python - Oauth redirection URL is not dynamic

Question

my requirement is i need to authorize google users using OAuth2 dynamically upon every request and respond in personalized way.

The following is the process i followed## Heading ##

created project in google console

created Oauth Client ID in the following way

Application Type: web

Authorised JavaScript origins: http://localhost

Authorised redirect URIs: http://localhost:4000

downloaded as client_request.json

The following is the URL generated after running the below python code,

https://accounts.google.com/o/oauth2/auth?client_id=123456789123-lkhipfqkk6g224bnf7n9sfdsdfsdss.apps.googleusercontent.com&redirect_uri=http%3A%2F%2Flocalhost%3A4000%2F&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fgmail.settings.basic&access_type=offline&response_type=code

The issue we are facing is

The URL generated is same across all the users by which we are unable to process each request individually.

FYI: The following is the python code snippet

'''

 from apiclient import discovery
 from googleapiclient.discovery import build
 from googleapiclient import discovery
 from httplib2 import Http
 from oauth2client import file, client, tools
 from oauth2client.tools import argparser, run_flow
 args = argparser.parse_args()
 from oauth2client.file import Storage
 SCOPES = 'https://www.googleapis.com/auth/gmail.settings.basic'
 STORAGE = Storage('credentials.storage')
 credentials = STORAGE.get()
 args.noauth_local_webserver = True
 http = httplib2.Http()
 if not creds or creds.invalid:
    flow = client.flow_from_clientsecrets('client_secret.json', SCOPES)
 creds = tools.run_flow(flow, STORAGE,http=http)
 GMAIL = discovery.build('gmail', 'v1', http=creds.authorize(Http()))
 addresses = GMAIL.users().settings().sendAs().list(userId='me',
 fields='sendAs(isPrimary,sendAsEmail)').execute().get('sendAs')
 for address in addresses:
   if address.get('isPrimary'):
     break
 signature = {'signature':'<img src="https://server:4000/test.png" alt="aaa" width="200" height="200">'}

rsp = GMAIL.users().settings().sendAs().patch(userId='me',
sendAsEmail=address['sendAsEmail'], body=signature).execute()
print("Signature changed to '%s'" % rsp['signature'])   '''

Answer 1

I think you may have miss understood something about how Oauth works.

https://accounts.google.com/o/oauth2/auth?client_id=123456789123-lkhipfqkk6g224bnf7n9sfdsdfsdss.apps.googleusercontent.com&redirect_uri=http%3A%2F%2Flocalhost%3A4000%2F&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fgmail.settings.basic&access_type=offline&response_type=code

• client_id identifies your application to google
• redirect_uri the location of the file where you would like the authorization data returned to.
• scope the scope of authorization you would like access to
• access_type offline return a refresh token
• response_type this is a oauth thing basically telling the auth server what response you expect.

The URL above is the consent screen authorization for your application. This url will be the same for all users.

Depending upon which user your are logged in as withwhen you consent the application will dedicate which user you have access to.

How to handle different user logins

I am beginning to suspect that you are asking the wrong question. I suspect that your question is more related to how to have more then one user login and store the credentials for the different users. In which case you should be looking at code closer to this. Which would store the users credentials into a token.pickle and then load them again latter. You would of course have to change it so that the token for different users was stored rather than just a single user as this code probably does. Note: I am not a python developer i merely found this code, in one of the other google sample projects.

def main():
    """Shows basic usage of the Google Calendar API.
    Prints the start and name of the next 10 events on the user's calendar.
    """
    creds = None
    # The file token.pickle stores the user's access and refresh tokens, and is
    # created automatically when the authorization flow completes for the first
    # time.
    if os.path.exists('token.pickle'):
        with open('token.pickle', 'rb') as token:
            creds = pickle.load(token)
    # If there are no (valid) credentials available, let the user log in.
    if not creds or not creds.valid:
        if creds and creds.expired and creds.refresh_token:
            creds.refresh(Request())
        else:
            flow = InstalledAppFlow.from_client_secrets_file(
                'credentials.json', SCOPES)
            creds = flow.run_local_server(port=0)
        # Save the credentials for the next run
        with open('token.pickle', 'wb') as token:
            pickle.dump(creds, token)