2

Newbie trying to figure out how to get a Node.js application to authenticate and query Google BigQuery, trying to adapt this CodeLab tutorial from Java. What step might i be missing?

First I create this Oauth2 URL using my clientid:

https://accounts.google.com/o/oauth2/auth?
    client_id=1047877053699-den6kbs4v3f2bft6clonsirkj1pc7t6j.apps.googleusercontent.com
    &scope=https://www.googleapis.com/auth/bigquery
    &redirect_uri=http://localhost:3000/oauth2callback
    &access_type=offline
    &response_type=code

This successfully reaches Google, which prompts

A third party service is requesting permission to access your Google Account.

Agreeing that generates a second prompt:

Nodejs_Test is requesting permission to: View and manage your data in Google BigQuery

Agreeing to that, the callback URL is called, with a parameter accessToken.

I think the following url should list tables in my BigQuery project/dataset:

https://www.googleapis.com/bigquery/v2/projects/1047877053699/datasets/visits&accessToken=4%2FC196NizZwlNgWSt5oNqQwendmLNW.0vgUrlGJ6kMRshQV0ieZDApig3NfcgI

But calling with or without the accessToken returns the following message that "Login Required".

 {
 "error": {
  "errors": [
   {
    "domain": "global",
    "reason": "required",
    "message": "Login Required",
    "locationType": "header",
    "location": "Authorization"
   }
  ],
  "code": 401,
  "message": "Login Required"
 }
}

I know you can't repeat the code because of permissions, expired tokens, etc. But I wonder what step I might be missing conceptually.

Improve this question

2 Answers 2

Reset to default
3

Have you tried sending the accesstoken as an authorization header rather than as a url parameter?

as in 

https://www.googleapis.com/bigquery/v2/projects/1047877053699/datasets/visits
Authorization: OAuth Your-access-token-here-not-urlencoded
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thanks! Got it to work. The learning curve was multistep, but this provided the right keywords to latch on .
1

FYI - looks like you originally used the parameter accessToken in the URL. It should instead by access_token, which looks like it works fine. Of course, Jordan's suggestion of using a Header is better if you're able to do it though-- it's more secure as it's unlikely to get logged in access logs, proxy server logs, etc.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.