I'm trying to understand how to wrap up the process of developing a package app that has access to users google drive data.
I started examining the "gdocs" sample but soon reverted to the "identity" because I just can't manage to make authorization mechanism work with my own client_id.
I'm currently using chrome canary and I can load the unpacked extension to chrome and make it work. (both identity and gdocs samples)
I am trying to change the client_id in the manifest to my own client_id but I just can't figure out how to make it work. I always get a "bad client id" response.
I could authorize web apps using "gapi.client.setApiKey(apiKey)" but not these packaged apps sample using "chrome.identity.getAuthToken"
I tried all possible combinations but the correct one it seems.
What is the correct way to authorize a packaged app while in development stage?
Do I need to upload it to Chrome Developer Dashboard first?
Can someone help?
Thanks.
Following the updated documentation for Identity API you will need to upload your application to the Developer Dashboard, in order to obtain the application key, and then copy it to manifest.json. That is how you ensure your extension ID is fixed.
Next in Google API Console you will select Installed application and Chrome application, specifying your extension ID (that is your application ID). That will generate a proper client ID that will be matching your application.
Please follow the first link for details.
Related
We have an Google client App which we are using in production currently and now we need to add a new scope(https://www.googleapis.com/auth/gmail.send) to it which is a sensitive one. For this we need to apply for verification and I am confused with the steps to do it.
The documentation says:
Show that the OAuth Consent Screen correctly displays the App Name.
Show that the URL bar of the OAuth Consent Screen correctly includes your app’s Client ID.
If my App is currently in production how can I add a sensitive scope to it and create a video?
Is there any way to create a video without taking my App off production in this scenario?
I went through this and this but didn't get the proper info for this scenario. But I feel this is very generic case and most of the organisations would have faced this.
If my App is currently in production how can I add a sensitive scope to it and create a video? Is there any way to create a video without taking my App off production in this scenario?
Your going to have to add the new scope to your project on Google cloud console, and then create the video showing your application using the sensitive scope as instructed.
make sure your browser window is sent to english
run your application and show the consent screen where it displays the scopes
and make sure to get a shot of the URL bar where your client id is displayed in the url.
Unfortunately this will probably knock your project out of verification and impact the fact that your application is currently running in production. As far as i know Google does not have any guidelines to existing verified in production applications requesting additional scopes.
If your issue is with development google recommends having a second project that you can use in the testing stage to develop on your application and then move to the new client when you are ready to go to production. This does not however answer how to request additional scopes without breaking your production client.
I am going to contact Google directly for some advice. I will let you know if i hear anything.
I've taken over development of a Google Analytics API dashboard for a content management platform, and upgraded the code to use OAuth2 as the older oauth was disabled recently. The authentication flow and subsequent API calls are all working fine on my localhost for development.
The problem is when trying the code from a different domain. Google wants the redirect_uri to be whitelisted through the developer console, and if it isn't there, it throws Error: redirect_uri_mismatch
As this is a self-hosted (+ open source) package, people will be able of installing on their own servers, there is no way I'll be able of adding all possible redirect_uri values to the app key in the developer console.
After a bunch of Googling and trying to understand the docs, I get the impression there are 2 possible solutions.
Instruct users to go to the Google Developer console, and to create an app key of their own, before also going through the OAuth2 flow within the distributed app to provide the code access to the data in Google Analytics.
Use a redirect_uri value of urn:ietf:wg:oauth:2.0:oob with an Installed App key, instructing people to copy/paste the code back into the self-hosted app after authentication.
Neither of these are really appealing as it adds a bunch of complexity for the user (though option 2 sounds mostly doable). Are there other options, or am I simply overlooking something simple?
You actually don't have any choice in this matter. You must go with nr 1. When you state this is a dashboard and web application it leads me to believe this is some kind of scripting language. This means that the client id and client secret will be displayed to your users / customers. This is against googles terms of service.
Changes to the Google APIs Terms of Service Asking developers to
make reasonable efforts to keep their private keys private and not
embed them in open source projects.
You may not release your client id and client secret to your users they are going to have to create there own. Which nicely solvers your redirect URI problem they have to make there own.
Further reading Can I really not ship open source with Client ID?
I'm trying to make an Autocomplete field which should fetch cities as the user types, by using the Google Places API as described in this tutorial:
https://developers.google.com/places/training/autocomplete-android
You've probably found this question around many times before as I did, but none of the answers helped me. Here are the things you should know:
The URL is
https://maps.googleapis.com/maps/api/place/autocomplete/json?sensor=false&key=myKey&components=country:ro&input=whatTheUserTypes
Please don't reply by saying you replaced the API key with your own and it worked - the API key which goes there must be Android specific and won't work from a browser.
So did I make the Android API key using the SHA1 fingerprint obtained from the keystore I signed the app with.
I turned on Maps and Places APIs from the console.
The quota isn't exceeded.
All those and it still gives me REQUEST_DENIED
What I didn't mention is that I have O2Auth activated - does that change anything? Shouldn't it be as simple as putting the API key in the app?
Thanks!
Although this has been answered, I think the community could do better.
I was tearing my hair out about this, it just didn't make sense to me.. I was making an iOS/Android App, so I made an iOS/Android Key...
Wrong.
With Google's Places API, your bundle identifier isn't even considered.
What you really want to do is this:
(I'm using the new User Interface)
1. Log into https://cloud.google.com/console#/project
Select your Project Name, then go into API's & Auth > APIs
Make sure you have Places API Turned on. This is the only thing that needs to be turned on for Places-API to work.
2. Go into Credentials
Click CREATE NEW KEY under Public API Access
3. Select BROWSER KEY
4. Click Create, Nothing Else
Leave the HTTP Refer box empty.
5. Use the Key Generated here
This key will allow ANY user from any device access to the API via your Developer login.
You can try it out here: (Be sure to replace YOUR_KEY_HERE with your generated Key)
https://maps.googleapis.com/maps/api/place/autocomplete/json?input=Food%20Sh&sensor=false&radius=500&location=0,0&key=YOUR_KEY_HERE
6. Enjoy
Now you can use that URL above in your Android/iOS device.
The Google Places API does not currently support Android or iOS keys generated from the Google APIs Console. Only Server and Browser keys are currently supported.
If you would like to request this support, please file a Places API - Feature Request.
https://developers.google.com/places/training/autocomplete-android
Storing your API key
Although the above code demonstrates how to communicate directly
between an Android app and the Places Autocomplete service, you should
not store your Places API key with your app.
You should therefore build a web application that stores your API key
and proxies the Places API services. In order to secure communication
between your Android app and the proxy web service, you should require
user authentication to your proxy web service. Your Android app can
securely store user credentials and pass them to your web service, or
the user can log into your web app via an Android WebView.
For the latter approach, your web app should create and return a user
authentication token to your Android app, and your Android app should
subsequently pass this token to your proxy web service.
Go to google cloud platform console>Credentials click on edit by selected your YOUR_API_KEY>Application restrictions > select none option>save thats it.
If you select the android apps option from Application restrictions then google deny the place API with exception REQUEST_DENIED.
In Google dev console, you should be able to find both "Places API" and "Places API for Android"
Make sure to use "Places API for Android"
For some reason, "Places API for Android" is hidden in the API list, but can be accessed using search.
I had the same issue , I fix it by leaving
Accept requests from these HTTP referrers (web sites) (Optional)
in browser key Empty
I am still new, so I cannot comment, but to shed some light on Moe's answer, I resolved some similar Google Maps API issues regarding URL queries (for directions, using Volley) with the following steps:
Get Android API Key (including Google Maps Directions API in my case).
Get "Server" API Key (which seems to be created by using a key restriction of "HTTP referrers" these days - really, it's just used to issue URL queries through HTTP).
Store the Android API key as a meta-data tag in the application tag in AndroidManifest.xml with android:name="com.google.android.maps.v2.API_KEY" and android:value as your key. This is used for direct interaction with the Maps API (minus URL queries).
Use the server API key whenever issuing URL queries.
I am not sure if this also applies to URL queries for the Places API, if you only need the server API key, or if there is a better solution, but this worked for me.
I imagine that it works with just the first key - the one not restricted to Android.
Inside Google Cloud Console type Places and Activate it. Create an API Key and insert it onto your Android Studio App as you would do normally. That`s it.
I had the same problem. For me the key was to enable billing on project. I am still using "Applications for Android" restrictions. After setting up the payment method, Places Api started working.
Prior to using the Places SDK for Android, do the following:
Follow the Get an API Key guide to get, add, and restrict an API key.
Enable billing on each of your projects.
Enable the Places API for each of your projects.
See it there.
Be sure also to check out the billing plans for the Google Places API as it is not free!
I was following quick start example for getting oauth setup for my packaged app.
https://developers.google.com/drive/quickstart-js
In order to get the client id, they put localhost port in redirect uri field, but since I am not dealing with any local server, what should I put in there to get the client id? I don't have any url set all I have done is created a manifest file, background file and loaded the unpacked extension to start with. My packaged app just needs Google Drive api to access files from it. I am just confused in getting the client id part. Any help will be greatly appreciated
Despite what the Chrome Identity API documentation says, it is possible to get a client ID through the Google APIs Console. Choose installed application as the application type and Chrome application from the installed application type. Then enter the your application's ID from the Chrome extensions menu.
I tried to create a testing client id for an android app which uses OAUTH 2.0 as login for retrieving user profile. I followed the steps to complete the creation of the client id on google console, but I do not see anywhere the client secret. I'm trying to help my employer with getting google credentials for it's app. I know how to implement OAUTH 2.0 in android, but I need client secret to exchange the code with access token.
First, I selected "Google+ API" from Services tab.
Then followed the on screen steps from API Access tab.
It seems that Google finally ditched the unnecessary client_secret for installable applications and is not yet up-to-date with their documentation.
You should check if you already get an access_token in the initial OAuth request like it's handled on Facebook.
Another possibility would be to fall back to using a Simple API Access key.
Update:
First method seems to not work with Google.
The recommended way for Android is to use AccountManager instead of baking your own requests. Follow this example to see how this is implemented and how you get an AuthToken using a Simple API Access key. Instead of using the Tasks API you can then include the OAuth2 API library to retrieve the userinfo.
Click on "Download JSON "
Is it what you're looking for ?
Since almost everything from the accepted answer has been deprecated, I thought I'd share what I've found.
I needed the People API which requires a client secret. What Google recommends for using People API with Android is,
Select the application type Other, enter the
name "People API Quickstart", and click the Create button.
Found here: https://developers.google.com/people/quickstart/java
(Step 1 part e)
So if you need a client secret, you might consider using the Other type. Of course, follow the documentation for your specific API first.
Just today I found out that on the new Cloud Console we can see the client secret for android apps - while in the old google console we just can't.
To use the new Cloud console, just click on the message "We are improving the experience. Try the new Cloud Console." Google will ask for a SMS confirmation. Now you'll be redirected to the new cloud console
Now, just select your project, click on "Registered Apps" on the left menu, selected your android app, and voilá, on oAuth 2.0 Client Id you'll see your client secret. No idea why on the old google console it's not displayed, but if you really need a client secret key, it's there.
Now that the type Other is unavailable, I used type Desktop since I wish to upload using Visual Studio which is a Desktop app. That worked, I got the client id and client secret.
When you update any changes in the credential, make sure you could see the client ID and secret in the dashboard before downloading.
Google cloud takes at the least 10 seconds to regenerate the client id and add it in the json.
Once json is downloaded you can check for client_secret to be present.
source said that :
Visit the Google Developers Console to obtain OAuth 2.0 credentials such as a client ID and client secret that are known to both Google and your application. The set of values varies based on what type of application you are building. For example, a JavaScript application does not require a secret, but a web server application does.
Another solution is that you have to create a client ID with the type of "Installed Application" then you will have the Client secret