google-apigoogle-oauthgoogle-calendar-apigoogle-api-python-clientpython-telegram-bot

How to use Google Oauth2.0 to authenticate user via Telegram Bot


This is my first time interacting with Google API and I'm using python3.9 with this library Python Telegram Bot I want to access a user Google API Calendar via a telegram bot and I can't seem to find any article to guide me through it. My key problem (I think) is redirecting the success authorization flow back to telegram bot.

This is what I have in mind:

  1. In the telegram app, user send '/send' to bot
  2. Bot receive message and return a google an authorization link to user
  3. User clink on authorization link and allow access
  4. Bot receive authorization access and completes the Oauth flow

The problem lies betweeen step 3 and 4. A standard authorization link is https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=<clientid>&redirect_uri=<redirect_uri>&scope=<scope>&state<state>&access_type=offline

How do I send the authorization link back to my telegram bot? Should I create another API endpoint to receive that authorization link? Or can I send telegram api send_message() in the <redirect_uri> to redirect the success message to my bot.

Update 1

Thanks to CallMeStag, I manage to figure out a way to complete the oauth process. For people who faced the same problem, this is what I did Pre-requisite: Credentials is created in google console api - Web application. redirect_uri set as localhost:8000 (During development phase)

  1. User send '/send' to bot
  2. Bot receive message and return an authorization link
    https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=<clientid>&redirect_uri=http://localhost:8000/&scope=<scope>&state<state>&access_type=offline
  3. User click on link to authenticate and it will redirect to http://localhost:8000. Used fastapi as a webhook to receive the message. Capture the authorization code, use google.oauthlib.flow to complete the authorization process. Next, redirect user back to telegram link https://t.me/<botname>
  4. Start using user google calendar

Solution

  • It's currently indeed not very straight forward for a PTB-application to listen for external updates (the auth verification in this cas) - see also this issue. Currently it might be easiest for you to set up a custom webhook application that runs in parallel to the Updater - e.g. using flask/django/starlette/fastapi/…. Alternatively, if you're using webhooks for your bot anyway, you can patch the Updater to do the job for you. Although that requires some manual work - see here for an example.

    Once you are able to listen to updates coming from Google, handling them can be done via PTBs usual handler setup, specifically via the TypeHandler or even a custom Handler subclass - see this FAQ entry.

    Regarding the redirect url: You'll want to redirect your user back to your bot, so you'll have to provide a link that does that. Bot.link should probably do the trick.


    Disclaimer: I'm currently the maintainer of python-telegram-bot.