Creating a Google Developer Console project should not be a prerequisite for using this software.

[psteiger]

We need to investigate and enumerate possible ways to remove this prerequisite, which is a real deal-breaker for using this script.

[psteiger]

From https://cloud.google.com/bigquery/docs/authentication/end-user-installed:

"Save the credentials file to client_secrets.json. This file must be distributed with your app."

Let's double check the safety and go on with distributing the authentication json.

[psteiger]

See https://googleapis.github.io/google-api-python-client/docs/oauth-installed.html

This flow is similar to the one shown in the Using OAuth 2.0 for Web Server Applications, but with three differences:

• When creating a client ID, you specify that your application is an Installed application. This results in a different value for the redirect_uri parameter.
• The client ID and client secret obtained from the API Console are embedded in the source code of your application. In this context, the client secret is obviously not treated as a secret.
• The authorization code can be returned to your application in the title bar of the browser or in the query string of an HTTP request to the local host.