Accessing Google Drive through Azure Function

Question

The task is to download google sheet in excel format and store it in Azure blob storage on timely basics using the Azure time trigger function.

Access Method to users google drive - OAuth Client ID.

I have created an Azure function locally and it works fine as expected and performs the task but when I deploy azure function I get this error.

Code for DriveService where the error occurs according to stack trace when deployed

public string[] Scopes = { DriveService.Scope.Drive, DriveService.Scope.DriveReadonly };
public DriveService GetService()
        {
              UserCredential _credential;
 //Error Occurs at line below
            Google.Apis.Auth.OAuth2.Flows.GoogleAuthorizationCodeFlow googleAuthFlow = new GoogleAuthorizationCodeFlow(new GoogleAuthorizationCodeFlow.Initializer()
            {
                ClientSecrets = new ClientSecrets
                {
                    ClientId = _config[Constant.ClientId],
                    ClientSecret = _config[Constant.ClientSecret],
                }
            });

            string FilePath = Path.GetDirectoryName(_driveCredentialsPath);

            _credential = GoogleWebAuthorizationBroker.AuthorizeAsync(
                googleAuthFlow.ClientSecrets,
                Scopes,
                "user",
                CancellationToken.None,
                new FileDataStore(FilePath, true)).Result;

            DriveService service = new DriveService(new BaseClientService.Initializer()
            {
                HttpClientInitializer = _credential,
                ApplicationName = Constant.ApplicationName,
            });
            return service;
        }

I think there are two situations where it can go wrong but I am not sure about it.

1. When I am running the application locally a consent screen appears and gives permission to access the drive. When this same function is running on azure who and how it will grant permission to access the drive.

I have provided my Azure App URL on Google OAuth Consent Screen as mentioned below to overcome this situation.

2. When I am running locally after giving permission to access drive it creates a TOKENRESPONSE-USER file a which consists of the access token, expiry date refresh token, and scope.

Is this possible that when the function is deployed it is unable to create a TOKENRESPONSE-USER file on azure function?

Please let me know why I am getting this error or do I need to change something in my process.

Answer 1

You can configure your function app to use Google login for authentication purposes when running on Azure. To achieve this you have to generate client id and client secret using the Google sign-in for server-side apps, using this connection you can store the tokens obtained in the token store. Please refer to this document to configure your function app to use Google Login, refer to this document regarding the token store and how to retrieve and refresh the token obtained.