I have been working with Google-bigquery and JavaScript for a little time now, after getting some help here, something i realised is that the you require your Google login details associated with the project to authorise and achieve what your trying to do.
What i am trying to achieve:-
Allow users to visit my page, and view the data. For example i may show some public data based on weather forecast, so i do not require any users authentication,
Currently for research & development purposed i am using I am using OAuth 2.0 for Web Server Applications, i want to get rid of this as we don’t need any user data, apart from having my project client-id email-id etc…
I have read on OAuth 2.0 for Server to Server Applications, and there don’t seem to be any support for JavaScript so the end-user doesn’t have to be involved.
Is there any solution to this or a safe quick fix, i have tried changing the config code from this sample to see what happens but no luck –
var config = {
'client_id' : 'xxxxxxxxxxx.apps.googleusercontent.com',
"iss" : "xxxxxxxxxxxxxxxxxxxxxxxxxx@developer.gserviceaccount.com",
"scope" : "https://www.googleapis.com/auth/bigquery",
"aud" : "https://accounts.google.com/o/oauth2/token",
"exp" : 1328554385,
"iat" : 1328550785
};
What am i missing in here.
Thanks in advance for any help and advice, i have been struggling for a very loong time with this.
Because there is no way to hide a client secret in client-side JavaScript code, there is no way to authorize a client-side JavaScript application to use BigQuery via a server-to-server OAuth flow.
The only solution in this case is to use a server side proxy for your API calls from the JavaScript application. Here’s a snippet below of how you could proxy query calls via AppEngine (note: the code below is open to any user, it does do any check to make sure the calls are being run through your particular JavaScript client).