I have a java agent that will list all the files from Google Drive using the api provided from google developer (https://developers.google.com/drive/api/v3/quickstart/java).
However, the agent is having a "Access is denied" error when trying to create the "tokens" folder from "C:\Program Files (x86)\IBM\Notes\framework" directory.
I have created the "tokens" folder manually but the error still occured.
I have put all the required jar files in "/jvm/lib/ext" and updated the java policy on my local as follows:
// custom java security policy, to allow external jar file access
grant { permission java.util.PropertyPermission "http.keepAlive", "read, write"; };
grant { permission java.security.AllPermission; }
My actual agent code
private static final String APPLICATION_NAME = "Google Drive API Java Quickstart";
private static final JsonFactory JSON_FACTORY = JacksonFactory.getDefaultInstance();
private static final String TOKENS_DIRECTORY_PATH = "tokens";
/**
* Global instance of the scopes required by this quickstart.
* If modifying these scopes, delete your previously saved tokens/ folder.
*/
private static final List<String> SCOPES = Collections.singletonList(DriveScopes.DRIVE_METADATA_READONLY);
private static final String CREDENTIALS_FILE_PATH = "/credentials.json";
public void NotesMain() {
try {
Session session = getSession();
AgentContext agentContext = session.getAgentContext();
this.main();
// (Your code goes here)
} catch(Exception e) {
e.printStackTrace();
}
}
/**
* Creates an authorized Credential object.
* #param HTTP_TRANSPORT The network HTTP Transport.
* #return An authorized Credential object.
* #throws IOException If the credentials.json file cannot be found.
*/
private static Credential getCredentials(final NetHttpTransport HTTP_TRANSPORT) throws IOException {
// Load client secrets.
InputStream in = JavaAgent.class.getResourceAsStream(CREDENTIALS_FILE_PATH);
if (in == null) {
throw new FileNotFoundException("Resource not found: " + CREDENTIALS_FILE_PATH);
}
GoogleClientSecrets clientSecrets = GoogleClientSecrets.load(JSON_FACTORY, new InputStreamReader(in));
// Build flow and trigger user authorization request.
GoogleAuthorizationCodeFlow flow = new GoogleAuthorizationCodeFlow.Builder(
HTTP_TRANSPORT, JSON_FACTORY, clientSecrets, SCOPES)
.setDataStoreFactory(new FileDataStoreFactory(new java.io.File(TOKENS_DIRECTORY_PATH)))
.setAccessType("offline")
.build();
LocalServerReceiver receiver = new LocalServerReceiver.Builder().setPort(8888).build();
return new AuthorizationCodeInstalledApp(flow, receiver).authorize("user");
}
public static void main() throws IOException, GeneralSecurityException {
// Build a new authorized API client service.
final NetHttpTransport HTTP_TRANSPORT = GoogleNetHttpTransport.newTrustedTransport();
Drive service = new Drive.Builder(HTTP_TRANSPORT, JSON_FACTORY, getCredentials(HTTP_TRANSPORT))
.setApplicationName(APPLICATION_NAME)
.build();
// Print the names and IDs for up to 10 files.
FileList result = service.files().list()
.setPageSize(10)
.setFields("nextPageToken, files(id, name)")
.execute();
List<File> files = result.getFiles();
if (files == null || files.isEmpty()) {
System.out.println("No files found.");
} else {
System.out.println("Files:");
for (File file : files) {
System.out.printf("%s (%s)\n", file.getName(), file.getId());
}
}
}
}
This is the error Ive'd got from the java debug console.
java.io.IOException: Access is denied.
at java.io.File.createNewFile(File.java:894)
at com.google.api.client.util.store.FileDataStoreFactory$FileDataStore.(FileDataStoreFactory.java:96)
at com.google.api.client.util.store.FileDataStoreFactory.createDataStore(FileDataStoreFactory.java:73)
at com.google.api.client.util.store.AbstractDataStoreFactory.getDataStore(AbstractDataStoreFactory.java:55)
at com.google.api.client.auth.oauth2.StoredCredential.getDefaultDataStore(StoredCredential.java:171)
at com.google.api.client.auth.oauth2.AuthorizationCodeFlow$Builder.setDataStoreFactory(AuthorizationCodeFlow.java:744)
at com.google.api.client.googleapis.auth.oauth2.GoogleAuthorizationCodeFlow$Builder.setDataStoreFactory(GoogleAuthorizationCodeFlow.java:209)
at JavaAgent.getCredentials(Unknown Source)
at JavaAgent.main(Unknown Source)
at JavaAgent.NotesMain(Unknown Source)
at lotus.domino.AgentBase.runNotes(Unknown Source)
at lotus.domino.NotesThread.run(Unknown Source)
Related
there are already a few people that have asked questions in regards to this, but I still wasn't able to solve my problem.
So, I did the gradle/java quickstart to Print the names and IDs for up to 10 files in my Googledrive. That was fine, but I want to write a java script to upload files on my drive, I inserted the main function below in my java file.
public class DriveCommandLine {
/** Application name. */
private static final String APPLICATION_NAME =
"Drive API Java Quickstart";
/** Directory to store user credentials for this application. */
private static final java.io.File DATA_STORE_DIR = new java.io.File(
System.getProperty("user.home"), ".credentials/drive-java-quickstart");
/** Global instance of the {#link FileDataStoreFactory}. */
private static FileDataStoreFactory DATA_STORE_FACTORY;
/** Global instance of the JSON factory. */
private static final JsonFactory JSON_FACTORY =
JacksonFactory.getDefaultInstance();
/** Global instance of the HTTP transport. */
private static HttpTransport HTTP_TRANSPORT;
/** Global instance of the scopes required by this quickstart.
*
* If modifying these scopes, delete your previously saved credentials
* at ~/.credentials/drive-java-quickstart
*/
private static final List<String> SCOPES =
Arrays.asList(DriveScopes.DRIVE_METADATA_READONLY);
static {
try {
HTTP_TRANSPORT = GoogleNetHttpTransport.newTrustedTransport();
DATA_STORE_FACTORY = new FileDataStoreFactory(DATA_STORE_DIR);
} catch (Throwable t) {
t.printStackTrace();
System.exit(1);
}
}
/**
* Creates an authorized Credential object.
* #return an authorized Credential object.
* #throws IOException
*/
public static Credential authorize() throws IOException {
// Load client secrets.
InputStream in =
DriveCommandLine.class.getResourceAsStream("/client_secret.json");
GoogleClientSecrets clientSecrets =
GoogleClientSecrets.load(JSON_FACTORY, new InputStreamReader(in));
// Build flow and trigger user authorization request.
GoogleAuthorizationCodeFlow flow =
new GoogleAuthorizationCodeFlow.Builder(
HTTP_TRANSPORT, JSON_FACTORY, clientSecrets, SCOPES)
.setDataStoreFactory(DATA_STORE_FACTORY)
.setAccessType("offline")
.build();
Credential credential = new AuthorizationCodeInstalledApp(
flow, new LocalServerReceiver()).authorize("user");
System.out.println(
"Credentials saved to " + DATA_STORE_DIR.getAbsolutePath());
return credential;
}
/**
* Build and return an authorized Drive client service.
* #return an authorized Drive client service
* #throws IOException
*/
public static Drive getDriveService() throws IOException {
Credential credential = authorize();
return new Drive.Builder(
HTTP_TRANSPORT, JSON_FACTORY, credential)
.setApplicationName(APPLICATION_NAME)
.build();
}
public static void main(String[] args) throws IOException{
//Insert a file
Drive service = getDriveService();
File body = new File();
body.setDescription("A test document");
body.setMimeType("text/plain");
java.io.File fileContent = new java.io.File("D:\\MyFiles\\nkonstantinidis\\Study\\IntelliJ_Shortcuts.txt");
FileContent mediaContent = new FileContent("text/plain", fileContent);
File file = service.files().insert(body, mediaContent).execute();
System.out.println("file ID: " + file.getId());
}
}
And I'm getting an error message shown below when I run it
Exception in thread "main" com.google.api.client.googleapis.json.GoogleJsonResponseException: 403 Forbidden
{
"code" : 403,
"errors" : [ {
"domain" : "global",
"message" : "Insufficient Permission",
"reason" : "insufficientPermissions"
} ],
"message" : "Insufficient Permission"
}
at com.google.api.client.googleapis.json.GoogleJsonResponseException.from(GoogleJsonResponseException.java:146)
at com.google.api.client.googleapis.services.json.AbstractGoogleJsonClientRequest.newExceptionOnError(AbstractGoogleJsonClientRequest.java:113)
at com.google.api.client.googleapis.services.json.AbstractGoogleJsonClientRequest.newExceptionOnError(AbstractGoogleJsonClientRequest.java:40)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed(AbstractGoogleClientRequest.java:432)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed(AbstractGoogleClientRequest.java:352)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.execute(AbstractGoogleClientRequest.java:469)
at DriveCommandLine.main(DriveCommandLine.java:114)
I have created the OAuth client ID and enabled google drive but this still doing it's thing.
Could you maybe help me, or even better direct to tutorial for uploading files on google drive, I'm quite bad in Java so bear with me.
Thanks in advance.
You must change SCOPE used for connection (Insufficient Permission message) into appropriate one
private static final List<String> SCOPES = Arrays.asList(DriveScopes.DRIVE_METADATA_READONLY);
From DriveScope.class:
/** View and manage the files in your Google Drive. */
public static final String DRIVE = "https://www.googleapis.com/auth/drive";
/** View and manage its own configuration data in your Google Drive. */
public static final String DRIVE_APPDATA = "https://www.googleapis.com/auth/drive.appdata";
/** View and manage Google Drive files and folders that you have opened or created with this app. */
public static final String DRIVE_FILE = "https://www.googleapis.com/auth/drive.file";
/** View and manage metadata of files in your Google Drive. */
public static final String DRIVE_METADATA = "https://www.googleapis.com/auth/drive.metadata";
/** View metadata for files in your Google Drive. */
public static final String DRIVE_METADATA_READONLY = "https://www.googleapis.com/auth/drive.metadata.readonly";
/** View the photos, videos and albums in your Google Photos. */
public static final String DRIVE_PHOTOS_READONLY = "https://www.googleapis.com/auth/drive.photos.readonly";
/** View the files in your Google Drive. */
public static final String DRIVE_READONLY = "https://www.googleapis.com/auth/drive.readonly";
/** Modify your Google Apps Script scripts' behavior. */
public static final String DRIVE_SCRIPTS = "https://www.googleapis.com/auth/drive.scripts";
Remember to delete saved credentials (created by application) after changing SCOPE
How can we setup a service account authorisation with the Google Drive API, so we can act on behalf of a other user within the domain.
The code throws a HTTP ERROR 500 on line 201, see stacktrace below:
URI is not hierarchical
Caused by:
java.lang.IllegalArgumentException: URI is not hierarchical
at java.io.File.<init>(File.java:418)
at com.caase.portal.DriveServlet.getDriveService(DriveServlet.java:201)
at com.caase.portal.DriveServlet.doGet(DriveServlet.java:67)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:617)
at com.google.api.client.extensions.servlet.auth.oauth2.AbstractAuthorizationCodeServlet.service(AbstractAuthorizationCodeServlet.java:130)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
See the code mentioned below:
/** Email of the Service Account */
private static final String SERVICE_ACCOUNT_EMAIL = "xxx#developer.gserviceaccount.com";
/** Path to the Service Account's Private Key file */
private static final String SERVICE_ACCOUNT_PKCS12_FILE_PATH = "xxx-privatekey.p12";
/**
* Build and returns a Drive service object authorized with the service accounts
* that act on behalf of the given user.
*
* #param userEmail The email of the user.
* #return Drive service object that is ready to make requests.
*/
public static Drive getDriveService(String userEmail) throws GeneralSecurityException,
IOException, URISyntaxException {
URI keyURL;
keyURL = DriveServlet.class.getResource(SERVICE_ACCOUNT_PKCS12_FILE_PATH).toURI();
HttpTransport httpTransport = new NetHttpTransport();
JacksonFactory jsonFactory = new JacksonFactory();
GoogleCredential credential = new GoogleCredential.Builder()
.setTransport(httpTransport)
.setJsonFactory(jsonFactory)
.setServiceAccountId(SERVICE_ACCOUNT_EMAIL)
.setServiceAccountScopes(DriveScopes.all())
.setServiceAccountUser(userEmail)
.setServiceAccountPrivateKeyFromP12File(new java.io.File(keyURL))
.build();
Drive service = new Drive.Builder(httpTransport, jsonFactory, null)
.setHttpRequestInitializer(credential).build();
return service;
}
The line that throws the error is:
.setServiceAccountPrivateKeyFromP12File(new java.io.File(keyURL))
If I split up the line the error occurs in the new File creation:
new java.io.File(keyURL)
The key file is located in: src/main/resources
Any help is welcome :-)
Moved the resources folder from src/main/resources to src/resources and changed SERVICE_ACCOUNT_PKCS12_FILE_PATH to '/resources/xxx-privatekey.p12'. It works like a charm now!
for our domain, there's a need to transfer files in a particular folder from one user to an admin account. The admin account has the "writer" role on all the files. Both users are in the same domain.
I'm using domain-wide delegation as the authorization method.
When updating the admin account's permission from "writer" to "owner", the program returns with 500 Internal Error. Any help will be appreciated. Thanks!
public static Drive getDriveService(String userEmail) throws GeneralSecurityException,IOException, URISyntaxException {
HttpTransport httpTransport = new NetHttpTransport();
JacksonFactory jsonFactory = new JacksonFactory();
Collection<String> scope = new ArrayList<String>();
scope.add(DriveScopes.DRIVE);
GoogleCredential credential = new GoogleCredential.Builder()
.setTransport(httpTransport)
.setJsonFactory(jsonFactory)
.setServiceAccountId(SERVICE_ACCOUNT_EMAIL)
.setServiceAccountScopes(scope)
.setServiceAccountUser(userEmail)
.setServiceAccountPrivateKeyFromP12File(
new java.io.File(SERVICE_ACCOUNT_PKCS12_FILE_PATH))
.build();
Drive service = new Drive.Builder(httpTransport, jsonFactory, null)
.setHttpRequestInitializer(credential).build();
return service;
}
public static void main(String[] args) {
try {
Drive userDriveService = getDriveService(ADMIN_ACCT_EMAIL);
ChildList list = userDriveService.children().list(folderId).setQ("not '" + ADMIN_ACCT_EMAIL + "' in owners").execute();
java.util.List<ChildReference> children = list.getItems();
//Simplified for testing
ChildReference child = children.get(0);
String fileId = child.getId();
String permId = userDriveService.permissions().getIdForEmail(ADMIN_ACCT_EMAIL).execute().getId();
Permission perm = userDriveService.permissions().get(fileId, permId).execute();
perm.setRole("owner");
userDriveService.permissions().update(fileId, permId, perm).setTransferOwnership(true).execute();
} catch (GeneralSecurityException | IOException | URISyntaxException e) {
e.printStackTrace();
}
}
Realized that I should have been using the owner's email to get the driveservice. This worked after changing that one line. Thanks.
Drive userDriveService = getDriveService(ORIGINAL_OWNER_EMAIL);
How do I get the refresh token and the access token from the first time authorization code? And, how do I reuse this refresh token to get a new access token to upload to Google Drive using the Java API? This is not a web application. It's in Java Swing code.
We can reuse the refresh token to get new access token by following code
public class OAuthRefreshToken implements CredentialRefreshListener {
public static GoogleCredential getAccessTokenFromRefreshToken( String refreshToken, HttpTransport transport, com.google.api.client.json.JsonFactory jsonFactory, String CLIENT_ID, String CLIENT_SECRET) throws IOException
{
GoogleCredential.Builder credentialBuilder = new GoogleCredential.Builder()
.setTransport(transport).setJsonFactory(jsonFactory)
.setClientSecrets(CLIENT_ID, CLIENT_SECRET);
credentialBuilder.addRefreshListener(new OAuthRefreshToken());
GoogleCredential credential = credentialBuilder.build();
credential.setRefreshToken(refreshToken);
credential.refreshToken();
return credential;
}
#Override
public void onTokenErrorResponse(Credential arg0, TokenErrorResponse arg1)
throws IOException {
// TODO Auto-generated method stub
System.out.println("Error occured !");
System.out.println(arg1.getError());
}
#Override
public void onTokenResponse(Credential arg0, TokenResponse arg1)
throws IOException {
// TODO Auto-generated method stub
System.out.println(arg0.getAccessToken());
System.out.println(arg0.getRefreshToken());
}
}
Here is a solution I recently made up from the basic example in the Google Drive docs and some experimenting:
The IApiKey contains the static strings CLIENT_ID, and so on. ITokenPersistence is an interface which allows to load and save a token (as String). It decouples the persistence mechanism (I used Preferences for an Eclipse e4 RCP application) from the Uploader. This can be as simple as storing the token in a file The IAthorizationManager is an interface which is is used to let the user grant acces and enter the code to create the refresh token. I implemented a Dialog containing a browser widget to grant access and a text box to copy and paste the code to. The custom exception GoogleDriveException hides the API classes from the rest of the code.
public final class Uploader implements IApiKey {
public static final String TEXT_PLAIN = "text/plain";
private final ITokenPersistence tokenManager;
private final IAuthorizationManager auth;
public Uploader(final ITokenPersistence tm, final IAuthorizationManager am) {
this.tokenManager = tm;
this.auth = am;
}
private GoogleCredential createCredentialWithRefreshToken(
final HttpTransport transport,
final JsonFactory jsonFactory,
final String clientId,
final String clientSecret,
final TokenResponse tokenResponse) {
return new GoogleCredential.Builder().setTransport(transport)
.setJsonFactory(jsonFactory)
.setClientSecrets(clientId, clientSecret)
.build()
.setFromTokenResponse(tokenResponse);
}
/**
* Upload the given file to Google Drive.
* <P>
* The name in Google Drive will be the same as the file name.
* #param fileContent a file of type text/plain
* #param description a description for the file in Google Drive
* #return Answer the ID of the uploaded file in Google Drive.
* Answer <code>null</code> if the upload failed.
* #throws IOException
* #throws {#link GoogleDriveException} when a <code>TokenResponseException</code> had been
* intercepted while inserting (uploading) the file.
*/
public String upload(final java.io.File fileContent, final String description) throws IOException, GoogleDriveException {
HttpTransport httpTransport = new NetHttpTransport();
JsonFactory jsonFactory = new JacksonFactory();
// If we do not already have a refresh token a flow is created to get a refresh token.
// To get the token the user has to visit a web site and enter the code afterwards
// The refresh token is saved and may be reused.
final GoogleAuthorizationCodeFlow flow = new GoogleAuthorizationCodeFlow.Builder(
httpTransport,
jsonFactory,
CLIENT_ID,
CLIENT_SECRET,
Arrays.asList(DriveScopes.DRIVE))
.setAccessType("offline")
.setApprovalPrompt("auto").build();
final String url = flow.newAuthorizationUrl().setRedirectUri(REDIRECT_URI).build();
final String refreshToken = this.tokenManager.loadRefreshToken();
GoogleCredential credential = null;
if( refreshToken == null ) {
// no token available: get one
String code = this.auth.authorize(url);
GoogleTokenResponse response = flow.newTokenRequest(code).setRedirectUri(REDIRECT_URI).execute();
this.tokenManager.saveRefreshToken(response.getRefreshToken());
credential = this.createCredentialWithRefreshToken(httpTransport, jsonFactory, CLIENT_ID, CLIENT_SECRET, response);
}
else {
// we have a token, if it is expired or revoked by the user the service call (see below) may fail
credential = new GoogleCredential.Builder()
.setJsonFactory(jsonFactory)
.setTransport(httpTransport)
.setClientSecrets(CLIENT_ID, CLIENT_SECRET)
.build();
credential.setRefreshToken(refreshToken);
}
//Create a new authorized API client
final Drive service = new Drive.Builder(httpTransport, jsonFactory, credential)
.setApplicationName(APP_NAME)
.build();
//Insert a file
final File body = new File();
body.setTitle(fileContent.getName());
body.setDescription(description);
body.setMimeType(TEXT_PLAIN);
final FileContent mediaContent = new FileContent(TEXT_PLAIN, fileContent);
try {
final File file = service.files().insert(body, mediaContent).execute();
return ( file != null ) ? file.getId() : null;
} catch (TokenResponseException e) {
e.printStackTrace();
throw new GoogleDriveException(e.getDetails().getErrorDescription(), e.getCause());
}
}
}
I have followed the examples given on the Google Drive SDK site for Authorization via Service Accounts (https://developers.google.com/drive/service-accounts) and to insert a file (https://developers.google.com/drive/v2/reference/files/insert). I have managed to get it working using the Client ID/Client secret with oauth2 but need automation so want to use the private key.
My issue is I am given a file id, Title, Description & MIME type in return e.g. File ID: %s0B6ysbMIcH3AGWHJPRmZUTVZZMnM, Title: My document, Description: A test document, MIME type: text/plain but the document does -not- exist in Drive and no errors are returned.
I have been work on this for 2 days without success and would really appreciate any assistance. I have looked on-line and the examples I have found are similar to the below. I have tried multiple Google accounts (one a company Google Apps & another a normal gmail account with the same result).
The code (with the account info changed) :
public class AutoGoogleDrive {
private static final String SERVICE_ACCOUNT_PKCS12_FILE_PATH = "/home/jsmith/Java/11111111111111111111111111-privatekey.p12";
private static final String SERVICE_ACCOUNT_EMAIL = "1111111111111#developer.gserviceaccount.com";
public static Drive getDriveService() throws GeneralSecurityException,
IOException, URISyntaxException {
HttpTransport httpTransport = new NetHttpTransport();
JacksonFactory jsonFactory = new JacksonFactory();
GoogleCredential credential = new GoogleCredential.Builder()
.setTransport(httpTransport)
.setJsonFactory(jsonFactory)
.setServiceAccountId(SERVICE_ACCOUNT_EMAIL)
.setServiceAccountScopes(DriveScopes.DRIVE_FILE)
.setServiceAccountPrivateKeyFromP12File(
new java.io.File(SERVICE_ACCOUNT_PKCS12_FILE_PATH))
.build();
Drive service = new Drive.Builder(httpTransport, jsonFactory, null)
.setHttpRequestInitializer(credential).build();
return service;
}
public static void main(String[] args) throws IOException {
Drive service = null;
try {
service = getDriveService();
} catch (GeneralSecurityException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (URISyntaxException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
//Insert a text file
File body = new File();
body.setTitle("My document");
body.setDescription("A test document");
body.setMimeType("text/plain");
// File's content.
java.io.File fileContent = new java.io.File("/home/jsmith/document.txt");
FileContent mediaContent = new FileContent("text/plain", fileContent);
try {
File file = service.files().insert(body, mediaContent).execute();
// Uncomment the following line to print the File ID.
System.out.println("File ID: %s" + file.getId());
System.out.println("Title: " + file.getTitle());
System.out.println("Description: " + file.getDescription());
System.out.println("MIME type: " + file.getMimeType());
} catch (IOException e) {
System.out.println("An error occured: " + e);
}
}
}
Thanks,
Joe Smith
When using service accounts, the inserted file will be added to the application's Drive account for which there's no Drive UI. Those files are only available through the API.