Yesterday I've configured a new project in the Cloud Platform and added the Sheets API to it and made functions to generate access_token to make API calls (in Elixir programming language). Today, when creating a new spreadsheet with the access token, the responde body returns me the spreadsheet and all the info about it, but, when accessing the Drive of the account that I've used on the Google Cloud console to create the new project I can't find the sheet there. Plus, when clicking in the spreadsheet url provided on the response body it prompts me to the Request Access page (when I'm trying to access with the email that holds the project # Cloud platform).
So the questions are, where are the files being stored and how can I access them?
Thanks in advance!
Related
I've found that with https://www.googleapis.com/auth/drive scope, my app can read all existing files (and their contents) in a Google Drive, but when I auth the app, it says that this scope can also delete files in the drive and I don't want to grant that.
I know that by itself https://www.googleapis.com/auth/drive.file only allows the app to read files created by the app itself or especially granted access.
I've tried other combinations, but can't find one where the the app can read the contents of any file I can see, but can't delete anything. This is the closest I've come:
https://www.googleapis.com/auth/drive.metadata
https://www.googleapis.com/auth/drive.file
https://www.googleapis.com/auth/drive.activity
https://www.googleapis.com/auth/documents
Is there a combination that will achieve my goal?
Based on your needs, you should be eyeing https://www.googleapis.com/auth/drive.readonly. This enables you to read the file metadata and content.
Allows read-only access to file metadata and file content.
Resource:
Scopes
There isn't one if you have access to read and write to a file then you will also have access to delete that file.
Its how they have permissions setup.
If you don't want to upload and only download try drive readonly.
scopes#drive
If you're not intending to create any files or save any data to Drive, then you have the https://www.googleapis.com/auth/drive.readonly scope.
Note that this is a restricted scope that will grant your app with read-only access to the user's entire Drive, but it will also prevent your app from creating any new files or editing existing ones.
If you want your application to be able to access the entire Drive, and you're planning to release your app to the public, you should submit your application to a restricted scope verification and security assessment; otherwise your app will be limited to 100 users, and users will see a warning while your app is unverified.
Here's more information:
OAuth 2.0 Scopes for Google APIs - Drive API, v3
Additional Requirements for Specific API Scopes section in the Google API Services User Data Policy
OAuth API verification FAQs
Ok, I hope I don't get too beat up here for this question as it is kind of complex. At least in my view, with what I know so far. So the details first:
I built a nice app with django that brings in event data for users, utilizes that data for many things (not relevant to this question) but one of the things is that it syncs these events to the users Google calendar. I made the google app within the developer console, and it uses the provided credentials.json file to allow users to authenticate the app, thus creating individual user token.json files per user, then I have another script (not within django, just a custom python file) that runs from a cron job to automatically sync/ update the calendar info from the database to the google calendars.
Now, the new problem is having this work without my help. IE: a new user logs in and creates a profile, then if they should choose to sync to their Google calendars I have to be there, running the authentication process from my personal server. So I did that, by moving the whole app to a hosted platform and brought it up to speed in production mode.
Users can create a profile, using django-allauth it works to make an initial user account where they can fill in the rest of the profile. It does populate the token string for their account, but here is where I'm stuck.
What process is there to make the token.json file OR use the existing token string (the one it saves now on the server version) to allow the system to sync the calendars? Once the token files are created, the rest of this works. I just can't get the right answers to how django-allauth will handshake with Google and do this?
Thanks for any help!
Update: ultimately wound up using a service account with google api, and directing my users to combine the service account email (adding it as a shared user to the specific calendar) and they copy/paste the shared calendar ID in their profile on my app. All the logic now just uses this share function to sync the calendars, and it works great.
I am making a app that allows users to upload images to their profile page. I was using firebase Storage to store the images using a folder for each user. The problem I have is the Url for the images are accessible without evening signing into my app. Can I limit access to users that have signed in to my app? Im using a custom sign in token. Or do I need to switch to another storage provider.
It sounds like you're using Firebase Storage's download URLs. These are (by definition) URLs that give anyone who has them read-only access to the file. Download URLs are only generated when you call getDownloadUrl() (or the equivalent method on the platform you use). So if you don't want this behavior, don't call getDownloadUrl().
If you don't have a download URL, the files in Storage are only available by using the Firebase SDK. At that point all access to the files is secured through the security rules that you've defined for your project. For more on this, see the Firebase documentation on securing access to files.
I have some previous experience with the youtube and youtube analytics api where there was an option to use https://developers.google.com/oauthplayground/ to essentially create an offline situation for your own user account api access. By creating the key in the developer console you could add that to a custom oAuth credentials. The user account you were logged into would then generate the access token and refresh token needed. I do not see Google Photos API listed as an option here. I would prefer not to create a website just to get a prompt once (myself).
Any help would be greatly appreciated.
If you are specifically after a token to make your own requests to the API, you can still use the OAuth 2.0 playground. You can enter your own scope in the tool under step 1, just below the list of scopes on the left side. (The text box is labelled "Input your own scopes".)
Here you can manually enter a scope that's listed on the "Authentication and authorization scopes" page in the Google Photos Library API developer documentation.
In step 2, you can access a refresh and access tokens and construct your own request in step 3. Note that you won't be able to List possible operations for this API.
Note that you can also specify your own OAuth client ID and client secret from your own Google developers project. You can find this under the "settings" icon on the right, under "Use your own OAuth credentials". Otherwise, tokens are automatically revoked by the playground after a certain amount of time.
However - If you just want to explore the API through the playground, you can use the version that's embedded in the reference documentation. You can find it on each page for a method, for example mediaItems.list. This version includes support for all API methods and makes it easy to construct correct API requests.
I am trying to build an application with ColdFusion.
I've been reading documentation and trying things out for days and for the life of my I can't seem to figure out how to display my own data to users from Google's APIs using OAuth2.
For example, I want to be able to display some of my stats to users with the Google Analytics API. How many unique hits, page views my site gets and from what countries. The data is private, however, so there isn't a way to do so. Or YouTube just changed their API so video tags can no longer be seen unless logged in. I want to be able to show my video tags so they can search for related things on my own site, but I can't pull them because I'm unsure of how to do this.
I know how to display and manipulate public data, but when it comes to private data, I'm at a complete loss. OAuth2 is kicking my butt!
Is there anybody that can please, please help me with OAuth2 so that I can allow my users to see my private Google data without there being any kind of log in process for them? Examples using ColdFusion would be so much appreciated.
The answer is more or less what I said at How to retrieve my own private playlist through YouTube API?
You'd want to use the OAuth 2 for Installed Applications flow, and generate new access tokens via your refresh token when your old access token expires. I'm not familiar with any libraries for doing OAuth 2 in Cold Fusion, though.