Skip to content
Fluid Attacks Development Portal

Google sheets ETL

Set up OAuth client

  • Go to google cloud console
  • Create a project and an OAuth client.
  • Associate the client with a trustful redirect_uri and necessary permissions (scopes)
  • The created client should provide all the other necessary elements e.g. client_id, client_secret, auth_endpoint, …

Detailed steps can be found on this doc or in the tap-google-sheets docs

Generate refresh token

  1. Build consent page URL

Replace the <marks> with the appropriate values

https://accounts.google.com/o/oauth2/v2/auth?response_type=code&access_type=offline&prompt=consent&client_id=<CLIENT_ID>&redirect_uri=<REDIRECT_URI>&scope=<PERMISSIONS_SCOPE>

<PERMISSIONS_SCOPE> must be a Google API scope URL

e.g. spreadsheets.readonly If various scopes are needed, separate them with a URL encoded space, i.e. %20

  1. User interaction

Provide this link to the user; when the user authorizes, it will be redirected to the redirect_uri. If the URI is not intended to handle the ‘consent-code’ the redirected URL will have the consent-code inside the URL parameters.

  1. Send consent code

Send the consent-code together with the other config values like the following:

Terminal window
curl -0 -v -X POST https://oauth2.googleapis.com/token\
    -H "Accept: application/json"\
    -H "Content-Type: application/x-www-form-urlencoded"\
    -d "grant_type=authorization_code"\
    -d "code=<CONSENT_CODE>"\
    -d "client_id=<CLIENT_ID>"\
    -d "client_secret=<CLIENT_SECRET>"\
    -d "redirect_uri=<REDIRECT_URI>"

This will return a refresh_token if successful.