of the usual server-side configurations.  You’ll also need to check out the advantages of using a “service account client”, which allow you to run API calls as a specific user, which is extremely useful when dealing with the somewhat flawed Google Apps access security model.

RESTful Google APIs, OAuth2, and Ruby

So you’re all excited to find out that the new Google APIs use RESTful methods, GET, PUT, PATCH, DELETE, etc.  And you’ve done some simple tests with calls that only require an inline key.  Everything looks good.  Now you want to do some scripting with Ruby, but all the examples on the Google site use the “google/api_client” gem, and that’s not very RESTful, even if it does bundle the OAuth2 class in it.

So task number one is to deal with OAuth2.  OAuth2 looks like a pain.  You’ve got to register your application, get a client key and secret code, use that to make an HTTP request for a token, and it all looks a little manual. You can read all about it elsewhere, but if you want to start accessing the Google APIs, you’re going to have to deal with it.  A great place to play around with the APIs and how they work in conjunction with OAuth2 is to use another Google resource, the OAuth2 Playground: https://developers.google.com/oauthplayground, this will show you how to define your calls, and shows all the responses.  Very handy for testing things out.

Avoiding the temptation to try to automate the manual authorization step, a little digging around and you can find someone has already done the heavy lifting: http://adayinthepit.com/2012/07/13/google-apis-sinatra-oauth2/. To paraphrase their code into a single ruby file, we get this:

require 'sinatra'
require 'oauth2'
require 'json'

G_API_CLIENT= "{your-client-key}"
G_API_SECRET="{your-secret}"

# Scopes are space separated strings
 SCOPES = ['https://www.googleapis.com/auth/calendar'].join(' ')

def client
 client ||= OAuth2::Client.new(G_API_CLIENT, G_API_SECRET, {
 :site => 'https://accounts.google.com',
 :authorize_url => "/o/oauth2/auth",
 :token_url => "/o/oauth2/token"
 })
 end

get '/' do
 redirect client.auth_code.authorize_url(:redirect_uri => redirect_uri,:scope => SCOPES,:access_type => "offline")
 end

get '/oauth2callback' do
 access_token = client.auth_code.get_token(params[:code], :redirect_uri => redirect_uri)
 puts "Successfully authenticated with the server"

#this is where our API call is going to go
 response = access_token.get('https://www.googleapis.com/calendar/v3/calendars/{your-calendar-id}').parsed
 end

def redirect_uri
 uri = URI.parse(request.url)
 uri.path = '/oauth2callback'
 uri.query = nil
 uri.to_s
 end

In this example the script is going to retrieve the calendar metadata settings for the calendar identified by {your-calendar-id}.  Because we’ve used the “.parsed” method, it will return the metadata as a hash.  You can access the hash by normal methods, ie. response["id"]

A couple of notes here:

  • You’re going to need to register with Google to get your API access.  All of this can be done here: https://code.google.com/apis/console
  • When you create your API access ID you’ll need to define what APIs your client is going to access.  These you define in the SCOPES variable, but you’ll also need to define them in the APIs console (see above).  To find the correct string for the scopes you’ll need to dig around in the API reference for the Google API you want to use.  A good place to start digging is here: https://developers.google.com/apis-explorer/#p/, click on the API and find the link for the “reference”.
  • Because I’m not going to start trying to parse the re-direct, when you run this, you’re going to need to open a browser and point it at the defined sinatra address (normally: http://localhost:4567).  This will is open up a dialog with Google in order to validate your credentials and issue your script with an OAuth2 token, which will then execute the code in the redirect URI (/oauth2callback).

So that’s the way most of the GET calls are going to be handled, but what about POST, PUT, PATCH, and DELETE?  You’re going to need to start passing parameters.  Let’s see an example also using the calendar API, where we create an event in our calendar.

To add a calendar event we need to use a POST method, fortunately the OAuth2 class provides methods for all these calls.

response= access_token.post('https://www.googleapis.com/calendar/v3/calendars/{your-calendar-id}/events') do |request|
 request.headers['Content-Type'] = 'application/json'
 request.body='{"end": {"dateTime": "2013-07-21T10:30:00.0z"},"start": {"dateTime": "2013-07-20T10:30:00.0z"}}'
 end
 # check response.status, works if it's 200
 json = JSON.parse(response.body)
 #access a specific response value
 puts json['id']

Note that we’ve removed the “.parsed” method from the access_token method and added some parameters to the inherited faraday client HTTP object’s request variable.  The addition of “Content-Type” allows us to pass the parameters as json, as well as receive the response in that format.  Again, playing around in the OAuth2 playground (see above) can really help speed up getting your json data formatting squared away.