Trying to log in with a specific client from my app

Question

So I`m using the google-api-ruby-client to make a google analytics app, and I wanted to log in every time with a specific user instead of having to be redirected to oauth everytime. My question is: is there any way to insert the login/password of that client into the code so when I use the app I don't have to authorize anything?

Here is the code that makes the autentication:

class TokenPair
    attr_accessor :id
    attr_accessor :refresh_token
    attr_accessor :access_token
    attr_accessor :issued_at

    def initialize
      @@id ||= 1
      self.id = @@id
      @@id += 1
    end

    def self.get(id)
      @@els ||= {}
      tp = @@els.fetch(id, TokenPair.new)
      @@els[tp.id] = tp
    end

    def update_token!(object)
      self.refresh_token = object.refresh_token
      self.access_token = object.access_token
      #self.expires_in = object.expires_in
      self.issued_at = object.issued_at
    end

    def to_hash
      {
          refresh_token: refresh_token,
          access_token: access_token,
          #    expires_in: expires_in,
          issued_at: issued_at ? Time.at(issued_at) : ''
      }
    end
  end

  def logout
    reset_session
    redirect_to root_url
  end

  def logged_in?

    if session["token_id"]
      redirect_to profile_path
    end

  end


  def login

    logged_in?

  end

  def self.params
    @@params
  end

  def update_token
    @client = Google::APIClient.new
    @client.authorization.client_id = '209273986197.apps.googleusercontent.com'
    @client.authorization.client_secret = '6sCG5ynCiz9Ej07pwIm653TU'
    @client.authorization.scope = 'https://www.googleapis.com/auth/analytics.readonly'
    @client.authorization.redirect_uri = callback_url
    @client.authorization.code = params[:code] if params[:code]
    logger.debug session.inspect
    if session[:token_id]
      # Load the access token here if it's available
      token_pair = TokenPair.get(session[:token_id])
      @client.authorization.update_token!(token_pair.to_hash)
    end
    if @client.authorization.refresh_token && @client.authorization.expired?
      @client.authorization.fetch_access_token!
    end
    @analytics = @client.discovered_api('analytics', 'v3')
    unless @client.authorization.access_token || request.path_info =~ /^\/oauth2/
      redirect_to authorize_path
    end
  end


  def authorize
    redirect_to @client.authorization.authorization_uri.to_s, :status => 303
  end

  def callback
    begin
      @client.authorization.fetch_access_token!
      # Persist the token here
      token_pair = TokenPair.get(session[:token_id])
  token_pair.update_token!(@client.authorization)
  session[:token_id] = token_pair.id
  redirect_to profile_url
rescue ArgumentError
  redirect_to root_url
end
end

def get_web_properties
result = @client.execute(
    api_method: @analytics.management.profiles.list,
    parameters: {accountId: "~all", webPropertyId: "~all"}
#parameters: {accountId: "582717"}
)
result.data
end

Answer 1

Even if your app is always acting as the same user, OAuth is still the preferred mechanism for various reasons -- easier to revoke access, limited access in case of compromise, client login auth mechanism is deprecated, etc.

By default the client will request offline access, which allows you to keep refreshing the access token indefinitely without having to go through the full oauth flow each time. You can simply authorize the app once, save the refresh token, and when it expires, just call fetch_access_token! again. If you're using the latest version of the library, the client will automatically attempt refreshing the token if it expired, so all you need to take care of is the initial authorization & storage of the refresh token.