Use script ID instead of project key, and bump version.

Author: Eric Koleda

README.md

@@ -14,8 +14,9 @@ in your project. To add it to your script, do the following in the Apps Script
 code editor:
 
 1. Click on the menu item "Resources > Libraries..."
-2. In the "Find a Library" text box, enter the project key
-   `MswhXl8fVhTFUH_Q3UOJbXvxhMjh3Sh48` and click the "Select" button.
+2. In the "Find a Library" text box, enter the script ID
+   `1B7FSrk5Zi6L1rSxxTDgDEUsPzlukDsi4KGuTMorsTQHhGBzBkMun4iDF` and click the
+   "Select" button.
 3. Choose a version in the dropdown box (usually best to pick the latest
    version).
 4. Click the "Save" button.
@@ -32,22 +33,17 @@ URL that users will be redirected to after they've authorized the token. For
 this library (and the Apps Script functionality in general) the URL will always
 be in the following format:
 
-    https://script.google.com/macros/d/{PROJECT KEY}/usercallback
+    https://script.google.com/macros/d/{SCRIPT ID}/usercallback
 
-Where `{PROJECT KEY}` is the key of the script that is using this library. You
-can find your script's project key in the Apps Script code editor by clicking on
+Where `{SCRIPT ID}` is the ID of the script that is using this library. You
+can find your script's ID in the Apps Script code editor by clicking on
 the menu item "File > Project properties".
 
-**Warning**: Due to an
-[open issue](https://code.google.com/p/google-apps-script-issues/issues/detail?id=6098)
-in Apps Script, the project key shown in the Project properties dialog
-doesn't match the version the library uses. You can call the service's
-`getRedirectUri()` method to view the exact URL that the service will use when
-performing the OAuth flow. Register this version in addition to or in place of
-the version that uses the key shown in the dialog.
+Alternatively you can call the service's `getRedirectUri()` method to view the
+exact URL that the service will use when performing the OAuth flow:
 
       /**
-       * Logs the redict URI to register in the Google Developers Console, etc.
+       * Logs the redict URI to register.
        */
       function logRedirectUri() {
         var service = getService();

dist/OAuth2.gs

@@ -34,6 +34,15 @@ var TOKEN_FORMAT = {
   FORM_URL_ENCODED: 'application/x-www-form-urlencoded'
 };
 
+/**
+ * The supported locations for passing the state parameter.
+ * @type {Object.<string, string>}
+ */
+var STATE_PARAMETER_LOCATION = {
+  AUTHORIZATION_URL: 'authorization-url',
+  REDIRECT_URL: 'redirect-url'
+};
+
 /**
  * Creates a new OAuth2 service with the name specified. It's usually best to create and
  * configure your service once at the start of your script, and then reference them during
@@ -48,19 +57,12 @@ function createService(serviceName) {
 /**
  * Returns the redirect URI that will be used for a given script. Often this URI
  * needs to be entered into a configuration screen of your OAuth provider.
- * @param {string} projectKey The project key of your script, which can be found in
+ * @param {string} scriptID The script ID of your script, which can be found in
  *     the Script Editor UI under "File > Project properties".
  * @return {string} The redirect URI.
  */
-function getRedirectUri(projectKey) {
-  return Utilities.formatString('https://script.google.com/macros/d/%s/usercallback', projectKey);
-}
-
-if (module) {
-  module.exports = {
-    createService: createService,
-    getRedirectUri: getRedirectUri
-  };
+function getRedirectUri(scriptId) {
+  return Utilities.formatString('https://script.google.com/macros/d/%s/usercallback', scriptId);
 }
 
 // Copyright 2014 Google Inc. All Rights Reserved.
@@ -98,7 +100,7 @@ var Service_ = function(serviceName) {
   this.params_ = {};
   this.tokenFormat_ = TOKEN_FORMAT.JSON;
   this.tokenHeaders_ = null;
-  this.projectKey_ = eval('Script' + 'App').getProjectKey();
+  this.scriptId_ = eval('Script' + 'App').getScriptId();
   this.expirationMinutes_ = 60;
 };
 
@@ -162,18 +164,6 @@ Service_.prototype.setTokenPayloadHandler = function(tokenHandler) {
   return this;
 };
 
-/**
- * Sets the project key of the script that contains the authorization callback function (required).
- * The project key can be found in the Script Editor UI under "File > Project properties".
- * @param {string} projectKey The project key of the project containing the callback function.
- * @return {Service_} This service, for chaining.
- * @deprecated The project key is now be determined automatically.
- */
-Service_.prototype.setProjectKey = function(projectKey) {
-  this.projectKey_ = projectKey;
-  return this;
-};
-
 /**
  * Sets the name of the authorization callback function (required). This is the function that will be
  * called when the user completes the authorization flow on the service provider's website.
@@ -310,19 +300,19 @@ Service_.prototype.setExpirationMinutes = function(expirationMinutes) {
 /**
  * Gets the authorization URL. The first step in getting an OAuth2 token is to
  * have the user visit this URL and approve the authorization request. The
- * user will then be redirected back to your application using the
- * project key and callback function name specified, so that the flow may continue.
+ * user will then be redirected back to your application using callback function
+ * name specified, so that the flow may continue.
  * @returns {string} The authorization URL.
  */
 Service_.prototype.getAuthorizationUrl = function() {
   validate_({
     'Client ID': this.clientId_,
-    'Project key': this.projectKey_,
+    'Script ID': this.scriptId_,
     'Callback function name': this.callbackFunctionName_,
     'Authorization base URL': this.authorizationBaseUrl_
   });
 
-  var redirectUri = this.getRedirectUri();
+  var redirectUri = getRedirectUri(this.scriptId_);
   var state = eval('Script' + 'App').newStateToken()
       .withMethod(this.callbackFunctionName_)
       .withArgument('serviceName', this.serviceName_)
@@ -356,10 +346,10 @@ Service_.prototype.handleCallback = function(callbackRequest) {
   validate_({
     'Client ID': this.clientId_,
     'Client Secret': this.clientSecret_,
-    'Project key': this.projectKey_,
+    'Script ID': this.scriptId_,
     'Token URL': this.tokenUrl_
   });
-  var redirectUri = this.getRedirectUri();
+  var redirectUri = getRedirectUri(this.scriptId_);
   var headers = {
     'Accept': this.tokenFormat_
   };
@@ -457,7 +447,7 @@ Service_.prototype.getLastError = function() {
  * @return {Exception} An error, if any.
  */
 Service_.prototype.getRedirectUri = function() {
-  return getRedirectUri(this.projectKey_);
+  return getRedirectUri(this.scriptId_);
 };
 
 /**

package.json

@@ -1,6 +1,6 @@
 {
   "name": "apps-script-oauth2",
-  "version": "1.19.0",
+  "version": "1.20.0",
   "description": "OAuth2 for Apps Script is a library for Google Apps Script that provides the ability to create and authorize OAuth2 tokens as well as refresh them when they expire.",
   "repository": {
     "type": "git",

src/OAuth2.gs

@@ -17,8 +17,8 @@
  * any required setup.
  */
 
-// Load the Underscore.js library. This library was added using the project
-// key "MGwgKN2Th03tJ5OdmlzB8KPxhMjh3Sh48".
+// Load the Underscore.js library. This library was added using the script
+// ID "1I21uLOwDKdyF3_W_hvh6WXiIKWJWno8yG9lB8lf1VBnZFQ6jAAhyNTRG".
 var _ = Underscore.load();
 
 /**
@@ -30,6 +30,15 @@ var TOKEN_FORMAT = {
   FORM_URL_ENCODED: 'application/x-www-form-urlencoded'
 };
 
+/**
+ * The supported locations for passing the state parameter.
+ * @type {Object.<string, string>}
+ */
+var STATE_PARAMETER_LOCATION = {
+  AUTHORIZATION_URL: 'authorization-url',
+  REDIRECT_URL: 'redirect-url'
+};
+
 /**
  * Creates a new OAuth2 service with the name specified. It's usually best to create and
  * configure your service once at the start of your script, and then reference them during
@@ -44,17 +53,10 @@ function createService(serviceName) {
 /**
  * Returns the redirect URI that will be used for a given script. Often this URI
  * needs to be entered into a configuration screen of your OAuth provider.
- * @param {string} projectKey The project key of your script, which can be found in
+ * @param {string} scriptID The script ID of your script, which can be found in
  *     the Script Editor UI under "File > Project properties".
  * @return {string} The redirect URI.
  */
-function getRedirectUri(projectKey) {
-  return Utilities.formatString('https://script.google.com/macros/d/%s/usercallback', projectKey);
-}
-
-if (module) {
-  module.exports = {
-    createService: createService,
-    getRedirectUri: getRedirectUri
-  };
+function getRedirectUri(scriptId) {
+  return Utilities.formatString('https://script.google.com/macros/d/%s/usercallback', scriptId);
 }

src/Service.gs

@@ -33,7 +33,7 @@ var Service_ = function(serviceName) {
   this.params_ = {};
   this.tokenFormat_ = TOKEN_FORMAT.JSON;
   this.tokenHeaders_ = null;
-  this.projectKey_ = eval('Script' + 'App').getProjectKey();
+  this.scriptId_ = eval('Script' + 'App').getScriptId();
   this.expirationMinutes_ = 60;
 };
 
@@ -97,18 +97,6 @@ Service_.prototype.setTokenPayloadHandler = function(tokenHandler) {
   return this;
 };
 
-/**
- * Sets the project key of the script that contains the authorization callback function (required).
- * The project key can be found in the Script Editor UI under "File > Project properties".
- * @param {string} projectKey The project key of the project containing the callback function.
- * @return {Service_} This service, for chaining.
- * @deprecated The project key is now be determined automatically.
- */
-Service_.prototype.setProjectKey = function(projectKey) {
-  this.projectKey_ = projectKey;
-  return this;
-};
-
 /**
  * Sets the name of the authorization callback function (required). This is the function that will be
  * called when the user completes the authorization flow on the service provider's website.
@@ -245,19 +233,19 @@ Service_.prototype.setExpirationMinutes = function(expirationMinutes) {
 /**
  * Gets the authorization URL. The first step in getting an OAuth2 token is to
  * have the user visit this URL and approve the authorization request. The
- * user will then be redirected back to your application using the
- * project key and callback function name specified, so that the flow may continue.
+ * user will then be redirected back to your application using callback function
+ * name specified, so that the flow may continue.
  * @returns {string} The authorization URL.
  */
 Service_.prototype.getAuthorizationUrl = function() {
   validate_({
     'Client ID': this.clientId_,
-    'Project key': this.projectKey_,
+    'Script ID': this.scriptId_,
     'Callback function name': this.callbackFunctionName_,
     'Authorization base URL': this.authorizationBaseUrl_
   });
 
-  var redirectUri = this.getRedirectUri();
+  var redirectUri = getRedirectUri(this.scriptId_);
   var state = eval('Script' + 'App').newStateToken()
       .withMethod(this.callbackFunctionName_)
       .withArgument('serviceName', this.serviceName_)
@@ -291,10 +279,10 @@ Service_.prototype.handleCallback = function(callbackRequest) {
   validate_({
     'Client ID': this.clientId_,
     'Client Secret': this.clientSecret_,
-    'Project key': this.projectKey_,
+    'Script ID': this.scriptId_,
     'Token URL': this.tokenUrl_
   });
-  var redirectUri = this.getRedirectUri();
+  var redirectUri = getRedirectUri(this.scriptId_);
   var headers = {
     'Accept': this.tokenFormat_
   };
@@ -392,7 +380,7 @@ Service_.prototype.getLastError = function() {
  * @return {Exception} An error, if any.
  */
 Service_.prototype.getRedirectUri = function() {
-  return getRedirectUri(this.projectKey_);
+  return getRedirectUri(this.scriptId_);
 };
 
 /**