Google Drive API Auth

Question

I currently have an application that works as follows:

1. A user clicks a button and authenticates with google in a popup.
2. The application performs actions on the users google drive account.
3. Results are shown to the user.

The entire process is client side and written in Javascript.

I want to modify the application so that it works like so:

1. A user clicks on a button. No popup appears.
2. The application performs actions on a google drive account that I control and is the same for all users.
3. Results are shown to the user.

Is this possible? Do I need to set up a service account to do this? Will I need to write this in something other than javascript? I don't understand much of the OAuth stuff that is required by google and some guidance would be much appreciated.

Further notes:

• The users that will be using this are limited and can be given permissions if necessary, but I don't want to them have to log in.

Answer 1

You can use either a service account or a regular account. In both cases the JS client will have a stored credential, so be aware of the security implications of this. Using a regular account is probably the more secure since OAuth will validate that the code is being run from a registered origin. However this is marginal. The credential is in the wild and so you should expect the worst. For the steps involved in using a regular account, and some sample JS code to do it, see How do I authorise an app (web or installed) without user intervention? (canonical ?)

Think really hard about the security implications because I suspect that once you do, you'll change your mind about doing this,