I would like to build an external asp.net mvc application that has the following features:
The application is accessible via its own domain such as www.itsowndomain.com
The application has access to one Google account (such as itsownaccount#gmail.com) where all the files are stored in the Drive folder. So the users of the application should not have to log into their own Google accounts in order to access the files from this application. The application needs to have automatic access to this (itsownaccount#gmail.com)'s google Drive, that process should be transparent to the user, they should never have to authenticate themselves, its should all happen in the code in the background when the application loads.
The application will use Google Picker to list the files that are in (itsownaccount#gmail.com)'s google Drive folder.
My questions are as follows:
Is what I am trying to do possible, basically using Google Drive as a storage of files and downloading them, uploading new ones and possible editing some from an external application?
Can I use one account because all the files should be publicly available so I do not want users to have to be thinking about authentication in a site just so they can view publicly accessible files?
How do I go about implementing this, is there a tutorial because the ones I have looked at all differ as they mostly try authenticate each user with their own Google account?
you can use Google Drive as the storage solution for your application, check the Google Drive SDK: https://developers.google.com/drive/
Google Drive application usually rely on the users' accounts to store their files, but nothing prevents you from using your account to store all files and make them publicly accessible
there's an ASP.NET MVC tutorial and sample app at https://developers.google.com/drive/examples/dotnet, however, it authenticates each user with his own account. You can start from it and replace the standard OAuth flow with one that always uses your credentials, for instance, by always using a Refresh token that you generated in advance and provided to the app.
Related
I am building an app using Google Drive API and store data in the user's appdata space in the user's Google Drive. This way we can store data to avoid user accidentally delete since it's hidden from the user's view https://developers.google.com/drive/api/guides/appdata
Question: can other apps (maybe even hacker) using the same API and pretend to be our app to fetch the our app data?
If you check the documentation found on Store application-specific data . You will find it states.
This folder is only accessible by your application and its contents are hidden from the user and from other Drive apps.
Only your app or rather your client id can access the files that it created.
I'm trying to implement anonymous read-only access to files stored in Google Drive via the Drive JS API. The Google Drive belongs to a Service Account and all files are configured to permit public read-only access. Anyone with the URL can currently access the Drive UI (in a web browser) and view these files without authentication.
My goal is to show information about these files on a separate web page using data retrieved via JS API, however it appears that Google only supports access to the API if the API client (the web page) is authenticated or the end user (the viewer of a web page) is authenticated via OAuth. Given that the files are already public it seems like it should be possible to provide anonymous read-only access via the API.
There are examples of an API client authenticating using a credentials JSON file containing credentials for a Service Account, instead of requiring the end user to authenticate via OAuth, but this requires the client to submit a JSON file when authenticating. As this is a web page I would need to embed the credentials JSON (including Private Key) in my public-visible source and this is not a good idea.
One option is to write my own API that authenticates (server-side) with Google Drive using a credentials JSON file and essentially proxies anonymous requests from my web page to the Google Drive API, but that seems like too much work for something that I believe should be simple.
Is there any way to provide anonymous read-only access to public Google Drive files via the JS API?
I want to use the Google drive API to upload files using my web app with an upload button. The back-end of the app is built with Laravel API and mongodb, and the front-end with angularJs. My end goal is for the file the user is uploading to be stored to a company's Google drive folder, not the user's (like Google file picker etc.) I'm a beginner when it comes to API, so any suggestions would be helpful.
You can use a service account and Google OAuth 2.0 to upload files to a company account.
reference link : https://developers.google.com/accounts/docs/OAuth2ServiceAccount
A service Account does have limitations.
For an alternative approach refer to this link : How do I authorise an app (web or installed) without user intervention?
I need an access to google drive sdk to store and retrive data from web-server but when I tried to get the access, as explained in google drive quick start guide, It says to create project, why is that. and How exactly getting access to drive sdk works?
Google provides a mechanism to allow third party apps to access its APIs. The first step of the process requires you to register the application to Google, eg. so it can bill you for certain access volumes. Your app will be accessing the information, eg the Drive files of end users. They will need to grant permission to your app, so this is a second reason why the app must be registered.
In Google parlance, your app is known as a "Project" and you will "create" (ie. register) your project at the Google Cloud Console.
I want to use the Google drive sdk to save data from my app in the user's own Google drive account. This will mean that the developers of the app (i.e. me) won't have access to sensitive data that the user is storing.
I have found some docs about how to do this (the app will be a Google app engine app) but I was wondering if I can lock this data or hide it completely so that a user can't go in and edit the data and possibly cause problems.
I know that Android apps that use Google drive do not leave any visible files that I can see when I go to my drive account.
Thanks
When creating the file, set the hidden label to True. This will hide the file from most user views. Note that it doesn't completely prevent the user from finding and modifying the file if they own it.
If you need the file to be uneditable by the owner, your app will need to own it and only grant the user view access.
In Google Play Services 4.3, they added an "Application Folder." This is designed to allow applications to store data in a user's drive without allowing them to modify this data. It's available for android and web, don't see it listed for iOS.