I have been running GDrive API v3 using our Node.js API for awhile now (1+ year), and everything has been functional for creating (drive.files.create) & reading (drive.files.get) DOCX files through the Google Drive API logic using a service account. Everything has been working perfectly fine.
Today I am trying to extend our infrastructure to handle some generic Google Docs files (rather than the existing DOCX stored within GDrive) using the same service account, but the GDrive API is now returning a 403 "Forbidden" error for these files specifically. I can't seem to figure out why there would be a difference in permissions for two file formats that are within the same service account (is the owner of both) and are using the same OAuth token system that I set up originally. The service account itself created the file, so I am a little shocked that it can't then access the same file using the GDrive API.
My question is, is it not possible to use GDrive API to access Google Doc files, even when the files are within a GDrive folder? I can't seem to find any definitive information online on whether we specifically have to use the Google Docs API to access Docs files (seems silly if true). If it is possible, is there an alternative SCOPE that I need to assign to this service account to access Google Docs items specifically? Right now the only SCOPE assigned is https://www.googleapis.com/auth/drive, which according to documentation should be enough to access all of our GDrive files.
I can share some code, but there is not exactly a lot more than what I explained above. I would like to not have to entirely re-do my GDrive OAuth permissions if possible, as that took me a long time in the first place, but if that is the only way, I would love to hear suggestions.
Thanks!
Related
I want to download a Google Sheet (and/or Doc, or Colab Notebook) from an "Anyone can View" sharing URL, if the file is newer than my local copy. To do that, I need to find out when the remote file was last modified. Which I thought shouldn't be hard.
There are threads explaining how to do this for regular files on websites that make use of the HTML Last-Modified property, but Google doesn't provide this field in its headers. It provides a Date: but that's just the download date/time that updates every moment.
I see threads about doing this from within the Doc or Sheet itself. My question is not about that. I'm talking about getting the info remotely by running a python script on my local machine.
I see a thread about using the Google Drive API v3, but....is it really necessary to go through all that (e.g. install oauth, register an API key, etc. effectively create an entire Google app *) just to find out when a publicly-available file was last modified? Is there an easier way?
Thanks!
EDIT: * I started down the road of Google Drive API but I find it confusing and overwhelming. It's like they think I'm trying to create an app for general users for the Android Store, instead of just myself. (??)
I'm trying to implement a shared filespace on an existing server that has its own login/authentication system. I'd prefer if I could use Google Drive or One Drive as the actual backing file store since then the files could (ideally) be edited in browser and automatically update for everyone else that has access to the shared area.
Diagrammatically (red link = existing authorization, red dashed line = desired auth in a session):
The need for this weird scheme stems from usage by a group where almost the entire set of members gets replaced each year (university committee). It was decided we don't just want to use a Google Drive folder since these end up in people's personal Google Drive folders, files get lost of cleared out etc. Additionally we already pass through this website quite regularly so it makes sense as an official repository of committee documents.
However this leaves me stuck with the issue in the diagram. I don't think that the server can create new, temporary tokens for a logged in user for them to pass to the Google Drive API to edit files. The question is really, can I get the Google API to do this for me somehow by only talking to the server? If not, what's the best way to implement this?
Thanks!
I used to run a script that would back up various files and put them in my GDrive. Simple bash, really. By "putting them in GDrive" I mean it would simple move the files to ~/Google Drive/ which would be picked up by my laptop.
I'm trying to build a similar app that will upload certain files to my Google Drive. It should be started by me, save the auth details and then start uploading. This must also run from the command line. However, there is no Google Drive client that will pick up the files. I must upload the files myself.
Currently, I'm having trouble with the OAuth2 procedure. I've set up a project on cloud.google.com, I have the keys, the library ready and the scopes set up, but Google keeps refusing my request. I've enabled both the Drive API and the Drive SDK.
The error I'm getting is:
{
"error" : "invalid_scope",
"error_description" : "Not authorized to request the scopes: [https://www.googleapis.com/auth/drive]",
"error_uri" : "http://code.google.com/apis/accounts/docs/OAuth2.html"
}
No matter what I try, I cant get this scope to work. Other scopes work fine. Trying to find what could cause this is impossible, the Google searches I've tried are muddled.
These are the scopes I'm requesting:
https://www.googleapis.com/auth/drive
https://www.googleapis.com/auth/userinfo.email
https://www.googleapis.com/auth/userinfo.profile
What am I missing?
I've managed to get access using the following scope instead of https://www.googleapis.com/auth/drive:
https://docs.google.com/feeds
From the manual:
Full, permissive scope to access all of a user's files. Request this
scope only when it is strictly necessary. Tokens with scope
https://docs.google.com/feeds are accepted and treated the same as
tokens with scope https://www.googleapis.com/auth/drive.
I tried it, and it worked.
Are you sure you enable the API's for Google Drive API, Drive SDK, Google+? You have to do this in order to use those scopes from Google Developer Console
I have a webapp, mywebapp.com, that successfully gets user permission to access Google Drive, mostly following examples for server-side flow here:
https://developers.google.com/drive/web/auth/web-server
I successfully upload, then access those SAME files.
However, what I really want to do is access OTHER files, in particular Google Docs docs. Can this be done, and how?
If not, can it be done with client-side flow using regular JavaScript (not Google's hosted scripts)?
What your app can and cannot see is determined by the scope. The possible values are enumerated here https://developers.google.com/drive/web/scopes
I'm working on a Google Drive interface for Emacs. The concept is that Emacs could provide a platform-agnostic way to load, modify and save text documents stored in Google Drive. I've registered my app and can authenticate with OAuth2 and get a file listing with the Docs List API, but when I try to execute an Insert with the Google Drive API, I see an error:
"The authenticated user has not installed the app with client id ..."
Reading further, it seems I need to publish my Emacs application in the Chrome Web Store to get access to the Drive API. That doesn't make sense to me...I noticed that there is a FUSE project in development for Google Drive, which suggests that native development is possible. When I skimmed the code, however, I didn't see a Chrome Web Store component to getting it working.
Am I trying to misuse the API, or is there an route to make this work that makes more sense?
EDIT:
According to Ali Afshar, of the Google Drive team, installation is no longer required to use this API. So what follows may no longer be relevant, but will be left for historical purposes.
So, first off the API does not support application development in the sense that we are both doing it, I wouldn't use the word native though. The good news is I have been doing some research and Google Drive is really just a rebranding of Google Docs. So the Google Docs API could be a good choice as well for the same purposes.
Anyway, here's the steps to solve the error: "The authenticated user has not installed the app with client id ..." Which is a 403 error, for the sake of this answer. These steps assume you have set up an app in the chrome web store as is required, and installed it. I am working on my local machine too, with my project: http://github.com/tom-dignan/gdrive-cli which I have gotten past this error, so I think you should keep plugging away at your emacs version, because I think we can make this work.
a. Open the Google APIs console.
b. Confirm you've already enabled the apis under "API Access" both the API and SDK for Google drive should be enabled. There you get your client secrets/api keys and such. I am almost positive you've done this already, so go ahead to C. (this is here for others who may have missed it)
c. In the left navigation bar, under "Drive SDK" you will need to do the following:
Add a "Support URL" (required)
Add at least a small 16x16 application icon (required)
Add "OAuth Client ID (Required)" under Drive Integration (I was just tinkering and this seems to be the key field.)
Add "Open URL (Required) URL to open for your app from the google drive UI."
Check off "Multiple File Support"
Add some MIME types and file extensions, "text/plain", and txt for example
Add the the auth scopes:
https://www.googleapis.com/auth/userinfo.email
https://www.googleapis.com/auth/userinfo.profile
Don't bother trying to add the auth scopes for Google Docs here, because it won't work. Google does not want us to use it that way because files that drive apps create should be private to that app. Integration with Google Docs will have to be separate.
Now I know you must be thinking "why do I have to add some of these..." It's because the form makes them required fields. In mine, I put a couple URLs that point to static HTML pages.
Once you've done the above, clean up your state and reinstall your chrome app. Then try your code again, and it should stop giving you a 403.