dwindown/meet-hub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Switch from Service Account to OAuth2 for Google Calendar (Personal Gmail)

Browse Source 
- Replace JWT service account authentication with OAuth2 refresh token flow
- Service accounts cannot create Google Meet links for personal Gmail accounts
- Update edge function to use OAuth2 token exchange
- Change database column from google_service_account_json to google_oauth_config
- Add helper tool (get-google-refresh-token.html) to generate OAuth credentials
- Update IntegrasiTab UI to show OAuth config instead of service account
- Add SQL migration file for new google_oauth_config column

OAuth2 Config format:
{
  "client_id": "...",
  "client_secret": "...",
  "refresh_token": "..."
}

This approach works with personal @gmail.com accounts without requiring
Google Workspace or Domain-Wide Delegation.
This commit is contained in:
dwindown
2025-12-23 14:06:42 +07:00
parent 286ab630ea
commit 7d22a5328f
4 changed files with 239 additions and 108 deletions
Download Patch File Download Diff File Expand all files Collapse all files

187
get-google-refresh-token.html Normal file
View File

@@ -0,0 +1,187 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Get Google OAuth Refresh Token</title>
<style>
body {
font-family: Arial, sans-serif;
max-width: 800px;
margin: 50px auto;
padding: 20px;
background: #f5f5f5;
}
.container {
background: white;
padding: 30px;
border-radius: 8px;
box-shadow: 0 2px 10px rgba(0,0,0,0.1);
}
h1 {
color: #333;
border-bottom: 2px solid #4285f4;
padding-bottom: 10px;
}
.step {
margin: 20px 0;
padding: 15px;
background: #f8f9fa;
border-left: 4px solid #4285f4;
}
code {
background: #f1f1f1;
padding: 2px 6px;
border-radius: 3px;
font-family: 'Courier New', monospace;
}
.input-group {
margin: 15px 0;
}
label {
display: block;
font-weight: bold;
margin-bottom: 5px;
color: #555;
}
input {
width: 100%;
padding: 10px;
border: 1px solid #ddd;
border-radius: 4px;
box-sizing: border-box;
}
button {
background: #4285f4;
color: white;
padding: 12px 24px;
border: none;
border-radius: 4px;
cursor: pointer;
font-size: 16px;
margin-top: 10px;
}
button:hover {
background: #3367d6;
}
#result {
margin-top: 20px;
padding: 15px;
background: #e8f5e9;
border: 1px solid #4caf50;
border-radius: 4px;
display: none;
}
.error {
background: #ffebee;
border-color: #f44336;
}
textarea {
width: 100%;
padding: 10px;
border: 1px solid #ddd;
border-radius: 4px;
font-family: 'Courier New', monospace;
min-height: 100px;
box-sizing: border-box;
}
</style>
</head>
<body>
<div class="container">
<h1>🔑 Generate Google OAuth Refresh Token</h1>
<div class="step">
<h3>Step 1: Create Google Cloud Project</h3>
<ol>
<li>Go to <a href="https://console.cloud.google.com/" target="_blank">Google Cloud Console</a></li>
<li>Create a new project or select existing one</li>
<li>Go to <strong>APIs & Services > Credentials</strong></li>
<li>Click <strong>+ Create Credentials</strong><strong>OAuth client ID</strong></li>
<li>Application type: <strong>Web application</strong></li>
<li>Add authorized redirect URI: <code>https://developers.google.com/oauthplayground</code></li>
<li>Copy the <strong>Client ID</strong> and <strong>Client Secret</strong></li>
</ol>
</div>
<div class="step">
<h3>Step 2: Configure OAuth Playground</h3>
<ol>
<li>Go to <a href="https://developers.google.com/oauthplayground/" target="_blank">OAuth 2.0 Playground</a></li>
<li>Click the gear icon (⚙️) in the top right</li>
<li>Check <strong>Use your own OAuth credentials</strong></li>
<li>Enter your <strong>Client ID</strong> and <strong>Client Secret</strong> from Step 1</li>
<li>Click <strong>Close</strong></li>
</ol>
</div>
<div class="step">
<h3>Step 3: Get Refresh Token</h3>
<ol>
<li>In the left panel, select:
<ul>
<li>☑️ Google Calendar API v3</li>
<li>Click <strong>Authorize APIs</strong></li>
</ul>
</li>
<li>Sign in with your Google account and grant permissions</li>
<li>Click <strong>Exchange authorization code for tokens</strong></li>
<li>Copy the <strong>Refresh Token</strong> from the right panel</li>
</ol>
</div>
<div class="step">
<h3>Step 4: Generate Configuration</h3>
<div class="input-group">
<label for="clientId">Client ID:</label>
<input type="text" id="clientId" placeholder="Enter your Client ID">
</div>
<div class="input-group">
<label for="clientSecret">Client Secret:</label>
<input type="text" id="clientSecret" placeholder="Enter your Client Secret">
</div>
<div class="input-group">
<label for="refreshToken">Refresh Token:</label>
<input type="text" id="refreshToken" placeholder="Enter your Refresh Token">
</div>
<button onclick="generateConfig()">Generate Configuration</button>
</div>
<div id="result"></div>
</div>
<script>
function generateConfig() {
const clientId = document.getElementById('clientId').value.trim();
const clientSecret = document.getElementById('clientSecret').value.trim();
const refreshToken = document.getElementById('refreshToken').value.trim();
if (!clientId || !clientSecret || !refreshToken) {
const resultDiv = document.getElementById('result');
resultDiv.style.display = 'block';
resultDiv.className = 'error';
resultDiv.innerHTML = '<strong>Error:</strong> Please fill in all fields.';
return;
}
const config = {
client_id: clientId,
client_secret: clientSecret,
refresh_token: refreshToken
};
const configJson = JSON.stringify(config, null, 2);
const resultDiv = document.getElementById('result');
resultDiv.style.display = 'block';
resultDiv.className = '';
resultDiv.innerHTML = `
<h4>✅ Configuration Generated!</h4>
<p>Copy this JSON and paste it into the <strong>Google OAuth Config</strong> field in your admin panel:</p>
<textarea readonly onclick="this.select()">${configJson}</textarea>
<p><strong>Important:</strong> Keep these credentials secure. Never share them publicly!</p>
`;
}
</script>
</body>
</html>