Can I deploy google app script project locally or from another platform?

Question

I am creating a web application using a google app script. In this application I integrated google sign in as a feature. When I deploy the app through the google app script IDE, everything is fine until I press the button "sign in with google" and it gives me an error which is saying mismatch with the JavaScript origin. When I try to add the JavaScript origin it will not accept it and says either it is invalid or it is forbidden. When I try to do that locally it works perfectly (I added the JavaScript origin as my localhost) but the rest of the functionalities like adding data to a spreadsheet does not work. I know that there is no solution for the first bit (to use the sign in button when I deploy the app through Google App Script IDE) because I have done exhaustive research about it. So, I was wondering if there is another way. like another platform that can support the deployment of my project, meaning there is no problem with the google sign in and the interaction with the google spreadsheet.

Answer 1

For security reasons, Google Apps Script sandboxes your HTML Service (see restrictions documentation). In the case of Content Services, it redirects to a different domain every time it’s executed (see documentation). Because of this, you have two options: use Google Apps Script to execute as the visiting user and to get a static site hosting.

1. Using Google Apps Script

Instead of running the calls to the APIs in the front end, you can make functions in Google Apps Script and then call them using google.script.run in the frontend. It will also simplify your code as all the OAuth is handled by Google Apps Script.

// Google Apps Script side
function doSomething() {
 const ss = SpreadsheetApp.openByUrl('…')
 // […]
 return result
}

And to call it I’d use something like:

// Client side
function doWork() {
 google.script.run
   .withSuccessHandler(successCallback)
   .doSomething() // Function name in the backend
}

Make sure to deploy the application with the option Execute as: with the value User accessing the web app so it’s not executed as you.

With this setup the user will be asked to give the required permissions before opening the page.

2. Use a web hosting

The second solution is to find a web hosting provider. Because you don’t seem to have a backend it can be for static pages (some are free). This will give you a stable URL and should work exactly the same as in your localhost.

References

• HTML Service: Restrictions (Google Developers)
• Content Service Redirects (Google Developers)
• google.script.run (Google Developers)