I am attempting to create an angular application that authenticates to the Google APIs as our administrator account so that it can gather details, such as a user's Google Drive info (number of files, total size, etc.)
I'm attempting to use OAuth 2.0 to give the application our "administrator" credentials. The examples provided in the Google API documentation shows how to accomplish such tasks by allowing a user to log themselves in, but I've yet to find anything demonstrating how to programmaticly authenticate an application as admin (or anything else, for that matter).
Is this possible?
After a bit more research, I finally found a question relevant to the issue with what appears to be a detailed solution! It's all about using the right key words... "programatically" was the word that finally got me there :)
Of course, I'll be using JavaScript/Angular, not Python, but I believe the concepts will be the same.
Related
I have a file upload in place however I want to go ahead and send my files to google drive to be stored however I'm not sure where to start and everything I've seen so far online has been a bit confusing. Does anyone have any tips?
This is a pretty broad question, your best bet is just to read Google's documentation and code samples to understand how the process works.
Learn how Google uses OAuth 2.0 to authorize APIs. This involves creating a Google Cloud Platform project to generate the access credentials. The Get Started guide contains the steps to create this project and set it up.
With the credentials you can generate a token to authorize your app to access Drive. Since you said that you are already uploading the files you'll probably want to do this on the back-end. There's a general sample for using OAuth with web applications and for something more specific you can check out the Drive examples.
You could also choose to do it on the front-end. Google has a different guide for that, and the code sample in Erwin's comment can help you as well to follow up after you have the authorization token. There's another guide in Github referenced in that link that can also help you generate the auth token.
My recommendation is to first really learn how OAuth works, here's a great question about it. Then use the links above to understand how Google uses it and their required steps, then try to implement it yourself little by little and look for, or ask specific questions if you get stuck in some step. Understanding the process is key to make it easier for yourself so you'll need to dedicate some time into studying it.
I am working on a POC (a Vue based web application) for which I require a database. I want to use the google sheet as a database
I followed the official Google Sheets API v4 documentation and I am able to perform all kinds of database operations on the google sheet. But, it requires the user to explicitly click on a button and sign in to authenticate. I want it to be done from the code itself.
I have the following keys which are required along with the user consent to use the google sheets API
// Client ID and API key from the Developer Console
var CLIENT_ID = '<YOUR_CLIENT_ID>';
var API_KEY = '<YOUR_API_KEY>';
Apart from this I also have a client secret which I have absolutely no idea how to use it in the code. From what I have read over the internet and what I have understood, it is used to authenticate the access to google sheets API from the code. But, I don't know how.
I did come across some of the third-party services like Sheetsu and SheetDB which I don't want to use. So, is there a way I can use google sheets as a database for simple CRUD operations just as we will do with any traditional database?
It is behaving that way - expecting a user to authenticate - because you are using OAuth2 authentication which is meant for scenarios where a user grants your program access to their spreadsheet.
For your scenario you want to use the other type of authentication: service account.
Actually, you can use a service account with OAuth, as described here:
Using OAuth 2.0 for Server to Server Applications
https://developers.google.com/identity/protocols/oauth2/service-account
And you could consider this because the code examples tend to use OAuth, but I'm suggesting that you instead go back to the sheets API in the console:
https://console.cloud.google.com/apis/api/sheets.googleapis.com/credentials?project=yourProjectId
And click 'create credentials' and choose a service account instead of OAuth. This method has a simpler authentication flow since it is meant for your scenario: no end-user.
Also, I haven't done this in a while, but I think I took the service account client_email (the email address of the account - the main identifier) and give it permission to access the sheet, ie. share your sheet with it.
Finally, I would note - and you probably already know this - but you mention using sheets like a database and it doesn't have the performance characteristics for this. It is more like a CRM: eg. suitable for a building a static site.
I have been looking for an open google api to get google authentication token by using a user's google username and password. I have came across google-auth node package. And according to it, I first need to log in to create a project in google developer console and then use the key to access the information.
But I want to know whether there is any open api where I can directly pass the username and password, without creating any project in google developer console. And get the authentication token as part of response.
This is my first project using google apis, so if it sounds naive please let me know the right way of authenticating a google account user using a node project.
Sorry, I can't provide any code, as I am stuck at understanding the initial part itself, about how to authenticate different users.
Thanks in advance
You can't use google or any social login, without first creating a project and using it's api key.
That is just how oAuth is designed.
I'm trying to create a webpage that can incorporate LinkedIn info's (profile,people,company, etc...).
The things that it can/would do are the following:
When the user enters a name that is registered in LinkedIn, he gets the following
*Name, Company, Email
*List of LinkedIn messages that are waiting for reply
The same process goes on everytime the user adds a profile, I'm planning to use the Profile API of LinkedIn to get the Name, Company and Email but I can't find a working example to be my basis.
As for the 2nd one I still don't know how to get the LinkedIn messages.
Here's my Layout and expected result.
How can I achieved this? Opinions and Suggestions are highly appreciated tnx
This is far to broad a question for me to invest the necessary time in to figure the answers (multiple) for you, but do let me give you some hints. First of all, from my experience with the linkedin API not all the data you wish to access is available (do double check this though, I used the API quite awhile back and stuff might have changed in the meantime). As this data is not available through the API the only alternative would be to somehow bypass the cross domain policy, which in conclusion would require the user to install a chrome extension/firefox plugin which will function as a proxy for your application or even 'better', make you entire application a browser plugin based web app. Not that I am a fan of those whatsoever but if you application is meant in any way whatsoever as a linkedin (dedicated) plugin (probably as part of a greater service you're developing) then it might make most sense.
The whole system you are describing is very long winded and requires a large amount of development time. Alot of the data is not accessible directly or indirectly too. You cannot get email address's out from the API as a security feature (bots could just harvest emails for marketing campaigns).
First of all, you will need to make an application that allows for oAuth2 connections with the linkedin API service. People will log onto your website, click to join their linkedin account with your website and your website will receive back an access token to do the calls.
You will then need to build the queries which will access the data you require. The linkedin API documentation (http://developer.linkedin.com/) isn't greatly indepth but it gives you a good understand and points you where you need to go. There are also a couple of pre-done php API's around such as https://code.google.com/p/simple-linkedinphp/.
I have worked with many API's from twitters, facebooks and LinkedIn's and they all require a lot of back-end work to make sure that they are secure and get the correct data.
It would take me hours to go through exactly how to do it and has taken me many hours to get a solid implementation in place and working with all the different calls available.
If you have minimal coding knowledge, it would be best to go to an external company with a large amount of resources and knowledge in the field who can do it for you. Otherwise it may take many months to get a working prototype.
About to open up a public api with OAuth access, no problem with that. Main site uses the api but with basic authentication instead (restricted for our internal ip range)
Next step is to plan a mobile application but how should one handle authentication there?
First thought was to create a special log in screen just for our appid to make it look like authentication (instead of authorization) but it would not be very hard to revers engineer our appid.
How does (for example) facebook handle log in within the facebook iphone app?
Look and feel says they're using authentication but if so, how do they keep others from using it?
Suggestions appreciated.
I think you will find your answer in this document, and particular paragraph:
https://datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-threatmodel-07#section-5.2.3.4