How to trigger a Web App from another script?

1
votes

I deployed a Google Apps Script Web App which uses a service account to access the Google Directory. I deployed it that everyone has access to the app and that the app runs under the user executing it.

I would like to trigger this web app by calling the POST trigger from another app script which is part of a Google form. Something like this:

function onPost(){
var data = {
'name': 'Bob Smith',
'age': 35,
'pets': ['fido', 'fluffy']
};
var options = {
 'method' : 'post',
 'contentType': 'application/json',.
 'payload' : JSON.stringify(data)
};
var resp = UrlFetchApp.fetch('https://script.google.com/a/my.domain.com/m.../exec', options);

}

However, I get back:

Exception: Request failed for https://script.google.com returned code 401.

When I try to use the GET trigger with some query parameters the response back looks like a google sign in page.

How can I trigger my web app from another app script all in the same domain?

Updated code with token:

function onPost(){
var token = ScriptApp.getOAuthToken();
var data = {
'name': 'Bob Smith',
'age': 35,
'pets': ['fido', 'fluffy']
};
var options = {
 'headers':'Bearer '+token,
 'method' : 'post',
 'contentType': 'application/json',.
 'payload' : JSON.stringify(data)
};
var resp = UrlFetchApp.fetch('https://script.google.com/a/my.domain.com/m.../exec', options);

}
1
google-apps-scriptweb-applicationstriggersurlfetch
Doman does not matter here - since 401 is an " unauthorized" error, you have to, well, authorize the request. Only if you deploy as "me" and "anyone, even anonymous" will you get a public API. If you want the script to be run under user's authority, though, then you need to authorize it. You can get the bearer token with getOAuthToken(), btw. That would mean your users will have to give your first application permission to do staff on their behalf (must be sufficient to run the services in the Web App)Oleg Valter

1 Answers

3
votes

The response back looks like a Google sign-in page

This is because you received the 401 Unauthorized HTTP status code prompting you that the request should contain valid user credentials. Since Google primarily uses OAuth 2.0, you will need to include an Authorization header set to Bearer YourTokenHere.

As of recently, the OAuth token can be obtained via getOAuthToken(), which will contain a claim in its payload that will match scopes granted to the application that is making the request (either automatically or explicitly).

You can also use the official OAuth 2.0 library if you need more fine-grained control over token management, or build from scratch if you feel like it, the Utilities class has everything you need for generating a custom JWT.

I deployed it that everyone has access to the app and that the app runs under the user executing it

Web Apps have several deployment modes across two permission settings:

  1. "Execute the app as"
    • Me
    • User accessing the web app
  2. "Who has access to the app"
    • Only myself
    • Anyone
    • Anyone, even anonymous

Google won't let you just strip the security and expose a public API (which is a good thing), so if you want everyone to be able to access your Web App without authorization, you will have to authorize the script yourself and let your users access the application under your authority.

Only one combination of options allows you to do that:

Execute as me, access to anyone, even anonymous