I've just started to play around with google fusion tables APIs so maybe I'm missing something...
Starting from a google's simple example
https://code.google.com/p/google-api-java-client/source/browse/fusiontables-cmdline-sample/src/main/java/com/google/api/services/samples/fusiontables/cmdline/FusionTablesSample.java?repo=samples
and I've just managed to have account server authentication (I've downloaded the key file from Google APIs Console with my account).
The example works, creates and lists new tables, but I connot find them in my documents.
Where are those tables and how can I access them?
M#rco
Here is my code:
private static Credential authorize() throws Exception {
GoogleCredential credential = new GoogleCredential.Builder()
.setTransport(HTTP_TRANSPORT)
.setJsonFactory(JSON_FACTORY)
.setServiceAccountId("xxxxxx")
.setServiceAccountPrivateKeyFromP12File(new File(FusionTablesSample.class.getResource("/privatekey.p12").toURI()))
.setServiceAccountScopes(FusiontablesScopes.FUSIONTABLES)
.build();
return credential;
}
If I understood your question correctly, then you created a service account and downloaded the keyfile of that account. Then you used this file and the id of the service account (something like 123456789-fg8dhs8d7sjhsd7asdh76d6dui#developer.gserviceaccount.com). Right?
If this is the case, it's very simple: the table belongs the the service account not your own account. You have several possibilities to access the tables via the web UI. The easiest might be to share the table with your own Google account in order to see it in your document list.
Use the Google Drive API to change the permissions of a Fusion Table (see the example).
Related
I am writing a .NET desktop app that uses the Microsoft Graph API to access the contents of my OneDrive for Business storage. I am logging in to Graph using my Microsoft work/school account U1, in my organization O1. Another Microsoft work/school account, U2, in a different organization, O2, has shared a folder with me. The folder shows up in "Shared With You" when I browse my OneDrive interactively in a browser, and I can make changes to the folder there. It also shows up as a DriveItem in the returned list when my app uses the "sharedWithMe" API call documented here (with allowexternal set to true).
All good so far. The problem is when I try to actually retrieve the shared folder using the returned DriveItem. I am following the guidance in the doc page to use a call like
GET /drives/{remoteItem-driveId}/items/{remoteItem-id}
to retrieve the folder, and I have the "Files.ReadWrite.All" permission. I believe I am doing this correctly in my code, because it works fine on other items shared with me by users in my organization. However, with the folder shared by U2, this call fails with an "itemNotFound" error. I don't understand why this fails. Is this a problem with my code, or some configuration that needs to be done in my organization O1, or in their organization O2, or a combination? Or is what I'm trying to do just not possible across organizations?
I have found a couple other folks who have had similar problems, but the resolutions are inconclusive: see here, here, and here. These links have suggested a couple directions:
could this be a problem with some sharing setting on the part of organization O2? Unfortunately I don't have any control over this org. But if I can give them a clear request, preferably with some Microsoft docs to back it up, I think they would be receptive. For example, does organization O2 need to add/invite my account U1 as an external/guest user to their Azure AD? I don't know for sure if they've done that.
one of the comments suggested that my app would need to be a multi-tenant app for it to access resources in another tenant. I do not want my app to be multi-tenant in the sense of allowing people in other tenants to login to it, but I do want my account to be able to access resources in other tenants that have been shared with me. I tried changing the app registration for my app to multi-tenant, and that didn't make any difference.
in the multi-tenant vein, I found this Microsoft doc, which states "In the code of your multi-tenant app, get the authentication token for other tenants and store them in the auxiliary headers. The user or application must have been invited as a guest to the other tenants." In my code I am using Microsoft.Identity.Client.PublicClientApplicationBuilder to sign my account in and get an access token, using the authority for my tenant. It sounds like my access token is only valid for resources in my tenant - how do I get a token for another tenant in my code?
Thanks very much for any suggestions, be they pointers to docs, code suggestions, etc!
So I have an application that I want to be able to read from BigQuery and perform queries, be able to read from GSheets to form these queries and upload this data into a directory in Google Drive.
I understand how to individually do these things, but for the sake of consolidating my system, I would like to use one set of credentials for everything. Is this a good way to go about building my system? I would like to follow the "least access possible" guideline to limit visibility to the database.
Is the best way to go about this creating multiple credentials? Should I use OAuth Credentials and include relevant scopes? Or can I create one set of credentials for all of this?
I'm using python for the backend, don't think that's relevant to the question though.
The proper way to handle this is to create the project using the Google API Console and authorize all the APIs needed for this project.
Afterwards, you will have to select the APIs needed by following the steps from this article here.
In order to retrieve the credentials for the project, you will have to select the project you created and based on the type of application you plan on developing, you will have to select the type of credentials needed.
Selecting APIs & Service
Selecting Credentials
Then based on your choice, you will end up retrieving the credentials and use them in your application.
Reference
Authorize Requests.
I want to use Drive & Sheets API from Python3.
I tried to create a service account in GCP console, but it said You already have credentials that are suitable for this purpose, without telling me what role of GCP makes it suitable.
Now I want to find and add the role to my favorite service account. I do not want to create a new one, nor use the already-suitable ones.
What is the name of the role which allows using Google APIs?
I think this is confusing and poorly explained in Google's documentation but IAM and OAuth scopes are mostly (now) complementary technologies. I consider IAM to refine or provide more granular, account|credential-specific scopes
Scopes came first and IAM came later.
IAM -- actually Cloud IAM -- applies only to Google Cloud Platform (GCP) services.
OAuth scopes exist for all Google's APIs (including those of GCP).
https://developers.google.com/identity/protocols/googlescopes
In your case, Drive and Sheets are part of G Suite and not included in Cloud IAM. There are thus no IAM roles for you to assign to your service account that apply to these services.
For GCP services, it is customary (though seemingly redundant) to use both IAM and scopes.
Often you'll see https://www.googleapis.com/auth/cloud-platform used as something of a catch-all|default scope.
UPDATE: In retrospect, I should add a qualifier to this, OAuth scopes are effectively redundant for service accounts. In the case of a human|user-based OAuth flow where the end-user is delegating authority, the scopes remain relevant as they summarize the permissions for the end-user to review before granting to the code.
I am trying to develop an application, where I where fetching data from multiple clients related to some transactions. Now I want to make some analysis using the Google Spreadsheet. Is there any way by which I can achieve this using the ASP.Net MVC(using C#). Google provides OAuth and When I implement the code and when I am trying to send the data to Google spreadsheet which I receive form the clients. However, when I am doing that, for every new client, Google asks for login credential. Client enter their own credentials, and the Google sheet instead a common sheet, client own sheet is used. Thus, my purpose is not solved. Is there any way possible to do this. I does not seem to find proper documentation on Google as well. Please provide some suggestions to implement this. Thanks in advance.
This can be done very easily if you just want a read only database.
You must publish your Google Sheet to the web and, from its url, copy its id.
For example my sheet has this url: https://docs.google.com/spreadsheets/d/1IHF0mSHs1HdYpIlIzYKG3O8SnAhKU_a6nEJSz04Togk/edit
The long alphanumeric string in the middle is my sheet id. Copy it and place it instead of XXXX in the following url, as follows:
https://spreadsheets.google.com/feeds/list/XXXX/1/public/basic?alt=json"
So the final url would look like this:
https://spreadsheets.google.com/feeds/list/1IHF0mSHs1HdYpIlIzYKG3O8SnAhKU_a6nEJSz04Togk/1/public/basic?alt=json
Then you can simply access this url and get all your data as json.
Using jQuery:
var $url = 'https://spreadsheets.google.com/feeds/list/1IHF0mSHs1HdYpIlIzYKG3O8SnAhKU_a6nEJSz04Togk/1/public/basic?alt=json';
$.getJSON($url,function(data){
alert(JSON.stringify(data.feed.entry));
});
You will get a long json structure. The relevant data is in data.feed.entry. There you'll have many entries. On each one you'll have a "content" property and within it, a "$t" one. These will give you all the cells.
So for getting the first row, you will have to get data.feed.entry[0].content.$t.
Hope it helps.
This can be accomplished using Google Apps Script. In particular, you can achieve this with a "bound" script in Google Sheets (i.e. a script that was created in the context of the sheet that you wish to create as the "backend") that you then publish as a "web app" script. When you publish it, you can make it execute with the authority of the owner of the spread sheet (rather than the authority of the user who invokes the url), which will not require the end user to explicitly authorize themselves (since it is the script publisher's credentials, not the user's credentials, that are being used).
It should be noted that, while this (and generally building on top of Google Apps Script) is a reasonable approach for small-to-medium apps, you'll probably find using Google Cloud Platform (and, in this particular case, the Cloud Datastore) as the better, more scalable solution for small-to-large apps. That is, if you are prototyping or creating an internal tool that is unlikely to catch fire overnight, I'd go with whichever approach you find more convenient / simpler; if you are creating an app that could potentially experience a "success disaster", I'd go with Cloud Platform, instead.
If your sheet is public, you can do it withouth authentication. You can use google API Visualization with the query language or use the Google Sheets API.
But if your sheet is private, it is mandatory the use of OAuth2 authentication through service account credentials.
In order to do that, you have to create a service account (with owner of the project role for example). Then you have to download the client_secret.json file which will be the one you use in your code.
Finally you have to share your spreadsheet with the email you get in this file. Look in the file and you will see it.
I have made a tutorial. You can visit at http://edba.xyz/google-sheets-as-database. It is mainly based in PHP but it is easily trasportable to
other languages.
I have recently been developing a website using google sheet as backend. It is great. The speed is also appreciable.
I have integrated the custom backend which I wrote on google apps script with my Django app. So now my website stores the user information on google sheets. The google sheet code and Django app interact via Rest API which can be easily developed using doGet() and doPost() in apps script and python request on the Django side. Once the necessary structure is built( it does take some time tweaking if you are new) but then it works as a great database for your website.
Google spreadsheet is a great solution for quick prototyping database and even in some cases for production use.
People have already realized the potential and there are many tools today for turning your Google spreadsheet into a backend api
There are couple of libraries such as node-sheets for obtaining a json feed from a Google spreadsheet (read-only)
Also, if you need a complete standalone service you have some paid options like
https://sheetsu.com
And also open source options such as
https://github.com/scheduleonce/express-sheets
This can be installed on any cloud provider via Docker and you can point it to your spreadsheet and it will dynamically turn it into an api.
So if, for example, your spreadsheet has the following sheets:
| articles | products | users |
It will automatically create the 3 endpoints
GET /articles
GET /products
GET /users
It is suitable for read-only apis (you update the spreadsheet directly, not through code) that don't need to be changed too often (although you can control the update interval)
You can use Kodem.io.
Google Sheets As Backend allows you to do CRUD requets using Google Sheets.
Disclaimer: I work at Kodem
I'm new to oAuth.
What I need to do is
a) the user logs in the site using default .net membership provider
b) once he logs in he links his google/yahoo account ( what I understand is he gets a token access which should preferably never expire and I keep it in my db)
c) the user can get his google/yahoo contacts (Name, email id and if possible a unique id for each contact) using the token access
I have created a google account and have the app id and secret key.
I'm looking at dotnetopenauth samples, project templates and tools but it has lots of things and I would appreciate if someone can guide me on the right path.
Thanks and best regards
Arnab
The OAuthConsumer sample, GoogleAddressBook.aspx page, shows how to pull Google Contacts using OAuth. Note that although this sample is in web forms rather than MVC, the OAuth consumer code is entirely written in the code-behind and has no web forms-specific stuff in it, so it can be easily lifted and dropped into an MVC app without issue.
There is no equivalent Yahoo! sample that ships as part of DotNetOpenAuth.
Don't try to use the InMemoryTokenManager that the sample uses. Write your own ITokenManager implementation. The comments and docs will guide you.