How to log in using Google Oauth 2?

I’ve checked the related K6 documentation about Oauth 2 login, but there is nothing about logging in with Google Oauth 2.

I’ve also checked this on, the only usable thing was to log in using a service account and then allow access to certain user(s).

Also there are workarounds, like getting the refresh token from google.playground, or logging in manually then taking the access token and using in the test, but those need human interaction.

I am looking for a simple way to log in to the app, exchange get tokens dynamically with the google APIs than use the Bearer token in my app.

Is there any other way besides using a google service account?

Hi there,

I assume you’ve seen this article for authenticating with AAD and Okta. That didn’t work for you?

I’m not very familiar with OAuth or Google’s implementation, but is the main problem that the token expires? Have you tried passing the access_type=offline query arg to get an offline token as mentioned in their documentation? It seems you might be able to get a new access token via their API using that offline token.

A sample script of what you’ve tried so far and any errors you’re receiving would help with reproducing this and coming up with a solution. Or maybe @mostafa as the author of that article has a better idea for approaching this.

Hello @imiric,

Yes, I’ve checked the article, and looked for something similar, but I could not find a way to get a new access token.
Yes, you`re right, that was exactly the issue.

I’ve already got a solution, with a hint from one of my colleagues :slight_smile:

This is what I’ve got so far:

  1. Go to google.playground and Authorize the API.

    Set the scope, access_type=offline, clinet_id and client_secret. aslo set the redirect_uri in Google API console to for the same client_id.

  2. You should get an authorization_code. Exchange authorization code for tokens and you should also get the refresh_token.

These data should be visible in the Request section.

  1. Use the refresh_token to get a new access_token, token_type and bearer_token. Note: the tokens will expire in one hour.

See also some useful documentation from google:
more specifically: Refreshing an access token (offline access)