In this post, I will show you the function that I created to authorise requests to the Google Search Console API using OAuth 2.0.
To run this API, you will need to get a client_secrets.json
file with your credentials. Check out how you can get Google Search Console OAuth Credentials.
Import Libraries
To run the OAuth 2.0 authentication you will need to install and import all those libraries.
Alternatively, you can clone the Github Repository that I made and run:
$ pip install -r requirements.txt
import argparse
import httplib2
import requests
from collections import defaultdict
from dateutil import relativedelta
from googleapiclient.discovery import build
from oauth2client import client
from oauth2client import file
from oauth2client import tools
Define OAuth Function
The authorize_creds()
function will check the credentials file and define a .dat
file to save authorised credentials so you don’t have to go through the login process each time.
def authorize_creds(creds,authorizedcreds='authorizedcreds.dat'):
'''
Authorize credentials using OAuth2.
'''
print('Authorizing Creds')
# Variable parameter that controls the set of resources that the access token permits.
SCOPES = ['https://www.googleapis.com/auth/webmasters.readonly']
# Path to client_secrets.json file
CLIENT_SECRETS_PATH = creds
# Create a parser to be able to open browser for Authorization
parser = argparse.ArgumentParser(
formatter_class=argparse.RawDescriptionHelpFormatter,
parents=[tools.argparser])
flags = parser.parse_args([])
# Creates an authorization flow from a clientsecrets file.
# Will raise InvalidClientSecretsError for unknown types of Flows.
flow = client.flow_from_clientsecrets(
CLIENT_SECRETS_PATH, scope = SCOPES,
message = tools.message_if_missing(CLIENT_SECRETS_PATH))
# Prepare credentials and authorize HTTP
# If they exist, get them from the storage object
# credentials will get written back to the 'authorizedcreds.dat' file.
storage = file.Storage(authorizedcreds)
credentials = storage.get()
# If authenticated credentials don't exist, open Browser to authenticate
if credentials is None or credentials.invalid:
credentials = tools.run_flow(flow, storage, flags) # Add the valid creds to a variable
# Take the credentials and authorize them using httplib2
http = httplib2.Http() # Creates an HTTP client object to make the http request
http = credentials.authorize(http=http) # Sign each request from the HTTP client with the OAuth 2.0 access token
webmasters_service = build('searchconsole', 'v1', http=http) # Construct a Resource to interact with the API using the Authorized HTTP Client.
print('Auth Successful')
return webmasters_service
Run OAuth 2.0
To run the code, simply add your credentials and run authorize_creds()
. Once this is done you will be able to run Google Search Console API using the webmasters_service
variable.
if __name__ == '__main__':
creds = 'client_secrets.json'
webmasters_service = authorize_creds(creds)
The if name equals main line checks whether you are running the module or importing it. If you are importing it, authorize_creds()
will not run.
Run a simple GSC API Call
You can try to get verified properties to check whether the authentication with OAuth 2.0 worked or not.
def get_property_list(webmasters_service):
'''
Get a list of validated properties from GSC
'''
site_list = webmasters_service.sites().list().execute()
# Filter for verified websites
verified_sites_urls = [s['siteUrl'] for s in site_list['siteEntry']
if s['permissionLevel'] != 'siteUnverifiedUser'
and s['siteUrl'][:4] == 'http']
return verified_sites_urls
verified_sites_urls = get_property_list(webmasters_service)
The code above comes from the post “How to extract Verified Properties using Google Search Console API and Python“.
Full Code for the OAuth.py file
You can also get the full code on Github.
#!/usr/bin/env python
# oauth.py
# Authorize credentials using OAuth2.
# @author: Jean-Christophe Chouinard.
# @role: Sr. SEO Specialist at SEEK.com.au
# @website: jcchouinard.com
# @LinkedIn: linkedin.com/in/jeanchristophechouinard/
# @Twitter: twitter.com/@ChouinardJC
import argparse
import httplib2
import requests
from collections import defaultdict
from dateutil import relativedelta
from googleapiclient.discovery import build
from oauth2client import client
from oauth2client import file
from oauth2client import tools
def authorize_creds(creds,authorizedcreds='authorizedcreds.dat'):
'''
Authorize credentials using OAuth2.
'''
print('Authorizing Creds')
# Variable parameter that controls the set of resources that the access token permits.
SCOPES = ['https://www.googleapis.com/auth/webmasters']
# Path to client_secrets.json file
CLIENT_SECRETS_PATH = creds
# Create a parser to be able to open browser for Authorization
parser = argparse.ArgumentParser(
formatter_class=argparse.RawDescriptionHelpFormatter,
parents=[tools.argparser])
flags = parser.parse_args([])
# Creates an authorization flow from a clientsecrets file.
# Will raise InvalidClientSecretsError for unknown types of Flows.
flow = client.flow_from_clientsecrets(
CLIENT_SECRETS_PATH, scope = SCOPES,
message = tools.message_if_missing(CLIENT_SECRETS_PATH))
# Prepare credentials and authorize HTTP
# If they exist, get them from the storage object
# credentials will get written back to the 'authorizedcreds.dat' file.
storage = file.Storage(authorizedcreds)
credentials = storage.get()
# If authenticated credentials don't exist, open Browser to authenticate
if credentials is None or credentials.invalid:
credentials = tools.run_flow(flow, storage, flags) # Add the valid creds to a variable
# Take the credentials and authorize them using httplib2
http = httplib2.Http() # Creates an HTTP client object to make the http request
http = credentials.authorize(http=http) # Sign each request from the HTTP client with the OAuth 2.0 access token
webmasters_service = build('searchconsole', 'v1', http=http) # Construct a Resource to interact with the API using the Authorized HTTP Client.
print('Auth Successful')
return webmasters_service
# Create Function to execute your API Request
def execute_request(service, property_uri, request):
return service.searchanalytics().query(siteUrl=property_uri, body=request).execute()
if __name__ == '__main__':
creds = 'client_secrets.json'
webmasters_service = authorize_creds(creds)
Further Considerations
I just stumbled on this video helping to understand the risks of OAuth. In time, I will update it to add CSRF tokens.
For now, here you go for your own interest.
Here you go, you are now authenticated to authorize Requests to the Google Search Console API. Check the full guide on Python for SEO if you want to learn more Python SEO trick.
SEO Strategist at Tripadvisor, ex- Seek (Melbourne, Australia). Specialized in technical SEO. Writer in Python, Information Retrieval, SEO and machine learning. Guest author at SearchEngineJournal, SearchEngineLand and OnCrawl.