I am trying to use the Google Sheets API from a Google Cloud VM to access data on my Google Drive. I have the API running fine locally, both in scripts and in Jupyter. I can't figure out how to set my permissions up to make this work on the VM.
I can SSH to the VM and run a script from the command line, but I don't know how to validate the credentials without a web browser. I follow the "Please visit this URL to authorize this application" URL, click through authorization, but then get a "this site can't be reached" error. (The unreachable URL is "http://localhost:40633/...")
(I have all permissions and I've tried following the directions for using a service account on the VM, but I'm apparently too stupid to make that work. If this is the way to go, I will keep at it, but I wanted to see if there was a way to make the browser authorization work before I spent more time on that.)
Related
We use Alteryx(an ETL tool). The files are called "workflows". The workflows can connect to google sheets. The software uses google identity to "log in" to google sheets just like any other website that you can "use google" to log in.
There are 2 ways for the software to be run:
From a user's desktop WITHIN a local copy of the Alteryx software itself
Uploading a workflow from your local desktop to the "gallery"(server). The workflows are then run from front-end web interface.
The gallery is a front-end web interface that sits on a Windows Server 2016 box.
The issue I'm running into is that even though all the token info is stored inside the workflow, they CANNOT be run from the gallery web interface because the users cannot go through the google log in process because they cannot log into the server as if it was a normal desktop(I can since I'm an admin on the Windows Server box).
So, my question: Is there a way to "copy" whatever google identity information is created on a user's local PC that allowed them to connect to google sheets, email it to me, so I can then add it to the server that houses the Alteryx Gallery?
Thanks,
Craig
I've followed the steps for authentication on the JupyterLab Google Drive GitHub page. After setting up my credentials on the Google Drive API, I supplied my Client ID to the Jupyter Lab Google Drive settings tab. After doing all that, I received the following message:
Not a valid origin for the client: http://localhost:8888 has not been whitelisted for client ID dQw4w9WgXcQ-CLUkwYKTj7Q.apps.googleusercontent.com. Please go to https://console.developers.google.com/ and whitelist this origin for your project's client ID.
What is causing this? Do I need to add some sort of whitelist of the http://localhost:8888 on the Google API end, and if so, how do I do that?
Note: Don't worry, I'm not dumb enough to post my Client ID. Those are two YouTube video IDs.
So apparently the Domain and Policy links provided in the GitHub documentation are not useful for Jupyter Lab. Quite frankly, I'm not sure what they're doing in there--what is https://127.0.0.1.xip.io anyway? Either way, I found further instructions from Towards Data Science, which describes in more specific detail how to whitelist Jupyter Lab on the Google Drive API. I think it's reading in my Drive information, but, being that there are 9 GB of information, it might take a while.
I've been beating my head for hours on this request.
I have an on-premise installation of an Azure MultiFactor Authentication Server. I'm building a new ASP.Net MVC 5 application that will do an LDAP lookup for users in Active Directory (also on-premise) with no ADFS configured.
I've gone through the sdk for MFA Server and can easily enable SMS requests to be sent. I get the otp code from calling pf_auth.pf_authenticate(authParams, out otp, out callStatus, out errorId);
This works for test. But I need to direct this request to my on-site MFA Server. I can't find anything that tells me where I can set this value.
I know that if I login to a machine on that domain it automatically sends the SMS text to my phone and I can enter it into the next screen to complete a login (the default user portals set up with MFA). I would assume that this would possibly work when I call ValidateCredentials on my application's newly created PrincipalContext. But how do I submit the sms code without some sort of RequestId to synch up the communication.
I'm sorry if this doesn't make much sense. It's just all the examples I can find are for using MFA with a local ADFS. I only have Active Directory which is causing me to do the custom LDAP lookup.
Any help or direction is greatly appreciated.
OK, sorry for the delay in responding to this post. After getting no responses I moved on but have recently noticed that there have been 45+ views since my post and thought I should update for others who might be experiencing a similar issue.
Turns out that when using MFA on premise you can point multiple applications to a single MFA server, like Remote Access, VPN, etc.
However if you are attempting to setup a Web Application hosted on IIS you need to install a copy of the MFA server on the IIS server hosting the application.
When installing you can point to the existing MFA setup so that both machines are in the same configuration. This local install also adds a custom IIS Plugin that does the request interception and directs it through the MFA pipeline. If everything looks good the request is then forwarded to your web application like normal.
This is really pretty straight forward but the documentation for MFA setup was sorely lacking. Hopefully in the future there will be a decent sample app provided by Microsoft that demos this process using local MFA and not just the Azure hosted solution.
I have been searching everywhere for a Java port of xoauth.py. As I really want to use the same authentication process in my java web app.
I have tried using the GoogleOAuthHelper to generate the token and secret but when I plugin them in to the google mail java sample, I get errors back saying invalid credentials.
If anyone can help I would be very appreciative. I have been stuck on this for sooo long now.
Have you tried the links on this page https://developers.google.com/google-apps/gmail/oauth_libraries
and
https://developers.google.com/google-apps/gmail/#oauth_access_to_imap_and_smtp
This is assuming that the service you want to access is gmail (since you tagged your question gmail). If you're looking to use a different service, (say Drive) then your starting point is the api console at https://code.google.com/apis/console
I'm trying to create a redistributable web application that will integrate with Google Analytics through the Google Reporting API. Customer will install the application on their server.
I'm following this tutorial (I'm using PHP, but I believe this is not of importance for my question)
https://developers.google.com/analytics/resources/tutorials/hello-analytics-api
This works fine. No issues there.
However I can't figure out one missing element:
The tutorial starts with sending me to the Google APIs console where I have to create and configure a new API project and create and configure a client ID.
That's a lot of work that requires fairly technical knowledge (redirect url, selecting correct API, error-prone copy-and-pasting, etc.)
So my questions:
Is there an API so I can programmatically set this up for my user?
If that's not possible, is there a more user-friendly way to obtain Analytics reporting that is future-proof? (I noticed they are currently deprecating a few older APIs)
Unfortunately that's AFAIK not possible.
You could go one of the following ways:
Move client_id and client_secret to some configuration file and help your customer with deployment.
Show a one-time setup wizard for your app and guide your customer step-by-step. There you can at least provide him with the right callback URLs.
Regard your application as "installed application" and instrument curl or something similar for sending the requests.