Search code examples
google-apps-scriptgoogle-oauthgoogle-appsgoogle-email-settings-api

How to use the Google Email Settings API and the OAuth2 for Apps Script Library to set email signatures for users in a Google Apps domain


This is my first time using the "Answer your own question" feature. I hope I'm doing this right. My Title triggered a warning that my question looks subjective and will probably be deleted.

I searched the site and didn't find any questions that matched the level of detail that I put into my response below, so I'm just trying to help out some fellow programmers by posting this.



As the administrator of a Google Apps domain, how do you use the Google Email Settings API with OAuth 2 to programmatically set the email signatures of users on your domain in Google Apps Script?


Solution

  • I experienced some confusion when trying to get this to work after OAuth 1 was deprecated, but with some help from awesome SO users, I was able to figure out a working solution.

    First, you need to follow the steps to add this library to your Apps Script project:

    https://github.com/googlesamples/apps-script-oauth2

    After you have that set up, you can use their library to create an OAuth 2 service that is needed when calling the Email Settings API. Here is my working code:

    function beginNewEmployeeProcedures() {
    
      var emailSettingsOauth2Service = createOauth2Service(‘Email Settings API’,’https://apps-apis.google.com/a/feeds/emailsettings/2.0/’,’authCallbackForEmailSettingsApi’);
      if (!emailSettingsOauth2Service.hasAccess()) { startOauth2AuthFlow(‘Email Settings API’,emailSettingsOauth2Service); return; }
    
      setSignature(emailSettingsOauth2Service,’[email protected]’,’cool email signature’);
    
    }
    
    function setSignature(service,email,signature) {
    
      try {
    
        var username = email.split(“@”)[0];
    
        var xml = '<?xml version="1.0" encoding="utf-8"?>' +
          '<atom:entry xmlns:atom="http://www.w3.org/2005/Atom" xmlns:apps="http://schemas.google.com/apps/2006" >' +
          '<apps:property name="signature" value="'+ signature +'" /></atom:entry>';
    
        var fetchArgs = {};
        fetchArgs.headers = {‘Authorization': ‘Bearer ‘+ service.getAccessToken()};
        fetchArgs.method = “PUT”;
        fetchArgs.contentType = “application/atom+xml”;
        fetchArgs.payload = xml;
        fetchArgs.muteHttpExceptions = true;
    
        var url = ‘https://apps-apis.google.com/a/feeds/emailsettings/2.0/yourgoogleappsdomain.com/’ + username + ‘/signature';
    
        UrlFetchApp.fetch(url, fetchArgs);
    
      } catch(e) {
    
        // failure notification email, etc
    
      }
    
    }
    
    function createOauth2Service(serviceName,scope,callbackFunctionName) {
    
      // Create a new service with the given name. The name will be used when
      // persisting the authorized token, so ensure it is unique within the
      // scope of the property store.
      var service = OAuth2.createService(serviceName)
    
      // Set the endpoint URLs, which are the same for all Google services.
      .setAuthorizationBaseUrl(‘https://accounts.google.com/o/oauth2/auth’)
      .setTokenUrl(‘https://accounts.google.com/o/oauth2/token’)
    
      // Set the client ID and secret, from the Google Developers Console.
      .setClientId(OAUTH2_CLIENT_ID)
      .setClientSecret(OAUTH2_CLIENT_SECRET)
    
      // Set the project key of the script using this library.
      .setProjectKey(OAUTH2_PROJECT_KEY)
    
      // Set the name of the callback function in the script referenced
      // above that should be invoked to complete the OAuth flow.
      .setCallbackFunction(callbackFunctionName)
    
      // Set the property store where authorized tokens should be persisted.
      .setPropertyStore(PropertiesService.getUserProperties())
    
      // Set the scopes to request (space-separated for Google services).
      .setScope(scope)
    
      // Below are Google-specific OAuth2 parameters.
    
      // Sets the login hint, which will prevent the account chooser screen
      // from being shown to users logged in with multiple accounts.
      .setParam(‘login_hint’, Session.getActiveUser().getEmail())
    
      // Requests offline access.
      .setParam(‘access_type’, ‘offline’)
    
      // Forces the approval prompt every time. This is useful for testing,
      // but not desirable in a production application.
      .setParam(‘approval_prompt’, ‘force’);
    
      return service;
    
    }
    
    function startOauth2AuthFlow(serviceName,service) {
    
      var authorizationUrl = service.getAuthorizationUrl();
    
      var template = HtmlService.createTemplate(
      ‘<a href="” target=”_blank”>’+
      ‘Click here to authorize this script to access the ‘ + serviceName + ‘‘ +
      ‘After closing the other tab, click the X in this window and start the script again.’);
    
      template.authorizationUrl = authorizationUrl;
    
      var page = template.evaluate();
    
      SpreadsheetApp.getUi().showModalDialog(page, ‘API Authorization’);
    
    }
    
    function authCallbackForEmailSettingsApi(request) {
    
      // this script is called by the auth screen when the user clicks the blue Accept button
    
      var oauth2Service = createOauth2Service(‘Email Settings API’,’https://apps-apis.google.com/a/feeds/emailsettings/2.0/’,’authCallbackForEmailSettingsApi’);
    
      var isAuthorized = oauth2Service.handleCallback(request);
    
      if (isAuthorized) {
        return HtmlService.createHtmlOutput(‘Success! You can close this tab.’);
      } else {
        return HtmlService.createHtmlOutput(‘Didn\’t work.’);
      }
    
    }