Using the Google API .NET client with an existing access token

Question

The use-case is the following: a mobile app is authenticating a user with Google and at some point, we need to publish a user's video to his YouTube account; for practical reasons, the actual publication should be done by the back-end (large files that are already stored there).

As the user is already authenticated by the app, the app just sends the user's access token to the back-end. Now my struggle is to find how to use this access token with the .NET client... So far I've tried to create instances of UserCredential from that access token but that doesn't seem to work. Also we don't need all the token refresh logic provided by UserCredential as we know that the access token is valid at this point.

Any help would be greatly appreciated, thanks!

Can you find a solution here: https://stackoverflow.com/questions/21528773/how-to-make-calendarservice-object-using-access-token#answer-27297987 I've tested and it works! — marcogramy, Jun 08 '20 at 10:30

score 1 · Answer 1 · answered Nov 18 '21 at 10:40

Technically speaking you could just forward the access token, then when you want to call the api you just add the access token to the header as a bearer token

curl --request POST \
  'https://youtube.googleapis.com/youtube/v3/videos?key=[YOUR_API_KEY]' \
  --header 'Authorization: Bearer [YOUR_ACCESS_TOKEN]' \
  --header 'Accept: application/json' \
  --header 'Content-Type: application/json' \
  --data '{}' \
  --compressed

This could be done with manually with .net using a Http client.

However if you want to use the Google .Net client library you could do something like this.

var credential = GoogleWebAuthorizationBroker.AuthorizeAsync(GoogleClientSecrets.Load(stream).Secrets,
                                                                             scopes,
                                                                             userName,
                                                                             CancellationToken.None,
                                                                             new FileDataStore(credPath, true)).Result;

However you will need to do a few things. First off you need to make your own implmentation of FileDataStore which would accept an access token passed to it. I have a few samples of custom datastores here That you can have a look at they may help.

The second issue is that the client id and client secrete that you pass to the Google .net client library will need to be the same one that was used to create the access token to begin with. I am not 100% sure if this will be an issue as you are not passing a refresh token so the client library wont need to refresh the access token it just needs to use it.

There are other ways to create dummy credentials object for use with the Client library but this is the one that i have used in the past.

I dont personally think its a good idea for you to be passing access tokens around between servers in this manner. You really should have the user authorize your app properly.

Using the Google API .NET client with an existing access token

1 Answers1

Linked