solars/test.js Secret

## test.js
// config copied from sample
function getToodledoService() {
  // Create a new service with the given name. The name will be used when
  // persisting the authorized token, so ensure it is unique within the
  // scope of the property store.
  return OAuth2.createService('toodledo')

    // Set the endpoint URLs, which are the same for all Google services.
    .setAuthorizationBaseUrl('https://api.toodledo.com/3/account/authorize.php')
    .setTokenUrl('https://api.toodledo.com/3/account/token.php')

    // Set the client ID and secret, from the Google Developers Console.
    .setClientId('<my client id>')
    .setClientSecret('<my secret>')

    // Set the name of the callback function in the script referenced
    // above that should be invoked to complete the OAuth flow.
    .setCallbackFunction('authCallback')

    // Set the property store where authorized tokens should be persisted.
    .setPropertyStore(PropertiesService.getUserProperties())

    // Set the scopes to request (space-separated for Google services).
    .setScope('tasks write')

    // Below are Google-specific OAuth2 parameters.

    // Sets the login hint, which will prevent the account chooser screen
    // from being shown to users logged in with multiple accounts.
    .setParam('login_hint', Session.getActiveUser().getEmail())

    // Requests offline access.
    .setParam('access_type', 'offline')

    // Forces the approval prompt every time. This is useful for testing,
    // but not desirable in a production application.
    .setParam('approval_prompt', 'force');
}


// copied from sample
function authCallback(request) {
  var todoService = getToodledoService();
  var isAuthorized = todoService.handleCallback(request);
  if (isAuthorized) {
    return HtmlService.createHtmlOutput('Success! You can close this tab.');
  } else {
    return HtmlService.createHtmlOutput('Denied. You can close this tab');
  }
}


function run() {
  var todoService = getToodledoService();

  //show authorization page
  if (!todoService.hasAccess()) {
    var authorizationUrl = todoService.getAuthorizationUrl();
    var template = HtmlService.createTemplate(
        '<a href="<?= authorizationUrl ?>" target="_blank">Authorize</a>. ' +
        'Reopen the sidebar when the authorization is complete.');
    template.authorizationUrl = authorizationUrl;
    var page = template.evaluate();
    DocumentApp.getUi().showSidebar(page);

  //logged in - try to fetch token
  } else {
    Logger.log("logged in");

    var options = {
      "method" : "post",
      "headers" : {
        "Authorization" : "Basic " + Utilities.base64Encode("<my client id>:<my secret>")
      },
      "payload" :  {
        "grant_type" : "authorization_code",
        "code" : todoService.getAccessToken(),
        "vers": "3"
      },
      muteHttpExceptions: true
    };

    var response = UrlFetchApp.fetch('https://api.toodledo.com/3/account/token.php', options);
    Logger.log(response);
  }
}
	// config copied from sample
	function getToodledoService() {
	// Create a new service with the given name. The name will be used when
	// persisting the authorized token, so ensure it is unique within the
	// scope of the property store.
	return OAuth2.createService('toodledo')

	// Set the endpoint URLs, which are the same for all Google services.
	.setAuthorizationBaseUrl('https://api.toodledo.com/3/account/authorize.php')
	.setTokenUrl('https://api.toodledo.com/3/account/token.php')

	// Set the client ID and secret, from the Google Developers Console.
	.setClientId('<my client id>')
	.setClientSecret('<my secret>')

	// Set the name of the callback function in the script referenced
	// above that should be invoked to complete the OAuth flow.
	.setCallbackFunction('authCallback')

	// Set the property store where authorized tokens should be persisted.
	.setPropertyStore(PropertiesService.getUserProperties())

	// Set the scopes to request (space-separated for Google services).
	.setScope('tasks write')

	// Below are Google-specific OAuth2 parameters.

	// Sets the login hint, which will prevent the account chooser screen
	// from being shown to users logged in with multiple accounts.
	.setParam('login_hint', Session.getActiveUser().getEmail())

	// Requests offline access.
	.setParam('access_type', 'offline')

	// Forces the approval prompt every time. This is useful for testing,
	// but not desirable in a production application.
	.setParam('approval_prompt', 'force');
	}


	// copied from sample
	function authCallback(request) {
	var todoService = getToodledoService();
	var isAuthorized = todoService.handleCallback(request);
	if (isAuthorized) {
	return HtmlService.createHtmlOutput('Success! You can close this tab.');
	} else {
	return HtmlService.createHtmlOutput('Denied. You can close this tab');
	}
	}



	function run() {
	var todoService = getToodledoService();

	//show authorization page
	if (!todoService.hasAccess()) {
	var authorizationUrl = todoService.getAuthorizationUrl();
	var template = HtmlService.createTemplate(
	'<a href="<?= authorizationUrl ?>" target="_blank">Authorize</a>. ' +
	'Reopen the sidebar when the authorization is complete.');
	template.authorizationUrl = authorizationUrl;
	var page = template.evaluate();
	DocumentApp.getUi().showSidebar(page);

	//logged in - try to fetch token
	} else {
	Logger.log("logged in");

	var options = {
	"method" : "post",
	"headers" : {
	"Authorization" : "Basic " + Utilities.base64Encode("<my client id>:<my secret>")
	},
	"payload" : {
	"grant_type" : "authorization_code",
	"code" : todoService.getAccessToken(),
	"vers": "3"
	},
	muteHttpExceptions: true
	};

	var response = UrlFetchApp.fetch('https://api.toodledo.com/3/account/token.php', options);
	Logger.log(response);
	}
	}