I am using googleapis in a serverless app to load mapping data from spreadsheets and also to log critical errors which our operations staff can access . I have bene using a whitelist entry to allow calls to googleapis in manifest.json. The mapping data is hundreds of rows that maps sales owners to country and several other mappings such as region, technical owner, etc.
manifest.json excerpt:
"whitelisted-domains": [
"https://*.myfreshworks.com",
"https://www.googleapis.com"
],
I then make calls to googleapis from serverless app as follows:
First load the google APIs:
function loadGoogleAPI() {
'use strict'
var cred = new google.auth.JWT(
keys.client_email, null, keys.private_key, ['https://www.googleapis.com/auth/spreadsheets']
)
cred.authorize(function(err, tokens) {
if(err) {console.log('ERROR', err); return}
if(null) console.log('TOKENS', tokens) // Suppress error about not using 'tokens'
})
gsapi = google.sheets({version: 'v4', auth: cred})
}
Then an example of a simple call:
async function appendRow(googlesheet_id, sheet_name, row) {
var values = [ row ]
const opt = {spreadsheetId: googlesheet_id, range: `${sheet_name}!A1:E1`,
valueInputOption:'USER_ENTERED', resource: {values}}
await gsapi.spreadsheets.values.append(opt)
}
Obviously we can’t convert googleapi into templates.
If I can’t continue this them all of our apps are dead in the water. We absolutely depend upon calling googleapis.
Can I continue to whitelist the googleapis in manifest.json?