I'm developing client application based on Javascript that won't be a Google App. I can create files on Drive but have a problem with a authorization when trying to upload the content.
A comment in:
Authorization of Google Drive using JavaScript
seems to say that the client must be a google App to write to Drive but until I saw this comment I thought this was possible reinforced by my ability to create empty files. Please will somebody clarify this?
I'm using code similar to response 3 of the post however I only get the login screen nothing asks for Google Drive permissions.
My code uses the 2 part "media" upload method described in How do I add/create/insert files to Google Drive through the API?
As I say the file create works but the upload fails:
PUT https://www.googleapis.com/upload/drive/v1/files/0Bxbwly1hLFXnVmQ3Snh3ZXVOYVE?uploadType=media&alt=json&key= 401 (Unauthorized) rs=AItRSTNkdxHWOPN1C6XNGC9ea3U4KWDICw:128
:response>{"error" {"message" "Invalid Credentials", "errors" [{"domain" "global", "reason" "authError", "message" "Invalid Credentials", "locationType" "header", "location" "Authorization"}], "code" 401}}
I'm not using Javascript direct rather Clojurescript so it is possible there is a problem with my upload call. The lack of anything asking for Google drive permissions would seem to indicate a real authorization problem but then I would have expected not to get an access_token when requesting "https://www.googleapis.com/auth/drive". Thanks
Update....
I've finally solved this: If I request "https://www.googleapis.com/auth/drive.file" rather than the greater privileges "https://www.googleapis.com/auth/drive" then the authentication requests access to Drive and the file content is uploaded.
I've finally solved this: If I request "https://www.googleapis.com/auth/drive.file" rather than the greater privileges https://www.googleapis.com/auth/drive then the authentication requests access to Drive and the file content is uploaded.
Related
Regards,
today I started a project where I want to get all data information of Google Analytics via API and through Javascript (https://developers.google.com/analytics/devguides/reporting/core/v4/quickstart/web-js?hl=en&authuser=1)
I already did all configuration (Client and View ID, OAuth consent) but when I test on my localhost it says "Error 401: invalid client"
(https://i.stack.imgur.com/Bdsr3.png)
Has this happened to anyone else?
Thanks in advance
Restarted localhost, changed parameters
I am trying to get google reviews for my business but struggling with implementing it. Can someone share how to get the latest/top 5 reviews using google business API using JavaScript/Postman? I was trying to do so:
GET:
https://accounts.google.com/o/oauth2/auth?client_id=MY_CLIENT_ID.apps.googleusercontent.com&client_secret=MY_CLIENT_SECRET&scope=https://www.googleapis.com/auth/business.manage&response_type=token&redirect_uri=https://developers.google.com/oauthplayground
but it doesn't work.
Was trying also testing it on Google oauth playground
filling:OAuth flow: Client-side
Use your own OAuth credentials: my Client ID here
Step 1:
Authorize API: https://www.googleapis.com/auth/plus.business.manage
but here I am getting:
Error 400: redirect_uri_mismatch
The redirect URI in the request, https://developers.google.com/oauthplayground, does not match the ones authorized for the OAuth client. To update the authorized redirect URIs, visit: https://console.developers.google.com/apis/credentials/oauthclient/938304287177-nkvm5mqk3f5uq9lt9j2srqlgd0bjihip.apps.googleusercontent.com?project=938304287177
The redirect uri in your project on Google cloud console must exactly match the redirect uri you are sending from The easiest solution is to go to your project and add it.
https://developers.google.com/oauthplayground
Which is not the same as as you have an extra slash on the end
https://developers.google.com/oauthplayground/
This video will walk you though it. Google OAuth2: How the fix redirect_uri_mismatch error.
Question from Comments
how can I get the reviews using just API key without a need to authorize it using gmail account?
If you check the documentation Method: accounts.locations.reviews.list you will find that it says the following
API keys only allow you to access public data, the data you are trying to access is private user data and therefore requires authorization in order to access it. You can not use an API key to access this data you must be authorized using one of the above scopes. A video which explains api keys. Everything you need to know about Google API Key's, and where to get one.
I am writing a simple web app (Javascript) that includes a form, once the form has been submitted I want to save the data on my oneDrive as a new file. That's all! But for some reason, I cannot accomplish this simple task.
So I want to use oneDrive as my database. but all I can find on the Microsoft Graph API are require a login popup which does not make sense here for me in this case cause the user have nothing to do with that. just want the details will be submitted into my personal oneDrive.
I am using client_credentials flow to generate access token but I keep getting errors like 'Unable to retrieve tenant service info.' or 'Current authenticated context is not valid for this request'
when I try to access the drive API.
I gave all the possible permissions to this app, I am using my personal free Microsoft account
so What am I missing here?
Another issue that I will be happy to know more about is that in my Azure app registration after I register this app and I go to the owner's tab I see this message - 'This app does not belong to any directory, so owners can’t be added to it.' is that might be the problem? how and do I even need to assign this app to a certain directory to use the API for my personal drive?
Also when I am vising the Users section on my Azure portal I see this message - 'You don't have access to this data.'
How is that possible if I do not belong to any organization and I created this azure account??
Thank you in advance, any information here will be helpful cause I am kinda lost.
I am using client_credentials flow to generate access token but I keep
getting errors like 'Unable to retrieve tenant service info.' or
'Current authenticated context is not valid for this request' when I
try to access the drive API.
For this you could use the Code Flow authentication
In this, you will not be needing any tenant information - just the client credentials and access token to access the OneDrive API
https://learn.microsoft.com/en-us/onedrive/developer/rest-api/getting-started/msa-oauth?view=odsp-graph-online#code-flow
This app does not belong to any directory, so owners can’t be added to
it
If the app had been registered in the converged app portal - you are likely to encounter this. You can you portal access this link and login with your personal account\live account.
When I host the sample javascript Google Analytics Embed API code here on localhost, everything works fine as long as I add localhost to the authorized javascript origins list in the Google developers console. This works even with nothing specified in the "Authorized redirect URIs" list.
When I host the page on a real (i.e. non-localhost) site, and add the new authorized javascript origin, I get the 400 redirect_uri_mismatch error. The details of the error show the following as the redirect_uri:
storagerelay://http/analytics.mysite.com?id=authxxxxxx
To try to solve this problem, I've added the following URIs to the "Authorized redirect URIs" list of my OAuth2 credentials:
xxxx://analytics.mysite.com/oauth2callback
xxxx://analytics.mysite.com
(where xxxx = http to work around stack overflow not letting me post more than 2 links)
The error persists. None of the other questions or answers posted here on SO have helped.
So my questions are:
How do I get this to authorize when not hosted locally?
For my javascript web application, do I need to create any folder or
file called oauth2callback? If so, what needs to be in that folder
or file? (I've only seen this addressed on SO for PHP, which appears
to be quite a bit different in how authentication is achieved.)
Why is the redirect_uri given in the error so odd looking? How can I match it in the "Authorized redirect URIs" list? (It gives a formatting error if I copy/paste it exactly.)
I am new to google api. I am able to do this file upload from app script and any file which is uploaded through that script get stored to my drive only.
But how to do this using javascript.
Example on google : https://developers.google.com/drive/web/quickstart/quickstart-js
shows how to do this but file gets uploaded to the same user's drive who is authorizing the app. How to restrict it to my drive only.
Thanks
Simple answer is you cant with JavaScript. The reason being is that JavaScript works with OAuth2 this requires that you ask the user permission to access your data.
If you want to have it access your drive account you would have to save the refreshtoken some place and then send that when ever the script was loaded. JavaScript is client sided so anyone that checked the code on the page would then have all the information they needed to do what ever they wanted with your drive account. Security wise that's a bad idea.
I recommend you look into using a server sided scripting language like PHP. You might want to consider a service account. Note: everything will be owned by the service account so you will either have to give the Service account access to your Google Drive files or you will need to move your drive files to the Service account.
If you don't want the service account to have the files you could go with normal Oauth2 save the refresh token and then store it in the server sided code there wont be as much of security risk there.