I currently have an application that works as follows:
The entire process is client side and written in Javascript.
I want to modify the application so that it works like so:
Is this possible? Do I need to set up a service account to do this? Will I need to write this in something other than javascript? I don't understand much of the OAuth stuff that is required by google and some guidance would be much appreciated.
Further notes:
You can use either a service account or a regular account. In both cases the JS client will have a stored credential, so be aware of the security implications of this. Using a regular account is probably the more secure since OAuth will validate that the code is being run from a registered origin. However this is marginal. The credential is in the wild and so you should expect the worst. For the steps involved in using a regular account, and some sample JS code to do it, see How do I authorise an app (web or installed) without user intervention? (canonical ?)
Think really hard about the security implications because I suspect that once you do, you'll change your mind about doing this,