Skip to content

feat(source-google-calendar): add OAuth flow with credentials wrapper, config migration, and Service Account auth #76066

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Serhii Lazebnyi (lazebnyi) wants to merge 7 commits into
base: master
Choose a base branch
from
Open

feat(source-google-calendar): add OAuth flow with credentials wrapper, config migration, and Service Account auth #76066

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
4939986
feat(source-google-calendar): add oauth_connector_input_specification…
lazebnyi Apr 3, 2026
a73d45d
feat(source-google-calendar): replace placeholder icon with Google Ca…
lazebnyi Apr 3, 2026
4191300
feat(source-google-calendar): restructure OAuth config with credentia…
devin-ai-integration[bot] Apr 3, 2026
ee79e2d
chore(source-google-calendar): bump version to 0.0.39
devin-ai-integration[bot] Apr 3, 2026
89fc6ac
fix(source-google-calendar): consolidate duplicate changelog entries …
devin-ai-integration[bot] Apr 3, 2026
e81ea6b
feat(source-google-calendar): add Service Account auth type and Selec…
devin-ai-integration[bot] Apr 3, 2026
09dd5da
Update docs/integrations/sources/google-calendar.md
lazebnyi Apr 3, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 18 additions & 3 deletions airbyte-integrations/connectors/source-google-calendar/icon.svg
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
189 changes: 163 additions & 26 deletions airbyte-integrations/connectors/source-google-calendar/manifest.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -156,17 +156,42 @@ definitions:
type: InlineSchemaLoader
schema:
$ref: "#/schemas/events"
jwt_authenticator:
type: JwtAuthenticator
secret_key: "{{ json_loads(config['credentials']['service_account_info'])['private_key'] }}"
algorithm: "RS256"
token_duration: 3600
jwt_payload:
aud: "{{ json_loads(config['credentials']['service_account_info'])['token_uri'] }}"
iss: "{{ json_loads(config['credentials']['service_account_info'])['client_email'] }}"
additional_jwt_payload:
scope: "https://www.googleapis.com/auth/calendar.readonly"
oauth_authenticator:
type: OAuthAuthenticator
refresh_request_body: {}
token_refresh_endpoint: https://oauth2.googleapis.com/token
grant_type: refresh_token
client_id: '{{ config["credentials"]["client_id"] }}'
client_secret: '{{ config["credentials"]["client_secret"] }}'
refresh_token: '{{ config["credentials"]["client_refresh_token_2"] }}'
jwt_profile_assertion_oauth_authenticator:
type: OAuthAuthenticator
token_refresh_endpoint: https://oauth2.googleapis.com/token
refresh_request_headers:
Content-Type: application/x-www-form-urlencoded
use_profile_assertion: true
profile_assertion:
$ref: "#/definitions/jwt_authenticator"
authenticator:
type: SelectiveAuthenticator
authenticator_selection_path: ["credentials", "auth_type"]
authenticators:
Client: "#/definitions/oauth_authenticator"
Service: "#/definitions/jwt_profile_assertion_oauth_authenticator"
base_requester:
type: HttpRequester
url_base: https://www.googleapis.com/calendar/v3/
authenticator:
type: OAuthAuthenticator
client_id: "{{ config[\"client_id\"] }}"
grant_type: refresh_token
client_secret: "{{ config[\"client_secret\"] }}"
refresh_token: "{{ config[\"client_refresh_token_2\"] }}"
refresh_request_body: {}
token_refresh_endpoint: https://oauth2.googleapis.com/token
authenticator: "#/definitions/authenticator"

streams:
- $ref: "#/definitions/streams/colors"
Expand All @@ -181,31 +206,143 @@ spec:
type: object
$schema: http://json-schema.org/draft-07/schema#
required:
- client_id
- client_secret
- client_refresh_token_2
- credentials
- calendarid
properties:
client_id:
type: string
credentials:
type: object
title: Authentication
description: >-
Credentials for connecting to the Google Calendar API
order: 0
title: Client ID
airbyte_secret: true
client_secret:
type: string
order: 1
title: Client secret
airbyte_secret: true
client_refresh_token_2:
type: string
order: 2
title: Refresh token
airbyte_secret: true
oneOf:
- title: Authenticate via Google (OAuth)
type: object
required:
- auth_type
- client_id
- client_secret
- client_refresh_token_2
Copy link
Copy Markdown
Contributor

@aldogonzalez8 Aldo Gonzalez (aldogonzalez8) Apr 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What the 2 means?

properties:
auth_type:
type: string
const: Client
client_id:
title: Client ID
type: string
description: "Enter your Google application's Client ID. See <a href='https://developers.google.com/identity/protocols/oauth2'>Google's documentation</a> for more information."
airbyte_secret: true
client_secret:
title: Client Secret
type: string
description: "Enter your Google application's Client Secret. See <a href='https://developers.google.com/identity/protocols/oauth2'>Google's documentation</a> for more information."
airbyte_secret: true
client_refresh_token_2:
title: Refresh Token
type: string
description: "Enter your Google application's refresh token. See <a href='https://developers.google.com/identity/protocols/oauth2'>Google's documentation</a> for more information."
airbyte_secret: true
- title: Service Account Key Authentication
type: object
required:
- auth_type
- service_account_info
properties:
auth_type:
type: string
const: Service
service_account_info:
type: string
title: Service Account Information.
description: 'The JSON key of the service account to use for authorization. Read more <a href="https://cloud.google.com/iam/docs/creating-managing-service-account-keys#creating_service_account_keys">here</a>.'
airbyte_secret: true
examples:
- '{ "type": "service_account", "project_id": YOUR_PROJECT_ID, "private_key_id": YOUR_PRIVATE_KEY, ... }'
calendarid:
type: string
order: 3
order: 1
title: Calendar Id
additionalProperties: true
config_normalization_rules:
type: ConfigNormalizationRules
config_migrations:
- type: ConfigMigration
description: Migrate top-level OAuth fields into a nested credentials object.
transformations:
- type: ConfigAddFields
fields:
- type: AddedFieldDefinition
path:
- credentials
- auth_type
value: "Client"
- type: AddedFieldDefinition
path:
- credentials
- client_id
value: "{{ config['client_id'] }}"
- type: AddedFieldDefinition
path:
- credentials
- client_secret
value: "{{ config['client_secret'] }}"
- type: AddedFieldDefinition
path:
- credentials
- client_refresh_token_2
value: "{{ config['client_refresh_token_2'] }}"
condition: "{{ config.get('client_id') is not none and config.get('credentials') is none }}"
- type: ConfigRemoveFields
field_pointers:
- - client_id
- - client_secret
- - client_refresh_token_2
Comment on lines +295 to +299
Copy link
Copy Markdown
Contributor

@aldogonzalez8 Aldo Gonzalez (aldogonzalez8) Apr 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are these array of arrays?

Copy link
Copy Markdown
Contributor

@aldogonzalez8 Aldo Gonzalez (aldogonzalez8) Apr 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also, do we need to remove them? I like to think we could pin back if necessary.

condition: "{{ config.get('credentials') is not none }}"
advanced_auth:
auth_flow_type: oauth2.0
predicate_key:
- credentials
- auth_type
predicate_value: Client
oauth_config_specification:
oauth_connector_input_specification:
scopes:
- scope: "https://www.googleapis.com/auth/calendar.readonly"
consent_url: "https://accounts.google.com/o/oauth2/v2/auth?{{client_id_param}}&{{redirect_uri_param}}&response_type=code&{{scopes_param}}&access_type=offline&{{state_param}}&include_granted_scopes=true&prompt=consent"
access_token_url: "https://oauth2.googleapis.com/token?{{client_id_param}}&{{client_secret_param}}&{{auth_code_param}}&{{redirect_uri_param}}&grant_type=authorization_code"
extract_output:
- refresh_token
complete_oauth_output_specification:
type: object
additionalProperties: false
properties:
refresh_token:
type: string
path_in_connector_config:
- credentials
- client_refresh_token_2
complete_oauth_server_input_specification:
type: object
additionalProperties: false
properties:
client_id:
type: string
client_secret:
type: string
complete_oauth_server_output_specification:
type: object
additionalProperties: false
properties:
client_id:
type: string
path_in_connector_config:
- credentials
- client_id
client_secret:
type: string
path_in_connector_config:
- credentials
- client_secret

metadata:
autoImportSchema:
Expand Down
2 changes: 1 addition & 1 deletion airbyte-integrations/connectors/source-google-calendar/metadata.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ data:
connectorSubtype: api
connectorType: source
definitionId: c01b6259-bdf4-45ff-bcd5-66424cd2f18b
dockerImageTag: 0.0.37
dockerImageTag: 0.0.39
dockerRepository: airbyte/source-google-calendar
githubIssueLabel: source-google-calendar
icon: icon.svg
Expand Down
12 changes: 8 additions & 4 deletions docs/integrations/sources/google-calendar.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,12 +5,15 @@ Solves https://github.com/airbytehq/airbyte/issues/45995

| Input | Type | Description | Default Value |
|-------|------|-------------|---------------|
| `client_id` | `string` | Client ID. | |
| `client_secret` | `string` | Client secret. | |
| `client_refresh_token_2` | `string` | Refresh token. | |
| `calendarid` | `string` | Calendar Id. | |
| `credentials` | `object` | Authentication. Credentials for connecting to the Google Calendar API. | |
| `credentials.client_id` | `string` | Client ID. Enter your Google application's Client ID. See Google's documentation for more information. | |
| `credentials.client_secret` | `string` | Client Secret. Enter your Google application's Client Secret. See Google's documentation for more information. | |
| `credentials.client_refresh_token_2` | `string` | Refresh Token. Enter your Google application's refresh token. See Google's documentation for more information. | |
| `credentials.service_account_info` | `string` | Service Account Information. The JSON key of the service account to use for authorization. | |
| `calendarid` | `string` | Calendar Id. | |

## Streams

| Stream Name | Primary Key | Pagination | Supports Full Sync | Supports Incremental |
|-------------|-------------|------------|---------------------|----------------------|
| colors | calendar.event | No pagination | ✅ | ❌ |
Expand All @@ -26,6 +29,7 @@ Solves https://github.com/airbytehq/airbyte/issues/45995

| Version | Date | Pull Request | Subject |
|------------------|-------------------|--------------|----------------|
| 0.0.39 | 2026-04-03 | [76066](https://github.com/airbytehq/airbyte/pull/76066) | Add OAuth flow with credentials wrapper and config migration |
| 0.0.37 | 2026-03-31 | [75671](https://github.com/airbytehq/airbyte/pull/75671) | Update dependencies |
| 0.0.36 | 2026-03-17 | [74985](https://github.com/airbytehq/airbyte/pull/74985) | Update dependencies |
| 0.0.35 | 2026-02-24 | [73746](https://github.com/airbytehq/airbyte/pull/73746) | Update dependencies |
Expand Down
Loading