Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: remove access token thats unnecessary (UA) #160

Merged
merged 4 commits into from
Mar 12, 2024
Merged

chore: remove access token thats unnecessary (UA) #160

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
2d2671c
remove access token from oauth creds
pnadolny13 Mar 11, 2024
8637fb9
remove unused import
pnadolny13 Mar 11, 2024
6f8de97
fix imports sort linting
pnadolny13 Mar 11, 2024
a074c4a
Merge branch 'main_deprecated_ua' into ua_branch_remove_access_token
edgarrmondragon Mar 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ pipx install tap-google-analytics

If you're setting up `tap-google-analytics` for your own organization and only plan to extract from a handful of different views in the same limited set of properties, Service Account based authorization is the simplest. When you create a service account Google gives you a json file with that service account's credentials called the `client_secrets.json`, and that's all you need to pass to this tap, and you only have to do it once, so this is the recommended way of configuring `tap-google-analytics`.

If you're building something where a wide variety of users need to be able to give access to their Google Analytics, `tap-google-analytics` can use an `access_token` granted by those users to authorize it's requests to Google. This `access_token` is produced by a normal Google OAuth flow, but this flow is outside the scope of `tap-google-analytics`. This is useful if you're integrating `tap-google-analytics` with another system, like Stitch Data might do to allow users to configure their extracts themselves without manual config setup. This tap expects an `access_token`, `refresh_token`, `client_id` and `client_secret` to be passed to it in order to authenticate as the user who granted the token and then access their data.
If you're building something where a wide variety of users need to be able to give access to their Google Analytics, `tap-google-analytics` can use an `access_token` granted by those users to authorize it's requests to Google. This `access_token` is produced by a normal Google OAuth flow, but this flow is outside the scope of `tap-google-analytics`. This is useful if you're integrating `tap-google-analytics` with another system, like Arch does to allow users to configure their extracts themselves without manual config setup. This tap expects an `access_token`, `refresh_token`, `client_id` and `client_secret` to be passed to it in order to authenticate as the user who granted the token and then access their data.

## Required Analytics Reporting APIs & OAuth Scopes

Expand Down
25 changes: 7 additions & 18 deletions tap_google_analytics/tap.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,8 @@
from pathlib import Path
from typing import List, Tuple

from google.oauth2.credentials import Credentials as OAuthCredentials
from googleapiclient.discovery import build
from oauth2client.client import GoogleCredentials
from oauth2client.service_account import ServiceAccountCredentials
from singer_sdk import Stream, Tap
from singer_sdk import typing as th # JSON schema typing helpers
Expand Down Expand Up @@ -53,15 +53,6 @@ class TapGoogleAnalytics(Tap):
th.Property(
"oauth_credentials",
th.ObjectType(
th.Property(
"access_token",
th.StringType,
description=(
"Google Analytics Access Token. See "
"https://developers.google.com/analytics/devguides/reporting/"
"core/v4/authorization#OAuth2Authorizing."
),
),
th.Property(
"refresh_token",
th.StringType,
Expand Down Expand Up @@ -107,14 +98,12 @@ class TapGoogleAnalytics(Tap):

def _initialize_credentials(self):
if self.config.get("oauth_credentials"):
return GoogleCredentials(
access_token=self.config["oauth_credentials"]["access_token"],
refresh_token=self.config["oauth_credentials"]["refresh_token"],
client_id=self.config["oauth_credentials"]["client_id"],
client_secret=self.config["oauth_credentials"]["client_secret"],
token_expiry=None, # let the library refresh the token if it is expired
token_uri="https://accounts.google.com/o/oauth2/token",
user_agent="tap-google-analytics (via singer.io)",
return OAuthCredentials.from_authorized_user_info(
{
"client_id": self.config["oauth_credentials"]["client_id"],
"client_secret": self.config["oauth_credentials"]["client_secret"],
"refresh_token": self.config["oauth_credentials"]["refresh_token"],
}
)
elif self.config.get("key_file_location"):
return ServiceAccountCredentials.from_json_keyfile_name(
Expand Down
Loading