I am using Google Drive API to get the list of files on my google drive. I've got it working by getting an access token, client id and client secret in google cloud platform. My issue is, the token expires in 3600. I've tried this endpoint, https://www.googleapis.com/oauth2/v4/token
and put this in the request body,
{
"client_id": "client_id",
"client_secret": "client_secret",
"refresh_token": "access_token",
"grant_type": "refresh_token"
}
but is only returning
{
"access_token": "new_access_token",
"expires_in": 3552,
"scope": "https://www.googleapis.com/auth/drive.file https://www.googleapis.com/auth/drive",
"token_type": "Bearer"
}
which doesn't refresh the token life.
is there anything I'm missing?
I am using it on postman first so that I can know it's working properly.
any help is appreciated.
Access tokens expire after a set time, and you need to make a call to request a new access token, using the refresh token you received.
Generally, refresh tokens last longer and don't expire in a while, while access tokens are short lived.
This link is to the Google API doc: https://developers.google.com/identity/protocols/oauth2/web-server#offline
This is an SO similar question with useful information, and a useful answer: How to generate access token using refresh token through google drive API?
Basically, you can make an API call from postman to request for a new access token every time you need one (and use it in Postman for the call you need to make)
Turns out, you need to get refresh token from https://developers.google.com/oauthplayground/. You also need to authorize the redirect uri from Google Cloud Platform. Thanks for the guides. really helped a lot.
Related
The Google Drive API GET query started to fail (we are using this api in one of our client service):
https://www.googleapis.com/drive/v3/files/1ke4Yoxxxxxxxxxxxxxx?alt=media&access_token=ya29.ImG9BwT.....
We're sorry...
... but your computer or network may be sending automated queries. To protect our users, we can't process your request right now.
See Google Help for more information...
"Unusual traffic from your computer network"
Everything was ok till today.
Just made a couple of tests with curl:
HTTP GET with access_token inside HTTP header:
curl -H "Authorization: Bearer ya29._valid_access_token" https://www.googleapis.com/drive/v3/files/1r5BT2WPrulQ6FyhT8RcqV51TVOThEmhK?alt=media
Result: success, file downloaded.
HTTP GET with access_token as a part of HTTP request:
curl https://www.googleapis.com/drive/v3/files/1r5BT2WPrulQ6FyhT8RcqV51TVOThEmhK?alt=media&access_token=ya29._valid_access_token
Result: error
{
"error": {
"errors": [
{
"domain": "usageLimits",
"reason": "dailyLimitExceededUnreg",
"message": "Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup.",
"extendedHelp": "https://code.google.com/apis/console"
}
],
"code": 403,
"message": "Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup."
}
}
Note that the Google API project approved by Google and has a Production state!!!
Hi Google team, any ideas why it is happening?
Thank you
Posting this just for documentation purposes. As per the reference provided by Tanaike, since January 1, 2020:
download calls to files.get, revisions.get and files.export endpoints which authenticate using the access token in the query parameter will no longer be supported.
Only requests that download media content (alt=media) are affected by this change.
The access token should be provided in the HTTP header, like Authorization: Bearer oauth2-token or, if that's not possible, follow the workarounds provided in the referenced documentation:
For file downloads, redirect to the webContentLink which will instruct the browser to download the content. If the application wants to display the file to the user, they can simply redirect to the alternateLink in v2 or webViewLink in v3.
For file exports, redirect to the export link in exportLinks with the desired mime type which will instruct the browser to download the content.
Reference:
Changes in authorization to Google Drive API
Authorization via HTTP header
Posting an addition to the documentation of iamblichus specific for application data in Google Drive.
My App uses the Google Drive API in the backend to store the documents of my users on their own Drive. Importantly, I store the data in an application data folder such that the users can't accidently delete the data.
To let the users retreive their documents I used to redirected the user to the
downloadUrl: https://www.googleapis.com/drive/v2/files/id?alt=media&source=downloadUrl&access_token=ya29.** where I added alt=media and access_token to the query. This worked fine till January 1, 2020. As confirmed above. However, now the request fails with the message:
We're sorry... ... but your computer or network may be sending
automated queries. To protect our users, we can't process your request
right now.
GET request downloadUrl failing
In my efforts to find a solution to this problem I've tried the workarrounds provided by Google but they are in my experience not working for documents in an application data folder.
I tried the webContentLink with the access_token query in v2 but it fails with an 401 Unauthorized error.
The alternateLink in v2 and the webViewLink in v3 fail with the error:
The desired file does not exist.
I can't use the exportLinks because that's only for Google Documents.
The solution I found was to first download the file to the server using the Google Drive PHP SDK and then serve it to my users using a Content-Dispostion header. Such as described here. It is a lot less elegant in my opinion because the end users doesn't download the document directly from the Google Drive API but it works.
It's a shame that Google didn't update their documentation nor notified their users..
I was writing a simple logic to list pictures using the Google Photos REST API. I'd like to print the connected user profile once they are logged into my app. But I cannot find any endpoint in the REST API to get the user profile as in Gmail or Drive REST APIs.
https://developers.google.com/photos/library/guides/get-started#request-id
Meanwhile, I have tried to get the user details from the oAuth2 access token, but it does not give any user details like mail id or name.
GET https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=ACCESS_TOKEN
Response:
{
"issued_to": "xxxxx.apps.googleusercontent.com",
"audience": "xxxxxx.apps.googleusercontent.com",
"scope": "https://www.googleapis.com/auth/photoslibrary",
"expires_in": 3522,
"access_type": "offline"
}
Is there any way to retrieve user profile from the above oAuth2 access_token (independent to the scope)?
I'm afraid that at the moment this is not possible. The oAuth2 token does not contain the user's e-mail. The only way of getting the user's email through the Google APIs would be to allow the https://www.googleapis.com/auth/userinfo.email scope, and use the oAuth2 API or the People API. The calls you could use may be any of the following:
GET https://www.googleapis.com/oauth2/v2/userinfo
GET https://www.googleapis.com/userinfo/v2/me
GET https://www.googleapis.com/plus/v1/people/me
I want to use Google CAL API v3 to watch multiple calendars and thus to update all those events from those calendars to a Master Calendar, so I need to use WATCH/PUSH notification in order that whenever there is a new event in those cal’s, those events shd be automatically be pushed/created in my master calendar.
But, I am facing the following issue :Under APIs Explorer. Most of the services return 200 OK, except the Watch request not working.
Services > Calendar API v3 > calendar.events.watch
i got the below request and response
Request
POST https://www.googleapis.com/calendar/v3/calendars/mailid%40domain.com/events/watch?key={YOUR_API_KEY}
{
}
Response
400 OK
{
"error": {
"errors": [
{
"domain": "global",
"reason": "required",
"message": "entity.resource"
}
],
"code": 400,
"message": "entity.resource"
}
}
And then i followed as per the below google documentation
https://developers.google.com/google-apps/calendar/v3/push
Registering Your domain:
Step 1: Verify that you own the domain
Step 2: Register your domain
I verified my domain/notifications in google webmaster tools.
My verified domain look like this:
http://my-domain.com/notifications
And have added my domain name in the webhooks under the PUSH in Google Developer Console, as explained in the doc.
Is there anything i am missing here, plz is there an issue in SSL certificate fr my domain, how can i atleast test in the API explorer, so that i get a return code 200 OK. After that, I need to implement this push/WATCH via Google Apps Script.
Is there any documentation for apps script to use push notification.
Any hint, tip will help me, I am tired with this for the past 1 week in trial and error method.
In the request that you posted the body is empty. In the documentation there is an example where you need to provide the calendar ID, the web_hook and other information:
{
"id": "01234567-89ab-cdef-0123456789ab", // Your channel ID.
"type": "web_hook",
"address": "https://example.com/notifications", // Your receiving URL.
...
"token": "target=myApp-myCalendarChannelDest", // (Optional) Your channel token.
"expiration": 1426325213000 // (Optional) Your requested channel expiration time.
}
Add this information when creating the push notification.
For using apps script you can use URLfetch service with the method "fetch()" then you would need to provide the parameters mentions and make the call as a POST.
Hope this helps.
UPDATE: I will write here to have more space.
Push notifications work in this way.
-You create a push notification with the id, the resource you want to watch, the address where you want to receive the notification and the optional parameters.
-if successful, the server will watch that resource and will send a notification to the address mentioned in the request describing the changes when a change is made to the resource.
-The server needs to know that you received the notification, so from the address mentioned in #1, you need to tell the server that you received the notification returning a HTTP 200 response. (for this you need an app that is listening to the notifications and sending the responses)
for your questions
1.- As the server will make a HTTP request to a url (your web_hook address) Google requires it to be secure, that's why it is required to be HTTPS.
2.- Yes, without that url you won't be able to receive the notification.
3.- Google also needs to verify that the url you provided is actually yours, so you will need to provide the url, then Google will provide you a file, you have to make this file available in that url, then Google will call the url an will retrieve that file. Then you can prove that the URL is yours. I'm not sure if this step can be done with apps script. You can actually deploy a script as web app but i'm not sure if you can use it for this purpose.(here you can find more info and different ways to verify the url)
4.- That's created by yourself. In the documentation is pointed out the recommendations for it.
I hope this clarifies your questions.
You can check here how push notifications work, this example is for Drive but the concept is the same.
Now I am using Google Drive API to upload and download file from / to my Google Drive.
For this purpose, I am using CLIENT_ID and CLIENT_SECRET provided by Google.
But the problem is, everytime I run the program, the program will give me an URL, then I need to open the URL to press Accept, then get a code to continue running the program. The code itself will expire, so I have to this task over and over.
Is there anyway to store this code locally, so the program can run without interact with user?
Thank you very much
when request to exchange authorization_code to access_token, this response will contains like this following format:
{
"access_token":"1/fFAGRNJru1FTz70BzhT3Zg",
"expires_in":3920,
"token_type":"Bearer",
"refresh_token":"1/xEoDL4iW3cxlI7yDbSRFYNG01kVKM2C-259HOF2aQbI"
}
access_token: use to request with Google API, an yes itself will expire 'expires_in' seconds
other while with refresh_token you can refresh to get new valid access_token by use a Google refresh token API
read more at https://developers.google.com/accounts/docs/OAuth2InstalledApp -> Using a refresh token
Hi I have a very simple Google Apps Script, i.e. one that is created when in Google Drive and click create and then script.
What I would like to be able to do is have users authenticate using the oauth 2 protocol, receive the authorisation code and exchange that for an access token and refresh token. This requirement is for an IPhone app so I would rather save the refresh token so users do not have to login repeatedly.
My issue is that I do seem be able to get the access and refresh token, I can see the client_id of the app in the url returned from the authentication step, however I believe I also need client_secret to request the access and refresh token from:
https://accounts.google.com/o/oauth2/token.
I'm asking it this even possible, if so do you know of any examples and if not could you recommend a different approach (perhaps use an application specific password).
Many thanks
You should be able to obtain this from the Oauth Playground.
Oauth Playground