(SQL Server) Get a Google Drive Application Specific Data OAuth2 Access Token

Demonstrates how to get a Google Drive OAuth2 access token from a desktop application or script for the purpose of uploading and fetching only application-specific data.

"The application data folder is a special hidden folder that your app can use to store application-specific data, such as configuration files. The application data folder is automatically created when you attempt to create a file in it. Use this folder to store any files that the user shouldn't directly interact with. This folder is only accessible by your application and its contents are hidden from the user and from other Drive apps.

The application data folder is deleted when a user uninstalls your app from their MyDrive. Users can also delete your app's data folder manually."

For more information, see https://developers.google.com/drive/api/v3/appdata

Chilkat ActiveX Downloads ActiveX for 32-bit and 64-bit Windows

-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    DECLARE @iTmp0 int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    -- This example requires the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    DECLARE @oauth2 int
    -- Use "Chilkat_9_5_0.OAuth2" for versions of Chilkat < 10.0.0
    EXEC @hr = sp_OACreate 'Chilkat.OAuth2', @oauth2 OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    DECLARE @success int

    -- For Google OAuth2, set the listen port equal to the port used
    -- in the Authorized Redirect URL for the Client ID.
    -- For example, in this case the Authorized Redirect URL would be http://localhost:55568/
    -- Your app should choose a port not likely not used by any other application.
    EXEC sp_OASetProperty @oauth2, 'ListenPort', 55568

    EXEC sp_OASetProperty @oauth2, 'AuthorizationEndpoint', 'https://accounts.google.com/o/oauth2/v2/auth'
    EXEC sp_OASetProperty @oauth2, 'TokenEndpoint', 'https://www.googleapis.com/oauth2/v4/token'

    -- Replace these with actual values.
    EXEC sp_OASetProperty @oauth2, 'ClientId', 'GOOGLE-CLIENT-ID'
    EXEC sp_OASetProperty @oauth2, 'ClientSecret', 'GOOGLE-CLIENT-SECRET'

    EXEC sp_OASetProperty @oauth2, 'CodeChallenge', 1
    EXEC sp_OASetProperty @oauth2, 'CodeChallengeMethod', 'S256'

    -- Specify the scope for application specific data only.
    EXEC sp_OASetProperty @oauth2, 'Scope', 'https://www.googleapis.com/auth/drive.appdata'

    -- Begin the OAuth2 three-legged flow.  This returns a URL that should be loaded in a browser.
    DECLARE @url nvarchar(4000)
    EXEC sp_OAMethod @oauth2, 'StartAuth', @url OUT
    EXEC sp_OAGetProperty @oauth2, 'LastMethodSuccess', @iTmp0 OUT
    IF @iTmp0 <> 1
      BEGIN
        EXEC sp_OAGetProperty @oauth2, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @oauth2
        RETURN
      END

    -- At this point, your application should load the URL in a browser.
    -- For example, 
    -- in C#: System.Diagnostics.Process.Start(url);
    -- in Java: Desktop.getDesktop().browse(new URI(url));
    -- in VBScript: Set wsh=WScript.CreateObject("WScript.Shell")
    --              wsh.Run url
    -- in Xojo: ShowURL(url)  (see http://docs.xojo.com/index.php/ShowURL)
    -- in Dataflex: Runprogram Background "c:\Program Files\Internet Explorer\iexplore.exe" sUrl        
    -- The QuickBooks account owner would interactively accept or deny the authorization request.

    -- Add the code to load the url in a web browser here...
    -- Add the code to load the url in a web browser here...
    -- Add the code to load the url in a web browser here...

    -- Now wait for the authorization.
    -- We'll wait for a max of 30 seconds.
    DECLARE @numMsWaited int
    SELECT @numMsWaited = 0
    EXEC sp_OAGetProperty @oauth2, 'AuthFlowState', @iTmp0 OUT
    WHILE (@numMsWaited < 30000) and (@iTmp0 < 3)
      BEGIN
        EXEC sp_OAMethod @oauth2, 'SleepMs', NULL, 100
        SELECT @numMsWaited = @numMsWaited + 100
      END

    -- If there was no response from the browser within 30 seconds, then 
    -- the AuthFlowState will be equal to 1 or 2.
    -- 1: Waiting for Redirect. The OAuth2 background thread is waiting to receive the redirect HTTP request from the browser.
    -- 2: Waiting for Final Response. The OAuth2 background thread is waiting for the final access token response.
    -- In that case, cancel the background task started in the call to StartAuth.
    EXEC sp_OAGetProperty @oauth2, 'AuthFlowState', @iTmp0 OUT
    IF @iTmp0 < 3
      BEGIN
        EXEC sp_OAMethod @oauth2, 'Cancel', @success OUT

        PRINT 'No response from the browser!'
        EXEC @hr = sp_OADestroy @oauth2
        RETURN
      END

    -- Check the AuthFlowState to see if authorization was granted, denied, or if some error occurred
    -- The possible AuthFlowState values are:
    -- 3: Completed with Success. The OAuth2 flow has completed, the background thread exited, and the successful JSON response is available in AccessTokenResponse property.
    -- 4: Completed with Access Denied. The OAuth2 flow has completed, the background thread exited, and the error JSON is available in AccessTokenResponse property.
    -- 5: Failed Prior to Completion. The OAuth2 flow failed to complete, the background thread exited, and the error information is available in the FailureInfo property.
    EXEC sp_OAGetProperty @oauth2, 'AuthFlowState', @iTmp0 OUT
    IF @iTmp0 = 5
      BEGIN

        PRINT 'OAuth2 failed to complete.'
        EXEC sp_OAGetProperty @oauth2, 'FailureInfo', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @oauth2
        RETURN
      END

    EXEC sp_OAGetProperty @oauth2, 'AuthFlowState', @iTmp0 OUT
    IF @iTmp0 = 4
      BEGIN

        PRINT 'OAuth2 authorization was denied.'
        EXEC sp_OAGetProperty @oauth2, 'AccessTokenResponse', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @oauth2
        RETURN
      END

    EXEC sp_OAGetProperty @oauth2, 'AuthFlowState', @iTmp0 OUT
    IF @iTmp0 <> 3
      BEGIN

        EXEC sp_OAGetProperty @oauth2, 'AuthFlowState', @iTmp0 OUT
        PRINT 'Unexpected AuthFlowState:' + @iTmp0
        EXEC @hr = sp_OADestroy @oauth2
        RETURN
      END

    -- Save the full JSON access token response to a file.
    DECLARE @sbJson int
    -- Use "Chilkat_9_5_0.StringBuilder" for versions of Chilkat < 10.0.0
    EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbJson OUT

    EXEC sp_OAGetProperty @oauth2, 'AccessTokenResponse', @sTmp0 OUT
    EXEC sp_OAMethod @sbJson, 'Append', @success OUT, @sTmp0
    EXEC sp_OAMethod @sbJson, 'WriteFile', @success OUT, 'qa_data/tokens/googleDriveAppData.json', 'utf-8', 0

    -- The saved JSON response looks like this:

    -- 	{
    -- 	 "access_token": "ya39.Ci-XA_C5bGgRDC3UaD-h0_NeL-DVIQnI2gHtBBBHkZzrwlARkwX6R3O0PCDEzRlfaQ",
    -- 	 "token_type": "Bearer",
    -- 	 "expires_in": 3600,
    -- 	 "refresh_token": "1/r_2c_7jddspcdfesrrfKqfXtqo08D6Q-gUU0DsdfVMsx0c"
    -- 	}
    -- 

    PRINT 'OAuth2 authorization granted!'

    EXEC sp_OAGetProperty @oauth2, 'AccessToken', @sTmp0 OUT
    PRINT 'Access Token = ' + @sTmp0

    EXEC @hr = sp_OADestroy @oauth2
    EXEC @hr = sp_OADestroy @sbJson


END
GO