I am a beginner trying out api for fun.
The problem is, lets say, I want to write a simple windows program with golang to let my friends read and edit one of the sheets saved on my google drive. How can I do this without having them download a credential file?
What I want it to do is simply redirect them to the Oauth Page right away, and if their email address is one recognized by the app it will grant them access to that google sheet.
What i think you need is to integrate your go app with Oauth protocol.
More specifically, with the Google provider.
This is mainly 3 steps:
add the oauth client to your application
something like this: https://github.com/golang/oauth2
See their docs on how to do it.
go to google dev documentation and see how to integrate google auth flow into the client: https://developers.google.com/identity/protocols/OAuth2
I'm not sure if google has something more specific for google drive integration and/or go-lang client in particular. Please do some searching.
make the glue code on your go app so that the user can interact with this (the login button (or command, if it is terminal based), error messages, logout, etc)
More questions will appear when you start to do this, however it is a great example to learn Oauth as well.
General guidelines:
https all the queries or oauth is basically useless
oatuh has many auth-flows and you must choose which one(s) you support. use whatever google documentation recommends for m2m scenario (machine 2 machine)
log errors so that your friends can send you a log file for you to debug issues
maybe set some feature flag so that you can simply disable this feature to run/test localhost ? maybe useful? you decide.
Related
I got the below popup when I tried to execute the google form api from google developer documentation.
I tried this same process with google docs api which work perfectly. I tried tp turn on less secure app access, but it seems google made it unavailable.
what is the other way out.
Thanks
This appears to be a bug with the try me on forms.
I have logged it on the issue form and im going to see if i can find someone at google to ping about it
Forms.get try me not working
I suspect however that this may have something to do with the app being in early access. That being said i would have expected a different error message if that was the issue.
It is most likely due to the permission for the client they are using. It is an internal error and not something you have done.
May i suggest creating your own app and testing it that way. Just remember this api is in early access so be sure that you fill out the form found on this page Google Forms API now available in open beta
Developers can apply to join our Early Adopter Program and begin developing using the Google Forms API by filling out this form.
All I want to do, with PHP and google-api-php-client, is create a new playlist and add it to my YouTube Channel server to server. All guides seem to require me manually clicking a link generated to authorize a token. What?!? With an API key shouldn't I just be able to do server to server changes/uploads/edits without any need of human interaction?
I enabled the API, created API Keys and OAuth ID/Secrets, but still can't figure out how to do it.
Any guide would be appreciated. Server to Server, with PHP, without me needing to open the file in a browser to allow access to account.
Thanks
Tried this: https://developers.google.com/youtube/v3/code_samples/php for adding a playlist and can't get it to work, even after clicking the link and allowing access to account.
You want to start learning something called OAuth. Don't worry, it's only sounds scary. I'll try and ease it a bit for you. But before I begin, no amount of loitering around avoiding that OAuth thing is going to get you anywhere. Good news is: it's not that twisted.
Imagine you were YouTube. An application, say a web application someone wrote that you didn't know about were to come to you making an HTTP request on you.
The request were to say, "Hey, YouTube chum! Can you add this bunch of erotica to John's playlist and just make it all public for everyone to see?"
What would be your response?
If I were YouTube, mine would be --
"Yeah! fook you, dude! Go ask John first! Then, show me some proof that you did."
"And wait a second, before you leave, I forgot to ask, who the fook are you, in fact? You got something to show me for who you are?" I, the YouTube, would add.
You see the problem? For YouTube, there are really two parties involved in this transaction:
The application that's making the sleazy request; and
Poor John, who probably knows nothing of all this even when he should.
Otherwise, what's to stop any application asking YouTube (or Facebook or Google or Github or any place else) for John's data?
So, as far as YouTube is concerned, it needs a way for the application to authenticate itself with YouTube (thus the Application Id and Client Secret or App Secret you created on the Google Developer Console), and it needs John's permission to let the said application do what it is asking you (YouTube) to do (thus the need for John to interact with a UI).
Enter OAuth.
OAuth is a document of rules that allows this co-operative transaction. But for it to work, all the three, YouTube, the web application, and John, must first conspire together.
There are three parties in OAuth:
The OAuth server -- that has John's data. In this example, it was YouTube.
The third-party application that wants to do something with John's data that's kept on the OAuth server, i.e. YouTube.
Poor John, a user on the OAuth server (YouTube), and also wanting to use the third-party Web application that wants YouTube to do something with John's data.
Now, there's a whole lot to learn about OAuth before you write a single line of code, and I can't write it all here but here's a YouTube playlist that starts by explaining the very basics of OAuth and then provides demos in (sorry, no PHP) C# and also in JavaScript.
Once you understand the OAuth transaction mechanism and see some code, then re-visit the YouTube API documentation page you linked to and it'll start to make an enormous amount of sense. It'll click and you won't need to look any place for help writing that example. It'll just come out of you like poop. :-)
Currently, I have been tasked to utilize the Google People API to ask for a user's basic Google information along with their public phone numbers. So far the results have been positive.
The solution my team and I have incorporated the Google People API integration in has the capacity to be utilized across thousands of domains. As a result, my question is simply, How can my team members and I ensure that any our clients that utilize our solution with their own particular domain get our new functionality built with the Google People API?
Keep in mind, our clients have the flexibility to have http/https and any subdomain on their site. Entering each domain possibility for our client base one by one would not be an easy task. I'm seriously hoping there is a solution around the single, explicit origin entries.
Thank you for your time and help.
Warning:
You must remember that if this is source code you are giving your clients that you are not allowed to release your client id and client secret. This includes plugins and scripts.
On November 5th 2014 Google made some changes to the APIs terms of Service.
Asking developers to make reasonable efforts to keep their private
keys private and not embed them in open source projects.
So if your clients could view the code of your application and see your client id and secret you should not be giving it to them.
Read more about this issue Can I really not ship open source with Client ID?
Recommendation:
The best solution for you will be to instruct your users now to create there own project on Google Developer Console and create their own JS origins.
You may just have to provide your own wrapper around the target API where you authorize the client request yourself and then do the request from Google using your own credentials.
I am trying to use the Admin SDK Directory api to look up user profiles. I am able to do this successfully all day (with in quota) with 99% of the time. Though there are certain times where it just fails no matter what.
Yes I have set the service account user, I have the proper scopes, I have admin api turned on.
It even fails in the google api explorer. See screen shots
The call:
https://www.dropbox.com/s/9v9m6s5zf76oix7/call.png?dl=0
The response:
https://www.dropbox.com/s/te6k3x5xjkr467j/response.png?dl=0
Sorry for the links, images keep showing as broken
After contacting google they supplied an answer. There is a setting for the contacts app that enables and disables this.
Admin console >> Google Apps >> Settings for Contacts >> Advanced settings
Contact sharing: Enable contact sharing
Make sure that is enabled and it works.
Here is a screen shot: https://www.dropbox.com/s/8jmzz7zw0xq4ux4/answer.png?dl=0
Honestly, it just seems like some sort of transient error on the Google side. Being that it's working ~99% of the time for you, means you're not doing anything wrong. I would consider this more true b/c you're also using a Google Tool rather than your own so you know it's not the code. When it's failing for you, does it also then fail with the API explorer? What about with the OAuth Playground?
If this is reproducible consistently (same times, after X amount of requests, etc.), it would be worth reporting the the Google for Work Support team (assuming you have the ability to contact support) as it sounds like a bug and they would be able to help with break/fix for API issues.
I am looking for a step by step guide to implement Google OpenID+OAuth in our Webapplication running on Heroku for getting calendar/contacts data. I have looked at many documents and Q&A about this but still can't make things work and was wondering if anyone here knew of a place which describes the plugins, gems needed and a step by step guide. The reason for using the hybrid is that we need a permanent token from Google that we can track for users across multiple sessions.
Truly appreciate any help.
Best,
_KK
You cannot use Google's OpenID to access other service. So you will need to ask user to provide username/password when you want to access calendar (make sure it's SSL-ed!).
So for calendar you can use: GCal4Ruby.
But in general you can access user data using official Google GData gem.