Google credentials and redirect URI for Google OAuth2 in a WordPress plugin, questions

I'm developing a plugin that inserts contacts into a custom table of the WordPress database (name, phone number, email). It is possible to enter data in this table either manually, through a form, or by importing it from WordPress users. I have also developed a feature to import contacts from Google Contacts (Google People). Everything works but I ask you: when I will provide the plugin to my customers how can I do to avoid also providing the client_secret.json file with my credentials for accessing the Google API via OAuth2 together with the plugin? Furthermore, in order to function correctly, I must also authorize the URI redirect in the Google console but I cannot know in advance the URL of the various sites where the plugin will be installed, is it possible to automate (perhaps always through the Google API) this insertion?

Topic oauth api plugin-development Wordpress google

Category Web

1
answered at

There are two possible solutions depending on what kind of relationship you expect to have with the people that use the plugin.

  1. Instruct them how to create an app and which URLs to use to be compatibe with what you expect in the plugin, have a setting page at the wordpress admin in which they can either upload the secrets file or configure the app secrets. This option is easy for you hard for the user.

  2. Setup a proxy. Your plugin actually comunicates with the proxy and the proxy does the relevant API access, handles oauth redirects from google etc. This options is easy for the user but complicates your development, might cost you if you don't have a place to host such a thing, but the biggest thing is the quota limits of google as you will be responsible to pay when you pass the free tier, or your code will need to keep track of the usage and stop before you pass the free tier.

About

Geeks Mental is a community that publishes articles and tutorials about Web, Android, Data Science, new techniques and Linux security.