Google API - How can I make a HTTP Get to authenticate user and get a refresh token from client js?

169 views Asked by At

I'm currently making the integration between Google Calendar and my company's website. But I'd like the save the user's credential, so he just have to authenticate only one time. I build the following URL.

https://accounts.google.com/o/oauth2/v2/auth?client_id=my_client_id&redirect_uri=localhost&state=django_csrf_token&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcalendar&access_type=offline&response_type=code

And calling the following snippet:

xhr = new XMLHttpRequest();
xhr.open('GET', url);
xhr.setRequestHeader('Access-Control-Allow-Origin', '*');
xhr.send();

And now. I'm stuck...

1

There are 1 answers

2
idbehold On

You cannot perform an OAuth call via an XMLHttpRequest. If the user wasn't currently logged into Google how would the user log in via that call? How would the user approve your application's requested permissions? You must actually redirect their browser to that URL.