Server Configuration

Follow this guide in order to:

1. Enable AutoKitteh connections to use OAuth 2.0, instead of GCP service account JSON keys
2. Enable asynchronous events from Gmail and Google Forms

note

This guide assumes that the AutoKitteh server is already configured with HTTP tunneling.

Google Cloud Platform (GCP) Project

1. Create a new GCP project

   • Follow the instructions at: https://developers.google.com/workspace/guides/create-project
   • Quick link: https://console.cloud.google.com/projectcreate

2. Enable Google Workspace APIs in it

   • Follow the instructions at: https://developers.google.com/workspace/guides/enable-apis
   • Quick links
     • Calendar: https://console.cloud.google.com/apis/enableflow?apiid=calendar-json.googleapis.com
     • Chat: https://console.cloud.google.com/apis/enableflow?apiid=chat.googleapis.com
     • Cloud Pub/Sub: https://console.cloud.google.com/apis/library/pubsub.googleapis.com
     • Docs: https://console.cloud.google.com/apis/enableflow?apiid=docs.googleapis.com
     • Drive: https://console.cloud.google.com/apis/enableflow?apiid=drive.googleapis.com
     • Forms: https://console.cloud.google.com/apis/enableflow?apiid=forms.googleapis.com
     • Gmail: https://console.cloud.google.com/apis/enableflow?apiid=gmail.googleapis.com
     • Sheets: https://console.cloud.google.com/apis/enableflow?apiid=sheets.googleapis.com

OAuth Consent Screen

1. Create an OAuth consent screen for your GCP project

   • Follow the instructions at: https://developers.google.com/workspace/guides/configure-oauth-consent
   • Quick link: https://console.cloud.google.com/apis/credentials/consent

2. Specify authorized domains for it

   • The AutoKitteh server's public tunnel address (just the address, no https:// prefix, and no path suffix)

3. Add these permission scopes to it

   • Non-sensitive:
     • .../auth/userinfo.email
     • .../auth/userinfo.profile
     • openid
   • Sensitive:
     • .../auth/calendar
     • .../auth/calendar.events
     • .../auth/chat.memberships
     • .../auth/chat.messages
     • .../auth/chat.spaces
     • .../auth/forms.body
     • .../auth/forms.responses.readonly
     • .../auth/spreadsheets
   • Restricted:
     • .../auth/drive
     • .../auth/gmail.modify
     • .../auth/gmail.settings.basic

Credentials

1. Create an OAuth 2.0 Client ID

   • Follow the instructions at: https://developers.google.com/workspace/guides/create-credentials#oauth-client-id
   • Quick link: https://console.cloud.google.com/apis/credentials

2. Specific steps and settings

   • Click: + Create Credentials
   • Select: OAuth client ID
   • Application type: Web application
   • Authorized redirect URI:
     • https://PUBLIC-AK-ADDRESS/oauth/redirect/google
     • (PUBLIC-AK-ADDRESS is the AutoKitteh server's public tunnel address)

Cloud Pub/Sub

This is required if you wish to receive asynchronous events from Gmail and Google Forms.

1. Go to your GCP project's Cloud Pub/Sub page: https://console.cloud.google.com/cloudpubsub/topic/list

2. Click the CREATE TOPIC button at the top of the page

   
   
   
   • Topic ID: forms-notifications
   • Add a default subscription: No
   • Enable message retention: 10 minutes
   • Click the CREATE button
   
   

3. Permissions: click the ADD PRINCIPAL button

   
   
   
   • New principal: forms-notifications@system.gserviceaccount.com
   • Role: Pub/Sub Publisher
   • Click the SAVE button
   
   

4. Click the CREATE SUBSCRIPTION button

   

   • Subscription ID: forms-notifications-sub

     

   • Delivery type: Push

   • Endpoint URL: https://PUBLIC-AK-ADDRESS/googleforms/notif (PUBLIC-AK-ADDRESS is the AutoKitteh server's public tunnel address)

   • Enable authentication: Yes

     • https://cloud.google.com/pubsub/docs/push#authentication

   • Enable payload unwrapping: Yes

     • Write metadata: Yes
     
     

   • Message retention duration: 10 minutes

     

   • Expiration period: Never expire

     

   • Acknowledgement deadline: 10 seconds (default)

   • Message ordering: No (default)

   • Dead lettering: No (default)

   • Retry policy: Retry immediately (default)

   • Click the CREATE button

5. Repeat steps 1-4 with these changes:

   • Topic ID: gmail-api-push
     • Enable message retention: 10 minutes
   • New principal with the Pub/Sub Publisher role: gmail-api-push@system.gserviceaccount.com
   • Subscription ID: gmail-api-push-sub
     • Endpoint URL: https://PUBLIC-AK-ADDRESS/gmail/notif (PUBLIC-AK-ADDRESS is the AutoKitteh server's public tunnel address)
     • Everything else should be the same

Configure AutoKitteh

There are two equivalent options to configure the AutoKitteh server to interact with your GCP OAuth consent screen - choose the one most suited for your needs and constraints.

For more details, see the Configuration Methods page.

config.yaml File

Stay tuned!

Environment Variables

Set this environment variable, based on the AutoKitteh server's public tunnel address:

• WEBHOOK_ADDRESS
  • Just the address, without the https:// prefix, and without a path suffix

Also set this environment variables, based on the generated details in the credentials you created above:

• GOOGLE_CLIENT_ID
• GOOGLE_CLIENT_SECRET

Lastly, restart the AutoKitteh server for these settings to take effect.