36915a3f75
Some checks failed
Build and Deploy / build (push) Has been cancelled
- Updated monitor.py to support both OAuth and Service Account - Created setup-oauth-local.py for easy local authorization - Created cronjob-oauth.yaml for OAuth-based deployment - Updated README with both authentication options - OAuth is now the recommended method (no key file needed)
165 lines
4.9 KiB
Python
165 lines
4.9 KiB
Python
#!/usr/bin/env python3
|
|
"""
|
|
OAuth Setup for Google Search Console Monitoring
|
|
Run this locally (not on the server) to generate OAuth credentials
|
|
"""
|
|
|
|
import os
|
|
import json
|
|
import webbrowser
|
|
from pathlib import Path
|
|
|
|
|
|
def setup_oauth():
|
|
"""Interactive OAuth setup"""
|
|
|
|
print("=" * 70)
|
|
print("GOOGLE SEARCH CONSOLE - OAUTH 2.0 SETUP")
|
|
print("=" * 70)
|
|
print()
|
|
print("This method uses OAuth 2.0 (no service account key needed)")
|
|
print("You'll authenticate once with your Google account.")
|
|
print()
|
|
|
|
# Step 1: Enable API
|
|
print("STEP 1: Enable Search Console API")
|
|
print("-" * 70)
|
|
print("1. Go to: https://console.cloud.google.com")
|
|
print("2. Create/select project: manoonoils-monitoring")
|
|
print("3. Go to: APIs & Services → Library")
|
|
print("4. Search: 'Google Search Console API'")
|
|
print("5. Click: Enable")
|
|
print()
|
|
input("Press Enter when you've enabled the API...")
|
|
|
|
# Step 2: Create OAuth credentials
|
|
print()
|
|
print("STEP 2: Create OAuth Credentials")
|
|
print("-" * 70)
|
|
print("1. Go to: APIs & Services → Credentials")
|
|
print("2. Click: Create Credentials → OAuth client ID")
|
|
print("3. Click: Configure Consent Screen")
|
|
print("4. User Type: External")
|
|
print("5. App name: ManoonOils GSC Monitor")
|
|
print("6. User support email: your-email@manoonoils.com")
|
|
print("7. Developer contact: your-email@manoonoils.com")
|
|
print("8. Click: Save and Continue (3 times)")
|
|
print("9. Click: Back to Dashboard")
|
|
print()
|
|
print("10. Back on Credentials page:")
|
|
print("11. Click: Create Credentials → OAuth client ID")
|
|
print("12. Application type: Desktop app")
|
|
print("13. Name: GSC Desktop Client")
|
|
print("14. Click: Create")
|
|
print("15. Click: DOWNLOAD JSON")
|
|
print()
|
|
|
|
# Get the file path
|
|
json_path = input("Enter the path to the downloaded JSON file: ").strip()
|
|
|
|
if not os.path.exists(json_path):
|
|
print(f"❌ File not found: {json_path}")
|
|
return
|
|
|
|
# Load credentials
|
|
with open(json_path, "r") as f:
|
|
client_config = json.load(f)
|
|
|
|
# Step 3: Install dependencies and run auth
|
|
print()
|
|
print("STEP 3: Install Dependencies")
|
|
print("-" * 70)
|
|
print("Run these commands:")
|
|
print()
|
|
print(
|
|
" pip3 install google-auth google-auth-oauthlib google-auth-httplib2 google-api-python-client"
|
|
)
|
|
print()
|
|
input("Press Enter after installing...")
|
|
|
|
# Step 4: Authorization
|
|
print()
|
|
print("STEP 4: Authorize Application")
|
|
print("-" * 70)
|
|
print("Running authorization...")
|
|
|
|
# Import here so we can check if installed
|
|
try:
|
|
from google_auth_oauthlib.flow import InstalledAppFlow
|
|
from google.auth.transport.requests import Request
|
|
import pickle
|
|
except ImportError:
|
|
print("❌ Please install the required packages first (Step 3)")
|
|
return
|
|
|
|
SCOPES = ["https://www.googleapis.com/auth/webmasters.readonly"]
|
|
|
|
# Create flow
|
|
flow = InstalledAppFlow.from_client_secrets_file(
|
|
json_path,
|
|
SCOPES,
|
|
redirect_uri="urn:ietf:wg:oauth:2.0:oob", # For console-based auth
|
|
)
|
|
|
|
# Get authorization URL
|
|
auth_url, _ = flow.authorization_url(prompt="consent")
|
|
|
|
print()
|
|
print("📱 Open this URL in your browser:")
|
|
print(auth_url)
|
|
print()
|
|
|
|
# Try to open browser automatically
|
|
try:
|
|
webbrowser.open(auth_url)
|
|
print("(Browser should open automatically)")
|
|
except:
|
|
pass
|
|
|
|
# Get the code
|
|
print()
|
|
code = input("Enter the authorization code from the browser: ").strip()
|
|
|
|
# Exchange code for credentials
|
|
flow.fetch_token(code=code)
|
|
creds = flow.credentials
|
|
|
|
# Save credentials
|
|
creds_info = {
|
|
"token": creds.token,
|
|
"refresh_token": creds.refresh_token,
|
|
"token_uri": creds.token_uri,
|
|
"client_id": creds.client_id,
|
|
"client_secret": creds.client_secret,
|
|
"scopes": creds.scopes,
|
|
}
|
|
|
|
output_file = "gsc-oauth-credentials.json"
|
|
with open(output_file, "w") as f:
|
|
json.dump(creds_info, f, indent=2)
|
|
|
|
print()
|
|
print("=" * 70)
|
|
print("✅ SUCCESS! OAuth credentials saved to:", output_file)
|
|
print("=" * 70)
|
|
print()
|
|
print("NEXT STEPS:")
|
|
print("1. Copy this file to your server:")
|
|
print(f" scp {output_file} doorwaysftw:/tmp/")
|
|
print()
|
|
print("2. Create Kubernetes secret:")
|
|
print(" ssh doorwaysftw")
|
|
print(" kubectl create secret generic gsc-oauth-credentials \\")
|
|
print(" --namespace=manoonoils \\")
|
|
print(" --from-file=oauth-credentials.json=/tmp/gsc-oauth-credentials.json")
|
|
print()
|
|
print("3. Deploy monitoring:")
|
|
print(" kubectl apply -f scripts/gsc-monitoring/cronjob-oauth.yaml")
|
|
print()
|
|
print("Your refresh token is valid indefinitely (until revoked).")
|
|
print("The monitoring will run automatically every day!")
|
|
|
|
|
|
if __name__ == "__main__":
|
|
setup_oauth()
|