Google Drive API failing - Unusual traffic from your computer network - google-drive-api

The Google Drive API GET query started to fail (we are using this api in one of our client service):
https://www.googleapis.com/drive/v3/files/1ke4Yoxxxxxxxxxxxxxx?alt=media&access_token=ya29.ImG9BwT.....
We're sorry...
... but your computer or network may be sending automated queries. To protect our users, we can't process your request right now.
See Google Help for more information...
"Unusual traffic from your computer network"
Everything was ok till today.
Just made a couple of tests with curl:
HTTP GET with access_token inside HTTP header:
curl -H "Authorization: Bearer ya29._valid_access_token" https://www.googleapis.com/drive/v3/files/1r5BT2WPrulQ6FyhT8RcqV51TVOThEmhK?alt=media
Result: success, file downloaded.
HTTP GET with access_token as a part of HTTP request:
curl https://www.googleapis.com/drive/v3/files/1r5BT2WPrulQ6FyhT8RcqV51TVOThEmhK?alt=media&access_token=ya29._valid_access_token
Result: error
{
"error": {
"errors": [
{
"domain": "usageLimits",
"reason": "dailyLimitExceededUnreg",
"message": "Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup.",
"extendedHelp": "https://code.google.com/apis/console"
}
],
"code": 403,
"message": "Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup."
}
}
Note that the Google API project approved by Google and has a Production state!!!
Hi Google team, any ideas why it is happening?
Thank you

Posting this just for documentation purposes. As per the reference provided by Tanaike, since January 1, 2020:
download calls to files.get, revisions.get and files.export endpoints which authenticate using the access token in the query parameter will no longer be supported.
Only requests that download media content (alt=media) are affected by this change.
The access token should be provided in the HTTP header, like Authorization: Bearer oauth2-token or, if that's not possible, follow the workarounds provided in the referenced documentation:
For file downloads, redirect to the webContentLink which will instruct the browser to download the content. If the application wants to display the file to the user, they can simply redirect to the alternateLink in v2 or webViewLink in v3.
For file exports, redirect to the export link in exportLinks with the desired mime type which will instruct the browser to download the content.
Reference:
Changes in authorization to Google Drive API
Authorization via HTTP header

Posting an addition to the documentation of iamblichus specific for application data in Google Drive.
My App uses the Google Drive API in the backend to store the documents of my users on their own Drive. Importantly, I store the data in an application data folder such that the users can't accidently delete the data.
To let the users retreive their documents I used to redirected the user to the
downloadUrl: https://www.googleapis.com/drive/v2/files/id?alt=media&source=downloadUrl&access_token=ya29.** where I added alt=media and access_token to the query. This worked fine till January 1, 2020. As confirmed above. However, now the request fails with the message:
We're sorry... ... but your computer or network may be sending
automated queries. To protect our users, we can't process your request
right now.
GET request downloadUrl failing
In my efforts to find a solution to this problem I've tried the workarrounds provided by Google but they are in my experience not working for documents in an application data folder.
I tried the webContentLink with the access_token query in v2 but it fails with an 401 Unauthorized error.
The alternateLink in v2 and the webViewLink in v3 fail with the error:
The desired file does not exist.
I can't use the exportLinks because that's only for Google Documents.
The solution I found was to first download the file to the server using the Google Drive PHP SDK and then serve it to my users using a Content-Dispostion header. Such as described here. It is a lot less elegant in my opinion because the end users doesn't download the document directly from the Google Drive API but it works.
It's a shame that Google didn't update their documentation nor notified their users..

Related

Access Google Drive REST without google sdk

I have a lightweight node.js module that needs to pull from google drive. They have a REST/HTTPS interface but AFAICT it's only accessible via their SDK. I want to use REST/HTTPS so I don't have to use an SDK. Is this possible for file download? For file find (file:list e.g. https://developers.google.com/drive/v3/reference/files/list)?
I don't understand why you think it's only accessible using an SDK. The link you posted clearly shows the URL endpoint, lists the optional parameters and gives the format of the JSON response.
If you click "Try it now" and open your browser console, you will see the http request and response which you can mirror in your app.
The only thing you also need to consider is that before making a REST request to Google, you must obtain an Access Token and set it in an Authorization: Bearer xxxxxxxx header, or provide it as a query parameter as &access_token=xxxxxxxxx

Google Drive API downloadURL 401 error

Anybody can help or enlighten me with my issue:
I'm a Java developer and I have an existing smart printer app called GDrive App. It uses Google Drive API (oauth 2.0, gdata-version 2.0 and 3.0 for download-print file) .
This has been working for months until now. Actually, only the download-printing part is no longer working this time, I can still access the app (retrieve files, create folder, search and delete files).
Actual problem:
I keep on getting 401 error when I try to download file (to input stream) for printing. It's confusing because I already provided all the necessary information during the request. And it has been working for many months. No changes of the code. Weird.
I have this for headers:
[Authorization: Bearer ya29.CjAkA8uPBUsKWYMSEDpPxUbP_vtQJOKfCZ7O8I4GkpUkN70bGgnDTAVYiVW2m353H2Y
, GData-Version: 3.0
]
While executing this URL to download and print resource, I couldn't access this.
https://doc-0o-7o-docs.googleusercontent.com/docs/securesc/l9c2gms12ko7qqfc58putbb2v38kkvmm/dp5l9kmpu48kdi8mp2rvtmc1dm1f41tk/1468828800000/09859633411849852329/09859633411849852329/0ByU-nFK_03gtZGhBZkxCYmExeGc?e=download&gd=true
Error 401 means that you aren't authorized properly. Most likely the ya29.CjAkA8uPBUsKWYMSEDpPxUbP_vtQJOKfCZ7O8I4GkpUkN70bGgnDTAVYiVW2m353H2Y access token you are using expired and you have to request another.
You should write your code to anticipate the possibility that a granted token might no longer work. A token might stop working for one of these reasons:
The user has revoked access.
The token has not been used for six months.
The user changed passwords and the token contains Gmail, Calendar,
Contacts, or Hangouts scopes.
The user account has exceeded a certain number of token requests.
source
You can use GoogleAuthorizationCodeTokenRequest to request an access token and possibly a refresh token.

Set up Google Calendar V3 API Push notification via my Google Apps script

I want to use Google CAL API v3 to watch multiple calendars and thus to update all those events from those calendars to a Master Calendar, so I need to use WATCH/PUSH notification in order that whenever there is a new event in those cal’s, those events shd be automatically be pushed/created in my master calendar.
But, I am facing the following issue :Under APIs Explorer. Most of the services return 200 OK, except the Watch request not working.
Services > Calendar API v3 > calendar.events.watch
i got the below request and response
Request
POST https://www.googleapis.com/calendar/v3/calendars/mailid%40domain.com/events/watch?key={YOUR_API_KEY}
{
}
Response
400 OK
{
"error": {
"errors": [
{
"domain": "global",
"reason": "required",
"message": "entity.resource"
}
],
"code": 400,
"message": "entity.resource"
}
}
And then i followed as per the below google documentation
https://developers.google.com/google-apps/calendar/v3/push
Registering Your domain:
Step 1: Verify that you own the domain
Step 2: Register your domain
I verified my domain/notifications in google webmaster tools.
My verified domain look like this:
http://my-domain.com/notifications
And have added my domain name in the webhooks under the PUSH in Google Developer Console, as explained in the doc.
Is there anything i am missing here, plz is there an issue in SSL certificate fr my domain, how can i atleast test in the API explorer, so that i get a return code 200 OK. After that, I need to implement this push/WATCH via Google Apps Script.
Is there any documentation for apps script to use push notification.
Any hint, tip will help me, I am tired with this for the past 1 week in trial and error method.
In the request that you posted the body is empty. In the documentation there is an example where you need to provide the calendar ID, the web_hook and other information:
{
"id": "01234567-89ab-cdef-0123456789ab", // Your channel ID.
"type": "web_hook",
"address": "https://example.com/notifications", // Your receiving URL.
...
"token": "target=myApp-myCalendarChannelDest", // (Optional) Your channel token.
"expiration": 1426325213000 // (Optional) Your requested channel expiration time.
}
Add this information when creating the push notification.
For using apps script you can use URLfetch service with the method "fetch()" then you would need to provide the parameters mentions and make the call as a POST.
Hope this helps.
UPDATE: I will write here to have more space.
Push notifications work in this way.
-You create a push notification with the id, the resource you want to watch, the address where you want to receive the notification and the optional parameters.
-if successful, the server will watch that resource and will send a notification to the address mentioned in the request describing the changes when a change is made to the resource.
-The server needs to know that you received the notification, so from the address mentioned in #1, you need to tell the server that you received the notification returning a HTTP 200 response. (for this you need an app that is listening to the notifications and sending the responses)
for your questions
1.- As the server will make a HTTP request to a url (your web_hook address) Google requires it to be secure, that's why it is required to be HTTPS.
2.- Yes, without that url you won't be able to receive the notification.
3.- Google also needs to verify that the url you provided is actually yours, so you will need to provide the url, then Google will provide you a file, you have to make this file available in that url, then Google will call the url an will retrieve that file. Then you can prove that the URL is yours. I'm not sure if this step can be done with apps script. You can actually deploy a script as web app but i'm not sure if you can use it for this purpose.(here you can find more info and different ways to verify the url)
4.- That's created by yourself. In the documentation is pointed out the recommendations for it.
I hope this clarifies your questions.
You can check here how push notifications work, this example is for Drive but the concept is the same.

How to store the access code of Google Drive locally and use for a long time?

Now I am using Google Drive API to upload and download file from / to my Google Drive.
For this purpose, I am using CLIENT_ID and CLIENT_SECRET provided by Google.
But the problem is, everytime I run the program, the program will give me an URL, then I need to open the URL to press Accept, then get a code to continue running the program. The code itself will expire, so I have to this task over and over.
Is there anyway to store this code locally, so the program can run without interact with user?
Thank you very much
when request to exchange authorization_code to access_token, this response will contains like this following format:
{
"access_token":"1/fFAGRNJru1FTz70BzhT3Zg",
"expires_in":3920,
"token_type":"Bearer",
"refresh_token":"1/xEoDL4iW3cxlI7yDbSRFYNG01kVKM2C-259HOF2aQbI"
}
access_token: use to request with Google API, an yes itself will expire 'expires_in' seconds
other while with refresh_token you can refresh to get new valid access_token by use a Google refresh token API
read more at https://developers.google.com/accounts/docs/OAuth2InstalledApp -> Using a refresh token

Daily Limit Error Message with Google Drive

I am getting an error message when trying to use the Google Drive API to get a file. Using Python, the line that causes error is:
file = service.files().get(fileId=googleDriveFileId).execute()
The error message is:
HttpError: <HttpError 404 when requesting
https://www.googleapis.com/drive/v2/files/0B6Cpn8NXwgGPSE8zQW10XzJMc0k?alt=json returned
"File not found: 0B6Cpn8NXwgGPSE8zQW10XzJMc0k">
Basically saying "File not found"
However, if I put the URL being requested into browser, I get a different error message:
https://www.googleapis.com/drive/v2/files/0B6Cpn8NXwgGPSE8zQW10XzJMc0k
{
"error": {
"errors": [
{
"domain": "usageLimits",
"reason": "dailyLimitExceededUnreg",
"message": "Daily Limit Exceeded. Please sign up",
"extendedHelp": "https://code.google.com/apis/console"
}
],
"code": 403,
"message": "Daily Limit Exceeded. Please sign up"
}
}
Neither of these error messages seem correct to me. I know the file is there. Here is a working link to the same file retrieved from "Share Link" in the Google Drive UI:
https://docs.google.com/file/d/0B6Cpn8NXwgGPSE8zQW10XzJMc0k
I have also checked the Quota reports in the api console, and we are at 0% usage.
Any ideas what is going on here?
Thanks
I had similar errors following the python quickstart.
It turned out I had correctly created an API key etc, however had missed step 2:
Select the Services tab in your API project, and enable the Drive API.
Having used the API before I skipped along and missed this crucial point.
Both of the error messages did not have accurate info. The problem was related to permissions. I was using Google Picker to upload the files in question, but these files were not automatically available to the API because of permissions. I thought they would be according to documentation.
I solved problem by setting the permissions for the folder the images are being uploaded to for "Public" using the Google Drive UI. Now my app has permission to access the uploaded files.
While setting files permission to "Public" is okay in my case, as these files are meant to be public, I know this would not be acceptable in all cases. Can someone please shed light on how to handle this problem.... so that files uploaded with Google Picker automatically have the permission to be accessed by the API without setting folder permissions to "Public"?
The messages were accurate.
In the first case, because you don't have permission, Google gives a file not found. This is a standard security measure, rather than leak information by confirming the file exists.
In the second case, you called the API without an Authentication Header, so Google treats you as an unregistered and unauthorised app, which for some Google APIs is OK, up to a a daily quota. In the case of Drive, that daily quota is zero.
I agree it's not intuitive, and I'm sure many developer man years have been wasted (mine included), but it is accurate.
To answer your question about why the uploaded file is inaccessible, check that you have requested the correct scope, and that you are using the correct client id and mime type when doing the upload.