OAuth2 and Google OAuth Playground

If you are a developer, chances are that you are using APIs that requires authorization to be used. That is especially the case with most of the Google APIs. So, you should at least be familiar with OAuth2.

The aim of this article is not to describe what OAuth2 is (there are dozens of literature on it), but simply a reminder of the standard, and pointers on how to use Google OAuth2 Playground which is a super easy interactive demonstration tool using Google APIs.

OAuth 2, reminder

OAuth2 is not an authorization protocol, it’s a secure delegated access protocol. In this manner, you have to consider 4 distincts roles within this process :

  • the ressource owner (typically you, or me or anyone…)
  • the ressource server where the owner stores his data (for instance entries in Google Calendar)
  • the client application (webpage, android app…) that will need to access the ressource of the owner (to display the Calendar entries for instance)
  • the authorization Server that grants access to the application (based on the owner approval).

Whenever the client application needs to access a ressource, it first asks to the authorization server a Token (access or refresh token). This token is then used to access to the ressource located on the ressource server (the token could be passed in various way, but the most common is through the header of the request).

Token are used in a defined scope, which is a spectrum of ressources accessible with that token.

Google OAuth Playground

Google OAuth Playground is a sandbox where you can play with OAuth2 and the APIs that support it. For our use case, we will test the Proximity Beacon API which requires OAuth2.

There is already a description of the process for authorizing and Authenticating Proximity Beacon API requests, but we’ll cover that with some screenshots.

As described on the documentation, the first thing you need to do is to go to the Google Developers Console, create a project, activate the Google Beacon API, then go to the Credentials Section in order to get a client ID for a web applications (that we’ll use for the Playground)

Be carefull to set https://developers.google.com/oauthplayground as a redirect URI

Go to the the OAuth 2.0 Playground and configure the OAuth Credentials (generated previously from developer console. Copy paste it there, as shown below)

On the left side menu of the Playground, you have to set the scope for the Proximity Beacon API into the field labeled Input your own scopes: https://www.googleapis.com/auth/userlocation.beacon.registry

As a result, the token will be generated and automatically used for next steps.

Now, all the magic comes, you can request your API that request authorization (for instance https://proximitybeacon.googleapis.com/v1beta1/beacons)

As you can see, you can add headers, add request body and so… In a word, you can easily test the API you are interested in and see the full result (header & body)

You’ll get the response of your request which requires authorization :)

Do not hesitate to over use this playground, it should definitely be used as part of API exploration (more than reading static documentation :)