/
Google Drive

Google Drive

Introduction

This example shows how to create an access token required to download files from your Google Drive unit.

Briefing:

  1. Create a “jira/jose” module with the packed jose module embedded in this page.

  2. Create and download the Google Drive credentials file for authentication.

  3. Reemplace the credentials in the example code and save it as “jira/gdrive_token” module.

Dependencies

Jose

To access to a file in Google Drive you need JWT authentication:

Jose is JavaScript module for JSON Object Signing and Encryption, providing support for JSON Web Tokens (JWT), JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), JSON Web Key Set (JWKS), and more. The module is designed to work across various Web-interoperable runtimes including Node.js, browsers, Cloudflare Workers, Deno, Bun, and others.

We have packed it as an ESM module ready for JavaScript Runner:

Copy & paste it into the JS Console and save it with jose name.

You may also want to upload the .d.ts file from the JS Scripts listing to support autocompletion from the built-in Monaco Editor:

Example

Credentials

Follow these instructions to get your Google Drive credentials for a given fileId:

Open the Google Cloud Console:

  • Navigate to IAM & Admin:

image-20250619-161947.png

  • Select Service AccountsCreate service account

image-20250619-162412.png

  • Fill out the Service account name, and configure permissions and principals (optional). Then click Done:

image-20250619-162727.png

  • Manage keys for the service account

image-20250619-163146.png

  • Click Add key → Create new key

image-20250619-163435.png

  • Key type → JSON → Create

image-20250619-163701.png

  • The authentication file is automatically downloaded into your personal computer

  • Click Ctrl+J (in Chrome) to open the Download history page in your browser → Click Show in folder icon to access the credentials file:

image-20250619-164239.png

  • In the credentials file you can find the client_email data required in next step:

  • Open the file in Google Drive you want to read from JS Runner, and share it with the service account email above:

    • Click Share

    • Add the client_email above

    • Click Send

      image-20250619-165003.png

  • Set the permissions for the shared file:

image-20250619-165357.png

Code

import { SignJWT, importPKCS8 } from 'jira/jose'; export async function getGoogleDriveToken() { const credentials = //Copy here the content of the credentials file /* { "type": "service_account", "project_id": "...", "private_key_id": "...", "private_key": `-----BEGIN PRIVATE KEY----- ... -----END PRIVATE KEY-----`, "client_email": "..." }; */ const key = await importPKCS8(credentials.private_key, 'RS256'); const iat = Math.floor(Date.now() / 1000); const exp = iat + 3600; const jwt = await new SignJWT({ iss: credentials.client_email, scope: 'https://www.googleapis.com/auth/drive.readonly', aud: 'https://oauth2.googleapis.com/token', iat, exp }) .setProtectedHeader({ alg: 'RS256' }) .sign(key); // 2. Obtener token const tokenRes = await fetch('https://oauth2.googleapis.com/token', { method: 'POST', headers: { 'Content-Type': 'application/x-www-form-urlencoded' }, body: new URLSearchParams({ grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', assertion: jwt }).toString() }); const tokenData = await tokenRes.json(); const accessToken = tokenData.access_token; if (!accessToken) throw new Error('Invalid token:\n' + JSON.stringify(tokenData, null, 2)); return accessToken; }