based on this answer: https://photo.stackexchange.com/a/92941/71846
I'm trying to set up my new Toshiba FlashAir to sync with my Google Drive account.
The instructions are here: http://www.fixstars.com/en/news/?p=451
However, I'm having trouble with part 1 of the second step (I suspect the steps are actually out of date).
I've left out the information in the form-data because my Google API Key is there.
From the instructions, it mentions: "NOTE: Google tells you to use “https://www.googleapis.com/auth/drive” for scope, but this will return a “Invalid_scope: Not authorized to request the scope”. Using /feeds/ instead will grant us the Google Drive authorization we need."
So I also tried using “https://www.googleapis.com/auth/drive” for scope but I'm getting the same "invalid request" back in the JSON response.
I thought that in your question, there might be a problem at the process for retrieving refresh token. So how about using Drive API? The following flow is from part 1 to part 3 of the sample for Google Drive of https://photo.stackexchange.com/a/92941/71846 in your question. This flow retrieves the refresh token for using Drive API.
Flow :
On your browser.
Create new project at https://console.developers.google.com/
At "Library" of https://console.cloud.google.com/apis/library/drive.googleapis.com/?project=### project ID ###, enable Drive API.
Go to "Credential" of https://console.cloud.google.com/apis/credentials?project=### project ID ###.
Create Credential
Select "Help me choose"
At "Which API are you using?", select "Drive API".
At "Where will you be calling the API from?", select "Other UI (e.g. Windows, CLI tool)".
At "What data will you be accessing?", select "User data".
Click "What credentials do I need?"
At "Name of Create an OAuth 2.0 client ID", Input name.
Click "Create Client ID".
Click "Done." By this, back to Credentials screen.
Click the created credentials.
Copy "Client ID" and "Client secret"
Please input your clientId and access https://accounts.google.com/o/oauth2/auth?client_id=### clientId ###&response_type=code&redirect_uri=urn:ietf:wg:oauth:2.0:oob&scope=https://www.googleapis.com/auth/drive
By authorizing, the code is retrieved.
Copy "code".
On your terminal.
Retrieve refresh token using curl command. Please input your clientId, client secret and retrieved code.
curl -X POST https://accounts.google.com/o/oauth2/token -d "client_id=### clientId ###" -d "client_secret=### client secret ###" -d "redirect_uri=urn:ietf:wg:oauth:2.0:oob" -d "grant_type=authorization_code" -d "code=### code ###"
Note :
If you have already enabled Drive API and retrieved client ID and client secret, you can start from 5. If that didn't work, please start from 1.
If I misunderstand your question, I'm sorry.
Related
I'm a beginner in Google Apps Script.
I'm basically trying to use the OAuth service in a Google Apps Script to be able to connect a Google spreadsheet to Yahoo fantasy API.
I'm using the package you can found here:
https://github.com/googleworkspace/apps-script-oauth2
In the "read me" part you can see that oauth libraries will by default use the callback url https://script.google.com/macros/**d**/{SCRIPT ID}/usercallback
So I try to use this package in my script, but when I publish my script it creates the following url:
https://script.google.com/macros/**s**/{SCRIPT ID}/
Notice it's an "s" instead of the "d" in the url.
I can access properly to https://script.google.com/macros/**s**/{SCRIPT ID}/exec and so on but the url containing the "d", which is expected to be use by OAuth service, return an error.
When trying to access the url in a browser I got:
an error if I call ../usercallback
the message: "Sorry, the file you've asked doesn't exist", if I call the ../exec
.. is https://script.google.com/macros/**d**/{SCRIPT ID} in that case.
I've been looking on internet for having this url working but no success (it that so obvious that no one else had the issue except me?).
I tried several thing, i've created a project and linked my script to that project, i played a bit with the configuration in the project in regards to what i found on internet, like credential for API, but still can't have the url with a "/d/" responding.
I'm not sure of the meaning of the "s" (script?) or the "d" in the url.
I'm not sure if it has something to do with the way I publish my script or if I need to have specific function in my script or maybe some configuration of the script, maybe I need to persevere with the project thing...
I think that you should re-read the Readme.md file from the Google OAuth Sample GitHub repo. Also I think that d and s parts of Google Apps SCript URLs are irrelevant for using the "OAuth Service".
The .../exec URL is generated when making a new deployment. This URL doesn't contain the script Id... please bear in mind that a single Google Apps Script project might be deployed multiple times and have all or some deployments being live at the same time. Each web app deployment will have it's own URL... none of them have the script id. By the other hand, you might not need to make a deployment in order to be able to use "the OAuth service", this is needed only if the script will be receiving GET/POST HTTP requests.
You should not to access the ../usercallback in the browser, as you will be doing a GET request without proving the required data. This URL should be added when getting the credentials to be used with the "OAuth Service" from the OAuth provider, in this case Yahoo, as the redirect URI.
The referred repo includes multiple samples about how to use the "OAuth Service", one of the is Yahoo.gs
Resources
https://developers.google.com/apps-script/guides/web
https://developers.google.com/apps-script/concepts/deployments
I am trying to get account credentials for my Google account which can be stored in a command line file. The script expects these 3 parameters to be set.
local client_id = ""
local client_secret = ""
local refresh_token = ""
So I expect I need some kind of OAuth token which will never be invalidated.
Does anyone know how to acquire it?
You get the client id and the client secret from the Google dev console. You get the refresh token by doing a one-time authorization.
All of the steps are detailed in this answer How do I authorise an app (web or installed) without user intervention? (canonical ?)
Be very careful about how you secure the refresh token. It acts like a username/password for your Drive account, so could be used by "bad dudes". It's a good idea to use the most restrictive scope (step 8 in the above list). drive.file is a good choice if your script is uploading. If your script needs to download files, try drive.readonly.
I was trying to run the sample script of Google Apps Script here:
https://github.com/googlesamples/apps-script-oauth2/blob/master/samples/GoogleServiceAccount.gs
I believe I set PRIVATE_KEY, CLIENT_EMAIL and USER_EMAIL correctly from JSON file downloaded from Google Developer Console. Also I enabled Google Drive API on the project. But still I get an error in the dialog "Error: invalid_client\n no application name".
Is there any code I should add / change to run this sample script correctly?
In case you are using the correct settings (PRIVATE_KEY,CLIENT_EMAIL and a valid USER_EMAIL), the error could also be related to the permission granted to the application from the domain admin.
Since this example uses domain wide delegation of authority to impersonate the account from the USER_EMAIL, first the domain admin has to grant permissions to the application to perform this kind of operations.
To grant this permissions to the app you can do it by going to: your Admin Console -> Security -> Advanced Settings -> Manage API client access
There you will add the service account CLIENT_ID in the field "Client Name" and in the second field you will add your project scopes separated by commas. These scope should match the scopes that the application uses. In this case id Drive scope and any other you may be using.
Click the button "Authorize" and if everything goes well, then you will be able to impersonate users in your domain with that project.
Here is the related documentation. I hope this helps.
So what I'm trying to do is to fetch data from gmail API using unix's shell (curl).
I simply copied this from the json generator to be able to play with the json when I used with curl.
GET https://www.googleapis.com/gmail/v1/users/somebody%40gmail.com/messages?
maxResults=5&includeSpamTrash=false&key={YOUR_API_KEY}
Then I changed the API_KEY by what I was able to generate in my developer console. However, I cannot get the desired json when I put the link in my browser, or curl it in my shell. How do I generate the right key? Because I already generated from all of the choices in the Credentials.
Thanks!
What you generate in the Console is the Client ID and Client secret, which are used when you redirect your users to Google. Upon accepting, Google then redirects the user to the url you specify in the console with a code. This code is then finally used to retrieve the Access Token which you should use as {YOUR_API_KEY}.
Go to Google OAuth 2.0 Playground, and use the Gmail API v1 scopes, and retrieve the access token and use it in your shell.
I want to use Google CAL API v3 to watch multiple calendars and thus to update all those events from those calendars to a Master Calendar, so I need to use WATCH/PUSH notification in order that whenever there is a new event in those cal’s, those events shd be automatically be pushed/created in my master calendar.
But, I am facing the following issue :Under APIs Explorer. Most of the services return 200 OK, except the Watch request not working.
Services > Calendar API v3 > calendar.events.watch
i got the below request and response
Request
POST https://www.googleapis.com/calendar/v3/calendars/mailid%40domain.com/events/watch?key={YOUR_API_KEY}
{
}
Response
400 OK
{
"error": {
"errors": [
{
"domain": "global",
"reason": "required",
"message": "entity.resource"
}
],
"code": 400,
"message": "entity.resource"
}
}
And then i followed as per the below google documentation
https://developers.google.com/google-apps/calendar/v3/push
Registering Your domain:
Step 1: Verify that you own the domain
Step 2: Register your domain
I verified my domain/notifications in google webmaster tools.
My verified domain look like this:
http://my-domain.com/notifications
And have added my domain name in the webhooks under the PUSH in Google Developer Console, as explained in the doc.
Is there anything i am missing here, plz is there an issue in SSL certificate fr my domain, how can i atleast test in the API explorer, so that i get a return code 200 OK. After that, I need to implement this push/WATCH via Google Apps Script.
Is there any documentation for apps script to use push notification.
Any hint, tip will help me, I am tired with this for the past 1 week in trial and error method.
In the request that you posted the body is empty. In the documentation there is an example where you need to provide the calendar ID, the web_hook and other information:
{
"id": "01234567-89ab-cdef-0123456789ab", // Your channel ID.
"type": "web_hook",
"address": "https://example.com/notifications", // Your receiving URL.
...
"token": "target=myApp-myCalendarChannelDest", // (Optional) Your channel token.
"expiration": 1426325213000 // (Optional) Your requested channel expiration time.
}
Add this information when creating the push notification.
For using apps script you can use URLfetch service with the method "fetch()" then you would need to provide the parameters mentions and make the call as a POST.
Hope this helps.
UPDATE: I will write here to have more space.
Push notifications work in this way.
-You create a push notification with the id, the resource you want to watch, the address where you want to receive the notification and the optional parameters.
-if successful, the server will watch that resource and will send a notification to the address mentioned in the request describing the changes when a change is made to the resource.
-The server needs to know that you received the notification, so from the address mentioned in #1, you need to tell the server that you received the notification returning a HTTP 200 response. (for this you need an app that is listening to the notifications and sending the responses)
for your questions
1.- As the server will make a HTTP request to a url (your web_hook address) Google requires it to be secure, that's why it is required to be HTTPS.
2.- Yes, without that url you won't be able to receive the notification.
3.- Google also needs to verify that the url you provided is actually yours, so you will need to provide the url, then Google will provide you a file, you have to make this file available in that url, then Google will call the url an will retrieve that file. Then you can prove that the URL is yours. I'm not sure if this step can be done with apps script. You can actually deploy a script as web app but i'm not sure if you can use it for this purpose.(here you can find more info and different ways to verify the url)
4.- That's created by yourself. In the documentation is pointed out the recommendations for it.
I hope this clarifies your questions.
You can check here how push notifications work, this example is for Drive but the concept is the same.