-1

So here is what i am trying to do : I built a bot with api.ai for my business that is hosted on my webpage and my Facebook page right now. Bot works well.

I want to push it to the next step by allowing my customers to make querys on my calendar, ask to book a specific time, see if available, if not offer other time similar, then make a booking.

I have been reading this thread and the great answer attached to it but i think my case is a bit different. I was wondering if the bot could always have a token so every guests won't have to Auth to query the calendar ?

Obviously i am new to this, i have been reading the guide of google calendar api and api.ai but i don't really see how to do that yet. I guess there is a way to store a token somewhere and then just trigger the query with some specific intents but not to sure how.

I have also done the node.js quickstart guide of the G-calendar api, and it works fine if that helps.

Thanks for your help !

Hubert Muda
  • 13
  • 5
  • Just to be clear - you're not trying to attach the calendar request to a specific Google user, but allow anyone that talks to you through API.AI to edit the calendar? – Prisoner Jun 27 '17 at 11:18
  • Exactly, so i think i have to store within the app that has the webhook a client-secret.json file with the client secret and id but i am not sure. – Hubert Muda Jun 28 '17 at 12:12

1 Answers1

0

You will probably want to use a Service Account that is permitted to the calendar in question. Service Accounts are similar to regular accounts, but they are expected to do server-to-server communication only, so the method to create an auth token is a little different to keep it secure.

See https://developers.google.com/identity/protocols/OAuth2ServiceAccount for more information about using Service Accounts.

In general, you'll be using a shared secret to create and sign a JSON Web Token (JWT) you send to Google's servers. You'll get back an access token which you'll then use to call the Calendar API. The access token expires in about an hour, at which point you'll need to repeat the process.

There are libraries available to do much of this for you. For example, if you're using the node.js library https://github.com/google/google-api-nodejs-client, then it will take care of this for you (although you need to modify the key file - see the documentation for details).

Prisoner
  • 49,922
  • 7
  • 53
  • 105
  • Thanks for your answer. I saw that was an option but i know there is a way to do it without having to request for a new token all the time. [This guy manage to do it](https://github.com/wannikid/madridweekly) in python but i dont know how to translate that in Node. He said he only had another folder called Credentials on his server with a calendar-python-quickstart.json file and that was it. – Hubert Muda Jun 29 '17 at 03:16
  • He is requesting a new token when necessary - or rather, the API library is doing that for him. The node.js library you're using may be able to do that as well. – Prisoner Jun 29 '17 at 03:24
  • Oh ok i see but that does not create any interaction with the person querying the bot right ? Would i be able to talk to you directly by any chance ? – Hubert Muda Jun 29 '17 at 04:49
  • [Would this](https://codepen.io/anon/pen/EXoOEQ) achieve the same thing as him when it comes to the token ? – Hubert Muda Jun 29 '17 at 04:59
  • I've updated the answer to address your library question. It does not (and should not, if you're using a Service Account) require any user interaction for the authentication part. – Prisoner Jun 29 '17 at 14:15
  • I'm not sure about the code fragment on codepen - there are function references that are missing to make it clearer. – Prisoner Jun 29 '17 at 14:16
  • If you've found a solution that works for you, don't forget to post it as an answer on StackOverflow to help others in the future. – Prisoner Jul 03 '17 at 10:10