How to handle urn:ietf:wg:oauth:2.0:oob redirect in Google Calendar API Authorization

Question

I am currently working on a installed desktop application implemented in java. I intend to integrate Google Calendar API into the application.

During the authorization procedure, I come to this stage where I am able to get the authorization code only through triggering a browser where the user consent page is displayed. Users then have to click "accept" and will be redirected to a webpage where the authorization code is presented. Users are to copy this code to the Eclipse System.in in order for the authorization process to continue (to exchange the authorization code for a TokenResponse).

My question is that how can I simplify this process so that the user won't have to do this stupid copy-and-paste stuff for the authorization code to be received? (This won't work anyway, if the project is compiled into a jar file...) Currently all I know is that I will need to provide a callbackurl or something, I just can't figure this out. Therefore, I would appreciate a more concrete answer, rather than simply tell me the concepts.

Thanks in advance.

Answer 1

You have to use a service account (which comes with a private key) in order to skip the step involving user interaction. There is a detailed guide about this here.

Answer 2

The oauth2 authorization grant flow (I think, that's what you are doing) defines that your application gets the flow back via a HTTP redirect.

It's like this:

1. Your application opens a socket and listens there for HTTP requests
2. It now opens the browser and lets the user enter his/her credentials
3. The user clicks submit and sends the credentials to the oauth server
4. The server checks the credentials and, if correct, redirects the browser to your application (to the socket you opened in 1.)
5. Your application gets the auth code from the browser and exchanges it with the access ticket.

To let the server know where to redirect to, you use the oauth parameter redirect_uri in step 2.