I've followed the steps for authentication on the JupyterLab Google Drive GitHub page. After setting up my credentials on the Google Drive API, I supplied my Client ID to the Jupyter Lab Google Drive settings tab. After doing all that, I received the following message:
Not a valid origin for the client: http://localhost:8888 has not been whitelisted for client ID dQw4w9WgXcQ-CLUkwYKTj7Q.apps.googleusercontent.com. Please go to https://console.developers.google.com/ and whitelist this origin for your project's client ID.
What is causing this? Do I need to add some sort of whitelist of the http://localhost:8888 on the Google API end, and if so, how do I do that?
Note: Don't worry, I'm not dumb enough to post my Client ID. Those are two YouTube video IDs.
So apparently the Domain and Policy links provided in the GitHub documentation are not useful for Jupyter Lab. Quite frankly, I'm not sure what they're doing in there--what is https://127.0.0.1.xip.io anyway? Either way, I found further instructions from Towards Data Science, which describes in more specific detail how to whitelist Jupyter Lab on the Google Drive API. I think it's reading in my Drive information, but, being that there are 9 GB of information, it might take a while.
Related
I am trying to use the Google Sheets API from a Google Cloud VM to access data on my Google Drive. I have the API running fine locally, both in scripts and in Jupyter. I can't figure out how to set my permissions up to make this work on the VM.
I can SSH to the VM and run a script from the command line, but I don't know how to validate the credentials without a web browser. I follow the "Please visit this URL to authorize this application" URL, click through authorization, but then get a "this site can't be reached" error. (The unreachable URL is "http://localhost:40633/...")
(I have all permissions and I've tried following the directions for using a service account on the VM, but I'm apparently too stupid to make that work. If this is the way to go, I will keep at it, but I wanted to see if there was a way to make the browser authorization work before I spent more time on that.)
Similar questions have been asked before (1,2), but not explicitly answered:
Is it safe to store the client id and client secret credentials obtained for an Installed application -> Other for the Google API with the distributed source code of a command line application which will be distributed? Or will it be possible to access user accounts or data without the access_token granted by user consent?
The Google API docs specifies that..:
.. results in a client ID and, in some cases, a client secret, which you embed in the source code of your application. (In this context, the client secret is obviously not treated as a secret.)
it is apparent from other documentation that this is not best practice: the client_secret should not even be provided by the service, but it is currently required by the oauth2 and googleapiclient libraries (for Python), and probably by the Google service as well.
The application will use oauth2 based on these official examples.
References, good explanation or documentation that confirms whether this is truly safe or not is much appreciated.
Client Id is a publicly visible and it is safe to put it in your website, but it is not safe to put your client secret in js or html code in a website
I know that the Google Drive API allows for drive integration with Chrome Apps, but what about extensions? Can/How do I use the Drive API in a chrome extension? For example I want an extension that will have a popup that list a user's docs, how do I get access to their drive box?
I know it starts with authentication, but I'm not sure how to do that either.
Regarding authentication, chrome.identity is the place to start.
Taking a (not so) quick look at the GDrive App I didn't really spot any app-specific stuff (i.e. something not available to extensions). So, I would certainly start by trying to "port" the GDrive App to an extension.
There is, also, this tutorial I totally recommend about Building Apps with AngularJS, which actually walks you through building the GDrive App. It is super cool, has a fairly detailed explanation regarding how to set up authentication related stuff (of course, you'll have to slightly adapt that to apply to an extension) and you can just ignore the AngularJS-related stuff (if you are not interested - although AngularJS is super cool too).
Recommended road-map:
Read the docs about chrome.identity, to gain some understanding regarding the API(*).
Study the tutorial, to understand the basic concepts of the GDrive App.
Study the source code of the GDrive App, to get filled in on the implementation details not covered in the tutorial.
Port the GDrive App to a Chrome Extension. (Feel free to come back here on SO if you stumble upon a specific problem during the process.)
[Check out Zig Mandel's answer below for an interesting alternative.]
It's incredibly easy.
chrome.identity.getAuthToken() will handle the authorisation and return an access token. You then use that access token to set an http header when calling the Drive API.
There is some sample code here Chrome Manifest with Google API
Some answers are using chrome identity or the drive api directly. You dont need to use the drive api directly just to get a file-id from a user's drive. If you use chrome identity you have to include the explicit user authorization when they install/upgrade the extension plus the user is giving permissions to the app when it might not be necessary / more risky to the user. Avoid getting/storing tokens when you dont need to. Google has a library called docpicker which does what you need and doesnt require you to deal with authorization nor does it ask authorization to the user. The catch is that you have to download it and possibly adapt it for use from an extension since files need to be all local in an extension.
Ive done it but not for this particular library. Some libraries require that you fiddle with content_security_policy as in:
"content_security_policy": "script-src 'self' 'unsafe-eval'; object-src 'self'",
See https://developers.google.com/picker/docs/index for an example.
Update 13/122013 - Google have said that the Picker will shortly be changed to require an oauth token
https://stackoverflow.com/a/58380137/8627279
https://github.com/malik55khan/speardsheet-reader/
Demo: https://www.loom.com/share/d7d432c513a44b05a615fa0bd170fb23
Create a client-auth key in google console and select chrome extension. after that push the project id and save it. then you will get client_id.
Next step create a api key.
add a new project.
- select google cloud or Spreadsheet
- Enable API.
Hope it will be more helpful.
I have been searching everywhere for a Java port of xoauth.py. As I really want to use the same authentication process in my java web app.
I have tried using the GoogleOAuthHelper to generate the token and secret but when I plugin them in to the google mail java sample, I get errors back saying invalid credentials.
If anyone can help I would be very appreciative. I have been stuck on this for sooo long now.
Have you tried the links on this page https://developers.google.com/google-apps/gmail/oauth_libraries
and
https://developers.google.com/google-apps/gmail/#oauth_access_to_imap_and_smtp
This is assuming that the service you want to access is gmail (since you tagged your question gmail). If you're looking to use a different service, (say Drive) then your starting point is the api console at https://code.google.com/apis/console
I'm trying to create a redistributable web application that will integrate with Google Analytics through the Google Reporting API. Customer will install the application on their server.
I'm following this tutorial (I'm using PHP, but I believe this is not of importance for my question)
https://developers.google.com/analytics/resources/tutorials/hello-analytics-api
This works fine. No issues there.
However I can't figure out one missing element:
The tutorial starts with sending me to the Google APIs console where I have to create and configure a new API project and create and configure a client ID.
That's a lot of work that requires fairly technical knowledge (redirect url, selecting correct API, error-prone copy-and-pasting, etc.)
So my questions:
Is there an API so I can programmatically set this up for my user?
If that's not possible, is there a more user-friendly way to obtain Analytics reporting that is future-proof? (I noticed they are currently deprecating a few older APIs)
Unfortunately that's AFAIK not possible.
You could go one of the following ways:
Move client_id and client_secret to some configuration file and help your customer with deployment.
Show a one-time setup wizard for your app and guide your customer step-by-step. There you can at least provide him with the right callback URLs.
Regard your application as "installed application" and instrument curl or something similar for sending the requests.