Using googleapi with 2.3 platform

stevemc · June 4, 2023, 5:43am

I am using googleapis in a serverless app to load mapping data from spreadsheets and also to log critical errors which our operations staff can access . I have bene using a whitelist entry to allow calls to googleapis in manifest.json. The mapping data is hundreds of rows that maps sales owners to country and several other mappings such as region, technical owner, etc.

manifest.json excerpt:

  "whitelisted-domains": [
    "https://*.myfreshworks.com",
    "https://www.googleapis.com"
  ],

I then make calls to googleapis from serverless app as follows:

First load the google APIs:

function loadGoogleAPI() {
  'use strict'
  var cred = new google.auth.JWT(
    keys.client_email, null, keys.private_key, ['https://www.googleapis.com/auth/spreadsheets']
  )
  cred.authorize(function(err, tokens) {
    if(err) {console.log('ERROR', err); return}
    if(null) console.log('TOKENS', tokens) // Suppress error about not using 'tokens'
  })
  gsapi = google.sheets({version: 'v4', auth: cred})
}

Then an example of a simple call:

async function appendRow(googlesheet_id, sheet_name, row) {
  var values = [ row ]
  const opt = {spreadsheetId: googlesheet_id, range: `${sheet_name}!A1:E1`,
    valueInputOption:'USER_ENTERED', resource: {values}}
  await gsapi.spreadsheets.values.append(opt)
}

Obviously we can’t convert googleapi into templates.

If I can’t continue this them all of our apps are dead in the water. We absolutely depend upon calling googleapis.

Can I continue to whitelist the googleapis in manifest.json?

kaustavdm · June 5, 2023, 7:08am

Since you are using a separate library to send the requests to Google APIs, you don’t need to convert them to templates. Templates (request method in general) are only necessary when you are handcrafting the HTTP requests. You can remove the “whitelisted-domains” property from “manifest.json”.

Michele · June 5, 2023, 7:16am

Hello @stevemc ,
from the documentation the new 2.3 manifest doesn’t need the “whitelisted-domains” property anymore.
Another thing you have to look for are request templates, if you don’t use them you won’t be able to deploy the app, so you will have to remove the requests property too.

stevemc · June 5, 2023, 10:30pm

Thank you all. This is a relief. I obviously just need to upgrade my FDK and try it but I’d like to confirm … so even thought the library is making HTTP connections, those domains do not need to be whitelisted/allowed in some way?

note: I do also make calls to Freshworks servers (CRM/Freshdesk). So I will still use requests template for that.