Scenario:
Someone comes to my website and they see a file select field. They select the file and upload the file to MY Google Drive account.
Problem:
In looking at the Google Drive SDK docs I see that it uses OAuth for authentication, but I don't need to authenticate the user because they are uploading to MY Google Drive account. I'm aware that I need to register my application with Google, etc. but I'd like to know if I can upload without authorizing the user with OAuth the typical way (sending offsite or modal window to validate w/ redirect URL).
Is this possible to do? I'm using PHP.
You have two options:-
Use a Service Account. The files will be uploaded to the account of the Service Account
Use a regular Google account. For this option, you (as the account owner) will need to do a one-off auth to get a refresh token, which you will store. You can then use this any time to generate the access token needed to invoke the actual Drive API. You can generate the refresh token using the Oauth Playground, so no need to write any code.
See How do I authorise an app (web or installed) without user intervention? (canonical ?)
Related
I am trying to upload files into Google Drive using the Google Drive API but the problem is that I have to be logged-in every time. I searched a lot but no luck.
Is there any way I can do authentication process without manual and logged-in intervention?
If you are doing it correctly, you should only have to authenticate once save the refresh token, and use the refresh token in all your other calls.
Second option would be a service account but that is tricky as files are uploaded to the service account, unless you give it permission to upload to your own Google drive account.
At the moment I am trying to find out how to use my Google Drive to store images.
I don't want any user interaction. Users access my web-application then upload files and these files should be stored in my Google drive.
I figured out service account. It works fine, no user interaction. The only problem is storage limit and it is not possible to buy extra to extend it. So we can not use it.
Web application type where I provide redirect URI, sends me code to authenticate to use Drive API. BUT to receive code user should be authenticated and after that I receive code which will allow me to use users Google drive. But here I want to receive code by my account and store images in my Drive.
How can I get rid off user authentication, but use php authentication with my credentials (myaccount#gmail.com) and store files in my drive.
Thanks!
I have recently implemented the SSO functionality for a Google Apps Marketplace app we are developing. In simple words: it provides a way to retrieve the Google Apps' user's email and log him in in your website, without the need of authorization on his end. You just need the consumer key and consumer secret, provided by Google to the app during installation on your domain (the installing user also authorizes (a one time action) any other permissions you request in the Manifest file).
Now I have somehow managed to get the SSO user login working using JanRain's OpenID PHP library and adding Google Apps as provider using the PHP Extensions for Google Apps OpenID Discovery.
However, after logging in, I need to implement a functionality that will retrieve all users in a given Google Apps domain. I've already did that using oAuth2 authentication and the following Directory API. However, this requires the existense of a consumer key, consumer secret and a redirect URL (that must be registered in the Google API console).
Is there a way to remove this convenience and instead allow our users to directly be able to get their Google Apps domain's users, using the existing SSO authentication we made in the background while logging him in? Otherwise, it will be too much hassle for the user to register the app at the Google API console, enter the correct redirect URL and set it up in our website and then he will be able to get his domain's users.
Regular users cannot use the Directory API, you'll need to authenticate as an admin user to make Directory API calls.
Depending on your needs though for accessing all users, you may be able to get by with requesting access to the user's Contacts scope and grabbing a copy of the full Global Address List which contains information on all non-hidden domain users as well as non-hidden groups and shared contacts.
I'm trying to implement Google Drive API. They have quick start example here which is using Google OAuth 2.0. Using for a web application where user will use drive api for creating folder and save files, edit files etc.
Now the problem is OAuth 2.0 is redirecting the page and for authCode and then back to callbackUrl again ie. the usual way. Is there any way so that I can get the authCode without redirecting the url, by using cURL or some library that can do that without redirecting.
I'm using PHP for this app.
We currently offer an alternative flow for installed apps that doesn't redirect back to an app but outputs the exchange code. In order to be sure that user is explicitly giving permissions to your application, we need to intercept the flow for a user action.
If there are no end users involved in your use case, you may like to take a look at the service accounts: https://developers.google.com/accounts/docs/OAuth2ServiceAccount Service accounts also provide impersonation for Google Apps domains.
i wanna make web application use google drive sdk on PHP. when user login to my web using its own credential (ex username : lalala) will automatically login to user google account without user know like background login(silent mode) no redirect to google. username, email and password user save in mysql. user can upload file to google drive with my web application but not redirect to drive.google.com. how to make it? can someone give me an full example, please...
ClientLogin which implements basic authorization is deprecated across the Google products, you need to implement OAuth2 workflow for user accounts.