Autoryzowanie żądań

Każde żądanie wysyłane przez aplikację do interfejsu Campaign Manager 360 API musi zawierać token autoryzacji. Token stanowi też dla Google identyfikator aplikacji.

Informacje o protokołach autoryzacji

Twoja aplikacja musi autoryzować żądania za pomocą protokołu OAuth 2.0. Inne protokoły nie są obsługiwane. Jeśli aplikacja używa funkcji Zaloguj się przez Google, niektórymi aspektami autoryzacji nie musisz się zajmować.

Autoryzowanie żądań za pomocą protokołu OAuth 2.0

Wszystkie żądania wysyłane do interfejsu Campaign Manager 360 API muszą być autoryzowane przez uwierzytelnionego użytkownika.

Szczegóły procesu autoryzacji z użyciem protokołu OAuth 2.0 różnią się nieznacznie w zależności od rodzaju projektowanej aplikacji. Do większości typów aplikacji ma zastosowanie ten ogólny proces:

  1. Gdy tworzysz aplikację, rejestrujesz ją, korzystając z konsoli interfejsów API Google. Następnie Google przekazuje informacje, które są potrzebne później, takie jak identyfikator klienta i tajny klucz klienta.
  2. Aktywuj interfejs Campaign Manager 360 API w konsoli interfejsów API Google. (jeśli interfejsu API nie ma na liście w konsoli, pomijasz ten krok).
  3. Gdy Twoja aplikacja potrzebuje dostępu do danych użytkownika, prosi Google o konkretny zakres dostępu.
  4. Google wyświetla użytkownikowi ekran zgody z prośbą o autoryzowanie dostępu aplikacji do niektórych danych.
  5. Jeśli użytkownik wyrazi zgodę, Google przekazuje Twojej aplikacji ważny przez krótki czas token dostępu.
  6. Aplikacja żąda danych użytkownika i dołącza do żądania token dostępu.
  7. Jeśli Google uzna, że żądanie i token są prawidłowe, przesyła dane, o które prosisz.

Niektóre procesy obejmują dodatkowe kroki, takie jak wykorzystanie tokenów odświeżania do uzyskania nowych tokenów dostępu. Szczegółowe informacje o procesach obowiązujących w przypadku różnych typów aplikacji znajdziesz w dokumencie Google na temat protokołu OAuth 2.0.

Oto informacje o zakresie protokołu OAuth 2.0 dla interfejsu Campaign Manager 360 API:

Zakres Znaczenie
https://www.googleapis.com/auth/dfatrafficking Uprawnienia do zapisu i odczytu trafikingu Campaign Managera 360.
https://www.googleapis.com/auth/dfareporting Uprawnienia do zapisu i odczytu raportów Campaign Managera 360.
https://www.googleapis.com/auth/ddmconversions Uprawnienia do zapisu i odczytu konwersji offline w usłudze Campaign Manager 360.

Aby poprosić o dostęp przy użyciu protokołu OAuth 2.0, aplikacja potrzebuje danych z zakresu oraz informacji przekazywanych przez Google po zarejestrowaniu aplikacji (takich jak identyfikator klienta i tajny klucz klienta).

Wskazówka: biblioteki klienta interfejsów API Google mogą wykonać niektóre procesy autoryzacji za Ciebie. Są dostępne dla różnych języków programowania. Więcej szczegółów znajdziesz na stronie z bibliotekami i próbkami.

Przykłady

C#

Poniżej znajduje się fragment naszego przykładowego projektu.NET, w którym zaimplementowano zainstalowaną aplikację wykorzystującą bibliotekę klienta interfejsu API Google dla .NET.

/*
 * Copyright 2015 Google Inc
 *
 * Licensed under the Apache License, Version 2.0(the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *    http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
*/

using System;
using System.Collections.Generic;
using System.Threading;
using Google.Apis.Auth.OAuth2;
using Google.Apis.Dfareporting.v4;
using Google.Apis.Services;
using Google.Apis.Util.Store;

namespace DfaReporting.Samples {
  /// <summary>
  /// Factory for generating DFA Reporting and Trafficking API service objects.
  /// </summary>
  class DfaReportingFactory {
    /// <summary>
    /// The scopes used to make reporting and trafficking requests.
    /// </summary>
    private static readonly IEnumerable<string> scopes = new[] {
      DfareportingService.Scope.Dfareporting,
      DfareportingService.Scope.Dfatrafficking,
      DfareportingService.Scope.Ddmconversions
    };

    /// <summary>
    /// Authorizes the application to access users' protected data.
    /// </summary>
    private static ICredential Authorize() {
      // Load application default credentials if they're available.
      ICredential credential = LoadApplicationDefaultCredentials();

      // Otherwise, load credentials from the provided client secrets file.
      if (credential == null) {
        credential = LoadUserCredentials("client_secrets.json",
            new FileDataStore("DfaReporting.Samples"));
      }

      return credential;
    }

    /// <summary>
    /// Attempts to load the application default credentials
    /// </summary>
    /// <returns>The application default credentials, or null if none were found.</returns>
    private static ICredential LoadApplicationDefaultCredentials() {
      try {
         GoogleCredential credential = GoogleCredential.GetApplicationDefaultAsync().Result;
         return credential.CreateScoped(scopes);
      } catch (Exception) {
        // No application default credentials, continue to try other options.
      }

      return null;
    }
    
    /// <summary>
    /// Attempts to load user credentials from the provided client secrets file and persists data to
    /// the provided data store.
    /// </summary>
    /// <returns>The user credentials.</returns>
    /// <param name="clientSecretsFile">Path to the file containing client secrets.</param>
    /// <param name="dataStore">The data store to use for caching credential information.</param>
    private static ICredential LoadUserCredentials(String clientSecretsFile, IDataStore dataStore) {
      using (var stream = new System.IO.FileStream(clientSecretsFile, System.IO.FileMode.Open,
          System.IO.FileAccess.Read)) {
        return GoogleWebAuthorizationBroker.AuthorizeAsync(
            GoogleClientSecrets.Load(stream).Secrets,
            scopes,
            "dfa-user", CancellationToken.None,
            dataStore).Result;
      }
    }

    /// <summary>
    /// Initializes a <code>DfaReportingService</code> instance.
    /// </summary>
    /// <returns>An initialized <code>DfaReportingService</code> object.</returns>
    public static DfareportingService getInstance() {
      ICredential credential = Authorize();

      // Create and return the service.
      return new DfareportingService(new BaseClientService.Initializer {
        HttpClientInitializer = credential,
        ApplicationName = "DFA/DCM Reporting and Trafficking API Samples"
      });
    }
  }
}

Java

Poniżej znajduje się fragment naszego przykładowego projektu w języku Java, w którym użyto biblioteki klienta interfejsu API Google dla języka Java do wdrożenia procesu zainstalowanej aplikacji.

// Copyright 2014 Google Inc. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package com.google.api.services.samples.dfareporting;

import static java.nio.charset.StandardCharsets.UTF_8;

import com.google.api.client.auth.oauth2.Credential;
import com.google.api.client.extensions.java6.auth.oauth2.AuthorizationCodeInstalledApp;
import com.google.api.client.extensions.jetty.auth.oauth2.LocalServerReceiver;
import com.google.api.client.googleapis.auth.oauth2.GoogleAuthorizationCodeFlow;
import com.google.api.client.googleapis.auth.oauth2.GoogleClientSecrets;
import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
import com.google.api.client.googleapis.util.Utils;
import com.google.api.client.http.HttpTransport;
import com.google.api.client.json.JsonFactory;
import com.google.api.client.util.store.DataStoreFactory;
import com.google.api.client.util.store.FileDataStoreFactory;
import com.google.api.services.dfareporting.Dfareporting;
import com.google.api.services.dfareporting.DfareportingScopes;

import java.io.IOException;
import java.io.Reader;
import java.nio.file.Files;
import java.nio.file.Paths;

/**
 * Utility methods used by all DFA Reporting and Trafficking API samples.
 */
public class DfaReportingFactory {
  /** Directory to store user credentials. */
  private static final java.io.File DATA_STORE_DIR =
      new java.io.File(System.getProperty("user.home"), ".store/dfareporting_sample");

  private static final HttpTransport HTTP_TRANSPORT = Utils.getDefaultTransport();
  private static final JsonFactory JSON_FACTORY = Utils.getDefaultJsonFactory();

  /**
   * Authorizes the application to access users' protected data.
   *
   * @return An initialized {@link Credential} object.
   */
  private static Credential authorize() throws Exception {
    // Load application default credentials if they're available.
    Credential credential = loadApplicationDefaultCredentials();

    // Otherwise, load credentials from the provided client secrets file.
    if (credential == null) {
      String clientSecretsFile =
          DfaReportingFactory.class.getResource("/client_secrets.json").getFile();
      credential = loadUserCredentials(clientSecretsFile, new FileDataStoreFactory(DATA_STORE_DIR));
    }

    return credential;
  }

  /**
   * Attempts to load application default credentials.
   *
   * @return A {@link Credential} object initialized with application default credentials, or
   * {@code null} if none were found.
   */
  private static Credential loadApplicationDefaultCredentials() {
    try {
      GoogleCredential credential = GoogleCredential.getApplicationDefault();
      return credential.createScoped(DfareportingScopes.all());
    } catch (IOException ignored) {
      // No application default credentials, continue to try other options.
    }

    return null;
  }

  /**
   * Attempts to load user credentials from the provided client secrets file and persists data to
   * the provided data store.
   *
   * @param clientSecretsFile The path to the file containing client secrets.
   * @param dataStoreFactory he data store to use for caching credential information.
   * @return A {@link Credential} object initialized with user account credentials.
   */
  private static Credential loadUserCredentials(String clientSecretsFile,
      DataStoreFactory dataStoreFactory) throws Exception {
     // Load client secrets JSON file.
    GoogleClientSecrets clientSecrets;
    try (Reader reader = Files.newBufferedReader(Paths.get(clientSecretsFile), UTF_8)) {
      clientSecrets = GoogleClientSecrets.load(JSON_FACTORY, reader);
    }

    // Set up the authorization code flow.
    GoogleAuthorizationCodeFlow flow = new GoogleAuthorizationCodeFlow.Builder(HTTP_TRANSPORT,
        JSON_FACTORY, clientSecrets, DfareportingScopes.all())
        .setDataStoreFactory(dataStoreFactory)
        .build();

    // Authorize and persist credential information to the data store.
    return new AuthorizationCodeInstalledApp(flow, new LocalServerReceiver()).authorize("user");
  }

  /**
   * Performs all necessary setup steps for running requests against the API.
   * 
   * @return An initialized {@link Dfareporting} service object.
   */
  public static Dfareporting getInstance() throws Exception {
    Credential credential = authorize();

    // Create Dfareporting client.
    return new Dfareporting.Builder(HTTP_TRANSPORT, JSON_FACTORY, credential).setApplicationName(
        "dfareporting-java-samples").build();
  }
}

PHP

Poniżej znajduje się fragment naszego przykładowego projektu w języku PHP, w którym zaimplementowano proces aplikacji internetowej wykorzystujący bibliotekę klienta interfejsu API Google dla języka PHP.

<?php
/*
 * Copyright 2015 Google Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

/**
 * Implements the examples execution flow.
 * Load this file with no parameters to get the list of available examples.
 */
require_once __DIR__ . '/vendor/autoload.php';
require_once 'htmlHelper.php';

session_start();

// Configure token storage on disk.
// If you want to store refresh tokens in a local disk file, set this to true.
define('STORE_ON_DISK', false, true);
define('TOKEN_FILENAME', 'tokens.dat', true);

// Set up authentication
$client = new Google_Client();
$client->setApplicationName(
    'DCM/DFA Reporting and Trafficking API PHP Samples'
);
$client->addScope(Google_Service_Dfareporting::DFAREPORTING);
$client->addScope(Google_Service_Dfareporting::DFATRAFFICKING);
$client->addScope(Google_Service_Dfareporting::DDMCONVERSIONS);
$client->setAccessType('offline');

if (getenv('GOOGLE_APPLICATION_CREDENTIALS')) {
    $client->useApplicationDefaultCredentials();
} else {
    // Be sure to replace the contents of client_secrets.json with your developer
    // credentials.
    $client->setAuthConfigFile('client_secrets.json');
}

// Create service.
$service = new Google_Service_Dfareporting($client);

// If we're logging out we just need to clear our local access token.
// Note that this only logs you out of the session. If STORE_ON_DISK is
// enabled and you want to remove stored data, delete the file.
if (isset($_REQUEST['logout'])) {
    unset($_SESSION['access_token']);
}

// If we have a code back from the OAuth 2.0 flow, we need to exchange that
// with the authenticate() function. We store the resultant access token
// bundle in the session (and disk, if enabled), and redirect to this page.
if (isset($_GET['code'])) {
    $client->authenticate($_GET['code']);
    // Note that "getAccessToken" actually retrieves both the access and refresh
    // tokens, assuming both are available.
    $_SESSION['access_token'] = $client->getAccessToken();
    if (STORE_ON_DISK) {
        file_put_contents(TOKEN_FILENAME, json_encode($_SESSION['access_token']));
    }
    $redirect = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
    header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
    exit;
}

// If we have an access token, we can make requests, else we generate an
// authentication URL.
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
    $client->setAccessToken($_SESSION['access_token']);
} elseif (STORE_ON_DISK && file_exists(TOKEN_FILENAME) &&
    filesize(TOKEN_FILENAME) > 0) {
    // Note that "setAccessToken" actually sets both the access and refresh token,
    // assuming both were saved.
    $client->setAccessToken(file_get_contents(TOKEN_FILENAME));
    $_SESSION['access_token'] = $client->getAccessToken();
} else {
    // If we're doing disk storage, generate a URL that forces user approval.
    // This is the only way to guarantee we get back a refresh token.
    if (STORE_ON_DISK) {
        $client->setApprovalPrompt('force');
    }
    $authUrl = $client->createAuthUrl();
}

$pageTitle = sprintf(
    'DCM/DFA Reporting and Trafficking API %s PHP usage samples',
    $service->version
);
printHtmlHeader($pageTitle);

if (isset($authUrl)) {
    // No access token found, show the link to generate one
    printf("<a class='login' href='%s'>Login!</a>", $authUrl);
} else {
    print "<a class='logout' href='?logout'>Logout</a>";
}

if ($client->getAccessToken()) {
    // If the action is set, dispatch the action if supported
    if (isset($_GET['action'])) {
        $action = decodeActionString($_GET['action']);
        if (!isValidAction($action)) {
            die('Unsupported action: ' . $_GET['action'] . "\n");
        }

        displayAction($action);
    } else {
        // Show the list of links to supported actions.
        printExamplesIndex(getSupportedActions());
        printHtmlFooter();
    }

    // Note that we re-store the access_token bundle, just in case anything
    // changed during the request - the main thing that might happen here is the
    // access token itself is refreshed if the application has offline access.
    $_SESSION['access_token'] = $client->getAccessToken();
}

/**
 * Displays the requested action.
 */
function displayAction($action)
{
    global $service;

    // Render the required action.
    include_once 'examples/' . $action[0] . '/' . $action[1] . '.php';
    $class = $action[1];
    $example = new $class($service);
    printHtmlHeader($example->getName());
    try {
        $example->execute();
    } catch (Google_Exception $ex) {
        print_r($ex);
        print 'An error as occurred while calling the example:<br/>';
        print $ex->getMessage();
    }
    printSampleHtmlFooter();
}

/**
 * Determines whether the requested action is in our list of supported actions.
 */
function isValidAction($action)
{
    $actions = getSupportedActions();

    if (array_key_exists($action[0], $actions)) {
        $section = $actions[$action[0]];
        if (in_array($action[1], $section)) {
            return true;
        }
    }

    return false;
}

/**
 * Decodes an action string passed as a URL parameter into a section and action
 * pair.
 */
function decodeActionString($actionString)
{
    $parts = explode(':', $actionString);
    if (count($parts) != 2) {
        die('Invalid action specified.');
    }

    return $parts;
}

/**
 * Builds an array containing the supported actions, separated into sections.
 */
function getSupportedActions()
{
    $actions = [];

    foreach (glob('examples/*/*.php') as $file) {
        $dir = dirname($file);
        $section = substr($dir, strrpos($dir, '/') + 1);

        if (!array_key_exists($section, $actions)) {
            $actions[$section] = [];
        }

        $actions[$section][] = basename($file, '.php');
    }

    return $actions;
}

Python

Poniżej znajduje się fragment naszego przykładowego projektu w języku Python, w którym użyto biblioteki klienta interfejsów API Google dla języka Python do wdrożenia przepływu pracy zainstalowanej aplikacji.

#!/usr/bin/python
#
# Copyright 2015 Google Inc. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

"""Handles common tasks across all API samples."""

import argparse
import os

from googleapiclient import discovery
import httplib2
from oauth2client import client
from oauth2client import file as oauthFile
from oauth2client import tools


API_NAME = 'dfareporting'
API_VERSION = 'v4'
API_SCOPES = ['https://www.googleapis.com/auth/dfareporting',
              'https://www.googleapis.com/auth/dfatrafficking',
              'https://www.googleapis.com/auth/ddmconversions']

# Filename used for the credential store.
CREDENTIAL_STORE_FILE = API_NAME + '.dat'


def get_arguments(argv, desc, parents=None):
  """Validates and parses command line arguments.

  Args:
    argv: list of strings, the command-line parameters of the application.
    desc: string, a description of the sample being executed.
    parents: list of argparse.ArgumentParser, additional command-line parsers.

  Returns:
    The parsed command-line arguments.
  """
  # Include the default oauth2client argparser
  parent_parsers = [tools.argparser]

  if parents:
    parent_parsers.extend(parents)

  parser = argparse.ArgumentParser(
      description=desc,
      formatter_class=argparse.RawDescriptionHelpFormatter,
      parents=parent_parsers)
  return parser.parse_args(argv[1:])


def load_application_default_credentials():
  """Atempts to load application default credentials.

  Returns:
    A credential object initialized with application default credentials or None
    if none were found.
  """
  try:
    credentials = client.GoogleCredentials.get_application_default()
    return credentials.create_scoped(API_SCOPES)
  except client.ApplicationDefaultCredentialsError:
    # No application default credentials, continue to try other options.
    pass


def load_user_credentials(client_secrets, storage, flags):
  """Attempts to load user credentials from the provided client secrets file.

  Args:
    client_secrets: path to the file containing client secrets.
    storage: the data store to use for caching credential information.
    flags: command-line flags.

  Returns:
    A credential object initialized with user account credentials.
  """
  # Set up a Flow object to be used if we need to authenticate.
  flow = client.flow_from_clientsecrets(
      client_secrets,
      scope=API_SCOPES,
      message=tools.message_if_missing(client_secrets))

  # Retrieve credentials from storage.
  # If the credentials don't exist or are invalid run through the installed
  # client flow. The storage object will ensure that if successful the good
  # credentials will get written back to file.
  credentials = storage.get()
  if credentials is None or credentials.invalid:
    credentials = tools.run_flow(flow, storage, flags)

  return credentials


def setup(flags):
  """Handles authentication and loading of the API.

  Args:
    flags: command-line flags obtained by calling ''get_arguments()''.

  Returns:
    An initialized service object.
  """
  # Load application default credentials if they're available.
  credentials = load_application_default_credentials()

  # Otherwise, load credentials from the provided client secrets file.
  if credentials is None:
    # Name of a file containing the OAuth 2.0 information for this
    # application, including client_id and client_secret, which are found
    # on the Credentials tab on the Google Developers Console.
    client_secrets = os.path.join(os.path.dirname(__file__),
                                  'client_secrets.json')
    storage = oauthFile.Storage(CREDENTIAL_STORE_FILE)
    credentials = load_user_credentials(client_secrets, storage, flags)

  # Authorize HTTP object with the prepared credentials.
  http = credentials.authorize(http=httplib2.Http())

  # Construct and return a service object via the discovery service.
  return discovery.build(API_NAME, API_VERSION, http=http)

Ruby

Poniżej znajduje się fragment naszego przykładowego projektu w języku Ruby, w którym zaimplementowano zainstalowaną aplikację wykorzystującą bibliotekę klienta interfejsu API Google dla języka Ruby.

#!/usr/bin/env ruby

#
# Copyright:: Copyright 2016, Google Inc. All Rights Reserved.
#
# License:: Licensed under the Apache License, Version 2.0 (the "License");
#           you may not use this file except in compliance with the License.
#           You may obtain a copy of the License at
#
#           http://www.apache.org/licenses/LICENSE-2.0
#
#           Unless required by applicable law or agreed to in writing, software
#           distributed under the License is distributed on an "AS IS" BASIS,
#           WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
#           implied.
#           See the License for the specific language governing permissions and
#           limitations under the License.
#
# Handles common tasks across all DFA Reporting API samples.

require 'google/apis/dfareporting_v4'
require 'googleauth'
require 'googleauth/stores/file_token_store'

# Utility methods used by all DFA Reporting and Trafficking API samples.
module DfareportingUtils
  API_NAME = 'dfareporting'.freeze
  API_NAMESPACE = Google::Apis::DfareportingV4
  API_SCOPES = [
    API_NAMESPACE::AUTH_DDMCONVERSIONS,
    API_NAMESPACE::AUTH_DFAREPORTING,
    API_NAMESPACE::AUTH_DFATRAFFICKING
  ].freeze

  CLIENT_SECRETS_FILE = 'client_secrets.json'.freeze
  CREDENTIAL_STORE_FILE = "#{API_NAME}-oauth2.yaml".freeze
  CREDENTIAL_STORE_PATH = File.dirname(__FILE__)

  # This redirect URI allows you to copy the token from the success screen.
  OAUTH_REDIRECT_URI = 'urn:ietf:wg:oauth:2.0:oob'.freeze

  # Handles validating command line arguments and returning them as a Hash
  def self.parse_arguments(argument_values, *argument_names)
    validate_arguments(argument_values, *argument_names)
    generate_argument_map(argument_values, *argument_names)
  end

  # Validates the number of command line arguments matches what was expected
  def self.validate_arguments(argument_values, *argument_names)
    return if argument_values.length == argument_names.length

    # Format the arguments for display (ie, '<profile_id>')
    formatted_arguments = argument_names.map { |a| '<' + a.to_s + '>' }

    # Display a message to the user and exit
    puts format('Usage: %s %s', $PROGRAM_NAME, formatted_arguments.join(' '))
    exit
  end
  private_class_method :validate_arguments

  # Converts parallel arrays of argument names and values into a single map
  def self.generate_argument_map(argument_values, *argument_names)
    ret = {}
    argument_names.each_with_index do |arg, index|
      ret[arg] = argument_values[index]
    end
    ret
  end
  private_class_method :generate_argument_map

  # Handles authentication and loading of the API.
  def self.initialize_service
    # Uncomment the following lines to enable logging.
    # log_file = File.open("#{$0}.log", 'a+')
    # log_file.sync = true
    # logger = Logger.new(log_file)
    # logger.level = Logger::DEBUG
    # Google::Apis.logger = logger # Logging is set globally

    # Create an API Service object.
    service = create_service_object

    # Load application default credentials if they're available.
    authorization = authorize_application_default_credentials

    # Otherwise, load credentials from the provided client secrets file.
    authorization = authorize_installed_application if authorization.nil?

    # If no credentials could be loaded, return an error.
    if authorization.nil?
      puts 'Could not load credentials. Enter client ID and secret from ' \
           'https://console.developers.google.com/ into client_secrets.json.'
      exit
    end

    service.authorization = authorization
    service
  end

  # Returns an instance of the Dfareporting service without authentication.
  def self.create_service_object
    service = API_NAMESPACE::DfareportingService.new
    service.client_options.application_name = "Ruby #{API_NAME} samples"
    service.client_options.application_version = '1.0.0'

    service
  end
  private_class_method :create_service_object

  # Attempts to load application default credentials and return an
  # authorization object that can be used to make requests.
  def self.authorize_application_default_credentials
    Google::Auth.get_application_default(API_SCOPES)
  rescue StandardError
    # No application default credentials, continue to try other options.
    nil
  end
  private_class_method :authorize_application_default_credentials

  # Handles authorizing a user via the OAuth installed application flow and
  # returns an authorization object that can be used to make requests.
  def self.authorize_installed_application
    # Load the client secrets.
    client_id = load_client_secrets
    return nil if client_id.nil?

    # FileTokenStore stores auth credentials in a file, so they survive
    # multiple runs of the application. This avoids prompting the user for
    # authorization every time the access token expires, by remembering the
    # refresh token.
    #
    # Note: FileTokenStore is not suitable for multi-user applications.
    token_store = Google::Auth::Stores::FileTokenStore.new(
      file: File.join(CREDENTIAL_STORE_PATH, CREDENTIAL_STORE_FILE)
    )

    authorizer = Google::Auth::UserAuthorizer.new(client_id, API_SCOPES,
      token_store)

    authorization = authorizer.get_credentials('default')
    if authorization.nil?
      puts format(
        "Open this URL in your browser and authorize the application.\n\n%s" \
        "\n\nEnter the authorization code:",
        authorizer.get_authorization_url(base_url: OAUTH_REDIRECT_URI)
      )
      code = STDIN.gets.chomp
      authorization = authorizer.get_and_store_credentials_from_code(
        base_url: OAUTH_REDIRECT_URI, code: code, user_id: 'default'
      )
    end

    authorization
  end
  private_class_method :authorize_installed_application

  def self.load_client_secrets
    # Load client ID from the specified file.
    client_id = Google::Auth::ClientId.from_file(
      File.join(CREDENTIAL_STORE_PATH, CLIENT_SECRETS_FILE)
    )

    if client_id.id.start_with?('[[INSERT') ||
       client_id.secret.start_with?('[[INSERT')
      return nil
    end

    client_id
  rescue StandardError
    # Unable to load client_secrets.json.
    nil
  end
  private_class_method :load_client_secrets
end