I want to download files for my private app without having to go through oauth.
In other word, I want to simplify the process to get my files from remote dropbox. Preferable, something like invoking GET to /files/<path>?key=<APP_KEY> to download the file at <path>.
Is it possible to accomplish that on Dropbox API?
The Dropbox API does not offer the ability to download files from an account without authorization. You'll need an access token to use /2/files/download. Access tokens don't expire by themselves though, so you can store and re-use them without further manual user intervention. I.e., get an access token for your account manually once, and just store that so your app can use it to call /2/files/download as documented each time.
Alternatively, if you only need to download from pre-determined file(s), you can get shared link(s) for the file(s) and download directly from the shared link(s):
https://www.dropbox.com/help/files-folders/view-only-access
https://www.dropbox.com/help/desktop-web/force-download
Related
I want to upload files from my server to my users's google drive storage, after they authenticate, the questions are:
Is it possible to do that?
Do I have to re-authenticate the user every time they like to upload a new file?
Could I embed the uploaded MP4 files in my website? (using the html video source as the file's download link of the user's google drive account)
do I need to re-authenticate the user if they just want to see the embedded videos some time later, in other words, is there anyway I could save some sort of a Token so they don't keep doing that.
Is it possible to do that?
Yes
Do I have to re-authenticate the user every time they like to upload a new file?
No, store a refresh token for the user and they wont need to authenticate each time.
Could I embed the uploaded MP4 files in my website? (using the html video source as the file's download link of the user's google drive account)
I wouldn't recommend it google drive isn't really designed for hosting of files in this manner that and people would need access to the file to download it anyway, its a big can of worms.
do I need to re-authenticate the user if they just want to see the embedded videos some time later, in other words, is there anyway I could save some sort of a Token so they don't keep doing that.
Yes as mentioned if the files are uploaded to your drive account you own them. You would need to share the files with anyone that you want to have access to them. You could set the files to public but thats not the best way to go about this.
Reference
Using OAuth 2.0 to Access Google APIs
I am trying to download (backup) images that customers upload for products that take custom logos (these are typically JPG, PNG, PDF, etc.) These customer files are downloadable by clicking on a hyperlink in the BigCommerce admin page for the order in question. The link is not a link to the image path but instead, a link to a service that sends the file to the browser. In other words, you have to be authenticated into the admin site to download the file. The URL looks like this:
https://mystore.com/internalapi/v1/orders/383945/products/251438/attributes/561518/download
https://mystore.com/internalapi/v1/orders/{order id}/products/{lineItem id}/attributes/{option id}/download
These are easily constructed in the API itself for a given order. If I use the link in a browser tab while I'm logged into the admin site, the file downloads.
But what I am trying to write an app to automatically download all the files (there are thousands). When I try to use this URL in an app, I get a authentication error. I tried at first using my regular API credentials but then used the credentials to log into the admin site. Both give me an authentication error.
I could not find anything documented on this so-called "internalapi." Anyone ever try to use this "internal" API that is used by the admin site?
I believe authentication is cookie based for that internal API, but there could be problems with using our non-publicly documented internal APIs in production, i.e. we may make future updates that would be breaking changes.
Images attached to orders through a file upload option also get copied to WebDAV, in the dav/product_images/configured_products folder. Another way to do this could be to use a WebDAV client library like easywebdav to connect and download the files.
I want to upload files to google drive. I'm using C# and have referred following links to get started
https://developers.google.com/drive/v3/web/quickstart/dotnet
https://developers.google.com/drive/v3/web/manage-uploads
I'm able to upload the file successfully to google drive but my main concern is I don't want to display any sort of UI/human interaction. It should be able to automatically upload the file.
Using OAuth2.0 there is a need that we have to manage and generate access/refresh token. I have no idea how these should be managed.
Isn't there any other way where the user can have access to google drive programmatically just by sharing his/her Gmail account username/password to achieve this?
Isn't there any other way where the user can have access to google drive programmatically just by sharing his/her Gmail account username/password to achieve this?
No there is not
The user needs to authorise your app one time. After that, you can save Refresh Token and use that for future unattended use.
I have clients uploading files directly to my Dropbox folder. I was curious if I can build a website form that uploads the file to my Dropbox folder and also saves the forms data to my server with a reference to the file that was uploaded to Dropbox? They are legal documents and I don't want to worry about security if Dropbox handles that.
It looks like it should definitely be possible.
You would have to use the dropbox api:
https://www.dropbox.com/developers
https://github.com/dropbox/dropbox-js
There are some javascript examples that would likely be what you would need to go directly to dropbox without going to your server first.
We have been working on a web service (http://www.genomespace.org/) that allows computational biology tools that implement our REST API to, among other things, read and write files stored on "The Cloud".
Our default file storage is a common Amazon S3 bucket, but we now allow users to mount their own private S3 bucket as well as files on Dropbox.
We are now trying to enable similar functionality for Google Drive and have run into some problems unique to Google Drive that we have not encountered with S3 or Dropbox.
Only way to allow clients that are not Google-authenticated to read files unobtrusively is to make the files "Public". Our preference would be that once the user has authorized access to our application via OAuth2, the user files could remain "Private" in Google Drive.
However, even though the user has already authorized our web service to offline access to their "Private" files, we have not found a way to generate a URL that a client authorized by our system can use to GET the file directly without the client being logged into Google as well.
The closest we have come to this functionality has been to change the file permissions to "Anyone with Link", except that for files greater than 20MB Google insists on returning an intermediate web page warning that the file has not been scanned for viruses. In addition to having to mess with file permissions, this would break our existing clients. Only when the file is "Public" and we utilize URLs of the form https://googledrive.com/host/PARENT_FOLDER_ID/FILENAME can non-Google clients read the files without interference.
Have not found any way for clients that are not Google-authenticated to upload a file to Google Drive. Our API allows our authorized clients to PUT files directly to the backing file storage using URLs provided by our server. However, even if a folder is marked "Public", the client requires Google authentication credentials to save to Google Drive. We could deal with both of these issues with intermediate hops through our system (e.g., our web server would first download the file from Google Drive and then allow the client to GET it) however this would be woefully inefficient and, hopefully, unnecessary. These problems have been discussed multiple times before on stackoverflow (e.g. here and here and have read the responses very carefully, but have not seen any recent discussion.
The Google folks direct their API users to post on stackoverflow for support, so I am hoping for a fresh look from insiders.
The general answer is: dont make the drive requests through the user's browser. Insead do everything from your servers. You are the one having the (refresh) tokens for users, so you should make all requests like a proxy between the user and Drive. Same for downloading, you download it and return to the user. As long as you use each drive's token there shouldnt be rate limit/quota issues.