Accessing private calendars with the Calendar API v3

A quick update: got it working with partially relying on the gauth module.
Looking into an implementation that only relies on the google-php-api-client.

The solution will rely on a one-time authentication to allow the module to query your calendars on your behalf.
A normal authentication would get you an oauth2 token which is only valid for 1 hour, which is not all that useful.
A setup with a refresh token will allow the module to get a new oauth2 token when the previous has been invalidated.

I would prefer to work without a dependency on a different module (gauth in this case), unless someone would have a good reason why relying on the other module is a better approach ?

gooddesignusa: thanks ! I remember doing something with a key before, but I hadn't remembered about it.
Looks like there would be two different ways to go about. Interesting indeed :)

Right, another update on which i could use some input:

I've learned about two approaches:

- Using a service account & p12 private keyfile. This approach seemed to work at first, but unfortunately it turns out that a service account can only be allowed to read private calendars when it has cleared security settings on a Google App domain. To be able to do this, you will need to have a paying Google account, which shouldn't be a requirement IMHO.

- Using a Client ID for web application from the Google Developers console.
To manage the Client ID settings for your web application, i've already mentioned the gauth module.
After looking more into it, i would prefer leveraging this module, since it already does a good job of storing the previously mentioned Client ID settings.
It also does a good job of doing the one-time oauth2 workflow needed for giving your app Calendar access and getting an access token back.

What it is currently missing though (but available in a patch) is a way to get offline access to a Google Calendar. Because Google by default hands out acces tokens that are only valid for 3600 seconds, you need a refresh token to refresh your access token when needed. You need to specifically specify the 'offline' access type to achieve this.

Sidethoughts: I have got this working in code, but to be flexible, you would need to use a specific set of Client ID settings for the Agenda module.

You could do this by requiring a gauth Google Account entry with a specific name (fi AGENDA). That way, the new code would go looking for that entry, and if it wasn't found, it would throw an error.

You could also extend the agenda module, and allow each agenda to specificy which Client ID to use for fetching its data.
The good thing about the last approach would be that you could have several agenda's in your site for private calendars from different accounts.
One Client ID entry can only access private calendars for the account it is related to.

Any thoughts ? If interested, i could post some steps/screenshots/code somewhere to illustrate my post and progress :)