I just had a discussion with @hhoechtl regarding Google Authentication.
We currently have an Oauth redirect mechanism based authentication in the Neos.GoogleAnalytics package.
And OneDrop recently released a package for connect with the Google Indexing Service (https://github.com/1drop/Onedrop.GoogleNotify) which requires storing a json with a set of Google Service Account credentials.
Now I’m currently building a Search Console integration into my Yoast package which also needs authentication.
Therefore we agreed, that it makes sense to create a Google Auth package that provides a storage and some basic mechanisms which all Google related packages can use.
The first method would be to add the JSON config via a command. But I also think about having a backend admin module where you can upload and check the credentials.
As the Analytics package is in the Neos namespace, I would have to put it also into the Neos namespace.
First question: Any objections to putting it into the Neos namespace?
Second question: Is anyone in favor of using the OAuth redirect mechanism instead of providing the credentials as JSON (https://cloud.google.com/docs/authentication/production#auth-cloud-implicit-php)?
Any other feedback or comments are very welcome
I think I wasn’t clear enough what I want to achieve.
Main thing is to simplify and unify the way packages interact with the Google API.
And the package should contain the least amount of features to be easily maintainable:
- Provide dependency to Google API
- Simple way to give credentials to Google Client (via environment or stored credentials)
- Client factory that is well configured for Neos
- Psr logging & caching configuration for Google Client
- Shell commands to test and check API
- Being able to get an overview which packages use the API
- Prevent packages from using different API versions and doing the same thing in different ways