🔐 Google Drive API Worker with OAuth 2.0

This Cloudflare Worker provides Google Drive API operations with OAuth 2.0 user authentication.

🚀 Quick Start - User Authentication:

Step 1: Visit /auth/google to start OAuth flow
Step 2: Grant permissions in Google's consent screen
Step 3: Copy your session ID from the success page
Step 4: Use session ID in X-Session-ID header for API calls

🔗 Start Authentication

⚙️ Setup Required:

OAuth 2.0 Configuration:

  1. Create Google OAuth 2.0 credentials in Google Cloud Console
  2. Enable Google Drive API for your project
  3. Add your worker domain to authorized redirect URIs
  4. Set environment variables:
    • GOOGLE_CLIENT_ID - Your OAuth client ID
    • GOOGLE_CLIENT_SECRET - Your OAuth client secret
    • GOOGLE_REDIRECT_URI - https://your-worker.workers.dev/auth/callback
  5. Create KV namespace: USER_SESSIONS and bind it to your worker

🔐 Authentication Endpoints:

GET /auth/google

Start OAuth 2.0 authentication flow - redirects to Google's consent screen

Query Parameters: ?state=optional_state (for security)

Browser Example:
https://your-worker.workers.dev/auth/google
GET /auth/callback

OAuth callback endpoint - handles the response from Google (don't call directly)

Returns HTML page with session ID on success

GET /auth/status

Check authentication status and token validity

Headers: X-Session-ID: your_session_id

Curl Example:
curl -H "X-Session-ID: your_session_id_here" \
  https://your-worker.workers.dev/auth/status
Example Response:
{
  "authenticated": true,
  "user": {
    "id": "123456789",
    "email": "user@example.com",
    "name": "John Doe",
    "picture": "https://..."
  },
  "expires_at": 1640995200000,
  "needs_refresh": false
}
POST /auth/refresh

Manually refresh expired access token

Headers: X-Session-ID: your_session_id

Curl Example:
curl -X POST -H "X-Session-ID: your_session_id_here" \
  https://your-worker.workers.dev/auth/refresh

📁 Drive API Endpoints:

Authentication: All endpoints require X-Session-ID header with a valid session ID

POST /create-folder

Create a new folder in Google Drive

Headers: X-Session-ID: your_session_id (required)

Request Body: {"name": "My Folder", "parentId": "optional_parent_folder_id"}

Curl Example:
curl -X POST https://your-worker.workers.dev/create-folder \
  -H "Content-Type: application/json" \
  -H "X-Session-ID: your_session_id_here" \
  -d '{"name": "My New Folder"}'
POST /upload-file

Upload a file to Google Drive

Headers: X-Session-ID: your_session_id (required)

Form Data Fields:

Curl Example:
curl -X POST https://your-worker.workers.dev/upload-file \
  -H "X-Session-ID: your_session_id_here" \
  -F "file=@/path/to/your/document.pdf" \
  -F "fileName=my-document.pdf"
GET /list-files

List files in Google Drive

Headers: X-Session-ID: your_session_id (required)

Query Parameters: ?folderId=folder_id (optional)

Curl Example:
curl -H "X-Session-ID: your_session_id_here" \
  https://your-worker.workers.dev/list-files
GET /list-folders

List only folders in Google Drive (excludes files)

Headers: X-Session-ID: your_session_id (required)

Query Parameters: ?parentId=folder_id (optional)

Curl Example:
curl -H "X-Session-ID: your_session_id_here" \
  https://your-worker.workers.dev/list-folders
POST /share-folder

Share a folder with specific users

Headers: X-Session-ID: your_session_id (required)

Request Body: {"folderId": "folder_id", "emails": ["user@example.com"], "role": "writer"}

Available roles: reader, writer, commenter

Curl Example:
curl -X POST https://your-worker.workers.dev/share-folder \
  -H "Content-Type: application/json" \
  -H "X-Session-ID: your_session_id_here" \
  -d '{
    "folderId": "1BxiMVs0XRA5nFMdKvBdBZjgmUUqptlbs74OgvE2upms",
    "emails": ["colleague@company.com"],
    "role": "writer"
  }'

🔄 Authentication Flow:

For End Users:

  1. Visit /auth/google in browser
  2. Sign in with Google account
  3. Grant Drive API permissions
  4. Copy session ID from success page
  5. Use session ID in API requests

For Developers:

  1. Redirect users to /auth/google
  2. Parse session ID from callback response
  3. Store session ID securely in your app
  4. Include in X-Session-ID header for API calls
  5. Handle token refresh automatically or manually

🔧 Features:

📋 Response Format:

All endpoints return JSON responses:

{
  "success": true,
  "data": { ... },
  // or on error:
  "error": "Error message"
}

⚠️ Important Notes:

🚀 Getting Started:

Ready to use? Start here:

1. 🔗 Authenticate with Google

2. Copy your session ID

3. Start making API calls with your session ID!

🔒 Security: