Google OAuth2 Flow

Hi There, I’m trying to access the google tasks API within the ThingHandler. But I struggle to implement the google oauth2 grant flow to get access to the google task api. Is there any possibility within openhab bundle Thing Handler to open a browser to get the user confirmation to access the api?

Or can I use the org.openhab.core.auth.client.oauth2 Package to Handle the OAuth2 Request Flow?

Many Thanks in advance


This is a client which allows you you to interact with oauth2 server. On binding end you need two more things - a callback endpoint (one which oauth server redirects to) and a way to refer a token later on.
The callback is usually servlet, token (as far I remember) is held by client storage.
To find out examples look for any cloud related binding, ie spottify.

Hi Lukasz,

Many Thanks your advice has rescued me! I wrote an implementation using the HttpServlet for Handle the Grant_Flow of OAuth2. Maybe I can ask a last question?

Can I using the HttpService to start an automatic redirect to my HttpServlet within initialize method?

Many many Thanks,

Best regards


Not sure what you mean. HttpService is used to register servlets within http server and its ports/endpoints. Servlets themselves have a lifecycle which is controlled by server. You can do some init method implementation for servlet, but it will receive only params you gave while registering it (the init params passed to http service call).

If you think of redirects from callback endpoint or so - this is something I would advice to check with overall oauth recommendations. It makes sense to have redirect if your callback is main window. If its a popup then it makes sense to show close button. Flow is done when you receive authorization code which is successfully exchanged for a token. Since it is a background call which result must be displayed to user you can do self-redirect to thesame servlet. As long as you can distinguish whats going on and coordinate with completion of process oauth client does, nothing forbids that.
I think it is better to have one servlet which does both since it is easier to grab whole logic. Split functionality only if it grows too much. BTW same functionality can be achieved with REST endpoints but using different ways to register resources.

Best, Łukasz