I want to allow my anonymous website's visitors to upload files to Google Drive on behalf of my application. In a new app console I spotted some sort of Browser key, can I use it to reach my goal?
Or maybe there are some other ways of doing this by using Cloud Storage or something?
I don't want to involve server-side authentication, I need a pure Javascript solution.
PS: This article (https://developers.google.com/drive/quickstart-js) doesn't help, since it requires my users to have Google Account.
Screenshot of my API Console:
Related
I need to share to the employee tons of files of a specific Team Drive through our ERP. Since the files should be downloadable and I cannot redirect the users to the Drive page I need to download these files from the Drive by the API and show them to download on the ERP.
The point is that I cannot found a way to allow the Drive API through Browser connect to a single drive account with OAuth and allow every user on the App get the files on the view. All the ways I found request the current user an access to its own drive and it isn't what I want.
I found a way to do this with NodeJS API (without browser), but this will need too much data to transfer from the back to the front and it dont seems to much smart since (I believe) I can download directly from the Drive to the Client without need to pass by my server, but I can't found a way to do this.
What I really searching for is a way to allow a specific domain to aways access a specific user Google Drive with certains credentials and, knowing this, dont request to every user using the app authorization to its own drive.
I'm making an open source Node module that will require access to each user's private Google Drive files. I've been trying to wrap my head around all of these different authentication types, and have come to a road block. From what I've gathered, there are two primary types of authentication
I, the library author, provide in my library the public and private keys necessary to authenticate each user with OAuth2. This means giving them a URL to go to to give my app permission to access their data, and have them copy and paste an access code back into their terminal. I was able to run through this tutorial and get it working, but this method seems dangerous, because of the keys I have to package with my library, and unnecessarily difficult.
Have the user go to the Google API console, get their own API key, and provide that to my library through some sort of configuration file. No URL redirection, no copying and pasting, just some private credentials that only they have access to.
2 sounds a lot better to me: This library has absolutely nothing to do with me once it's in the user's hands, so it feels incorrect to have them authenticate with me. But from what I can find, the only way to do this with Google's API is to create a Google Service account, download the JSON they give you, go through a flow similar to the top comment on this blog post, and then manually give the service account email access to my personal Google Drive files. This seems hacky, and a lot of work to gain access to my own private data. Is there a better way to go about this? It seems strange to me that this fairly standard flow in other APIs is only available in Google's API through service accounts, but maybe there is a way and I'm just not seeing it. I'm fairly new to authentication, so any help at all is appreciated. Thanks!
First off I want to say that you cant release your open source project with the client id and client secrete that you created on Google Developers console this is against googles terms of service.
1.Developer credentials (such as passwords, keys, and client IDs) are intended to be used by you and identify your API Client. You will keep
your credentials confidential and make reasonable efforts to prevent
and discourage other API Clients from using your credentials.
Developer credentials may not be embedded in open source projects.
My Answer on another question about exposing client id in open source projects.
Second you could instruct your users to use either Oauth2 or a service account or both its really up to you.
If the user will only be accessing their own data and wont need to access someone else's data then they can use a service account you will need to instruct them in how to share a folder on Google Drive with the service account. However from your side permissions can be tricky when they are uploaded the service account will own the file uploaded to the users google drive account you will need to have the service account add permissions for the user so the user will then also be able to access said file.
The easiest way to go will be Oauth2 when the code uploads files they are owned by the authenticated user so you wont have the same permissions issue you had with a service account.
I need to implement a bug reporter form that users will be able to fill the form with additional information. Then this information will be posted to my google drive account as a text file.
I don't want users to be disturbed by any google drive or gmail permissions. I simply want my code to write file to my drive folder anonymously.
I made some investigation and I came up with google scripting as mentioned here. I created a custom web form to be filled and necessary gs(I guess this extension stands for google script) file.
I will not be able to add this form as an iframe because of cross domain, its url is something like 'https://script.google.com/macros/s/AKfycbxx...'. So I decided to open this form as a child browser tab, but that way I won't be able to pass bug message from parent to child.
Is there any way to send message from parent to child in this situation?
Is there any better way to implement this?
Thanks,
Ugurcan
you are on the right track. using an apps script webapp is an easy way to avoid all the oauth permission code. I assume you have published to run "as me" with access to "everyone even anonymous".
there is no need to open as a child window. Simply pass all the data you need as url parameters to your webapp.
then on your app the parameters are received in doGet and use them to populate form fields.
I would suggest a different (non Apps Script) approach. Use a Service Account and upload to that account. Either share that account's files to your own account, or copy them to your own Google Dtive.
I want to display the number of times a video has been viewed using the core reporting API via Javascript. However, the API is designed with OAuth, for building applications and not just logging into my account to get the event count.
Is there a way to login for just my account via Javascript?
Thanks,
Matthew.
I think what you are looking for is a Service account. To my knowledge you cant use a Service account with JavaScript due to security issues with the key file.
What you could try and do is to authenticate the script once using normal Oauth2 then save the refresh token to the file and hard code that into your script and send that. But I wouldn't recommend it as then anyone that checks your script will also be able to access it. So basically you have the same security issues you had with using a Service account.
As you can see doing what you are trying to do with JavaScript isn't really going to work. As you can see this is something I have also tried unsuccessfully in the past to do. I recommend you try and do this with some kind of server sided scripting language, like PHP.
I'm looking for a way to use Google Drive to share data between a Android app and a web page hosted on my server. The web page should use JavaScript to retrieve and store data in Google Drive.
The data should only be exchanged between the browser of the user and Google Drive.
According to the documentation of accessing Google Drive from JavaScript you must first create a application using the Google Cloud Console, register it and get a client ID before you can use JavaScript to access the data.
I don't want to have to maintain a Google hosted application. Is this possible?
The only point of apis console is to register your applicaiton or in your case script with google. Its baslcy just there way of keeping track of whos accessing what i think. Once you have it registered you normaly would use a clientid and stuff as well as Oauth2 to allow users to access there google drive with your script. But you wont need to go into that becouse its your application thats storing its data there and not a user.
You will probably want to look into a service account.
https://google-developers.appspot.com/drive/service-accounts
If you want to use private spreadsheet then you have to use authentication, in this case google project is easiest one. If you don't want to use private then you can publish your spreadsheet and then make ajax call without authentication/goole project.
You're not the first person we've heard this complaint from. People want to be able to log in and create an API key without having to deal with extraneous cloud services. We're working on some things to make life easier for customers like you.
Unfortunately there is no way to do this at the present time. That said, you don't have to actually maintain a separate application. You can create a project and only use it to manage APIs.