I have created a desktop .NET C# application, which utilizes Google API (particularly Google Drive) through official .NET library and OAuth 2.0.
According to the official example, I use GoogleWebAuthorizationBroker with client_secret.json file, downloaded from the Google Developer Console for my project. It is stated in the docs that I should keep my developer's secret private (which seems logical to me), but in the following examples, it is saved to a plain file, which is copied to application build directory during build. So application user is able to open my file and grab my secret.
Question: should I place client_secret.json content in a protected place (like maybe just hardcode its values in the most naive case), or am I missing something and a plain file is not insecure in this case?
Related
Let's say I wrote a simple desktop app that reads some data from a Google Sheet, goes off and finds the answer and comes back and writes it into the Google Sheet. Now hundreds of people have sheets and want to use my program to process them. I post my program and let them download it for free.
Here is the sequence I think the end user needs to follow to get it to work:
1. Go to the GCP console and create a new project
2. Enable the Google Drive and Google Sheets APIs
3. Create a credentials JSON file with access as the Project Editor.
4. Create the Sheet if needed.
5. Copy the email out of the JSON file and Share it in the Sheet.
6. Make sure the JSON file is named right and in the right directory so the app finds it.
That all seems like a lot just so an app can read and write to a Google Sheet. Is there a simpler interface I am missing?
Answer:
There are steps that will always need to be completed when a user runs an application that accesses the Google APIs as themself, however depending on the case some of these may be simplified or circumvented.
More information:
There are a few things that you will need to bear in mind when creating an application for others to use, I'll summarise these points here and explain in a bit further detail:
To use a G Suite API, a Google Cloud Platform (GCP) Project needs to be owned and have the API associated.
In order to use the Google APIs (such as Drive and Sheets) its use must be enabled within the project that will use it.
If a user is running an application as themself, they will need to authenticate the application with their own credentials.
As per Google's documentation for Setting up a project:
Every application that uses Google APIs needs an associated Google Cloud Platform project. This project is a set of configuration settings that define how your application interacts with Google services and what resources it can use.
Resultantly, if your users will be running the application themselves, from a version of the app which is unpublished and not in the G Suite Marketplace then yes - they will need to create a GCP project, enable the respective APIs and use their personal credential file to run your application.
In reality this isn't the way G Suite Applications should be created, distributed and maintained and I can't reccommend that you do it this way. The G Suite marketplace is there to put in place a way of application distribution while removing the need for each user to create a GCP project and authenticate.
Things you can do:
With this in mind, there are a couple of things you can do to which will make the process of what you're doing slightly easier/shorter. Please bear in mind this isn't recommended for application distribution and more for testing purposes:
You can combine points 1, 2 and 3 in your question by having users click the Enable the Google Sheets API button on the Python Quickstart page. This button creates a new GCP project, enables the API and gives a credential file download link in one fell swoop.
Rather than having the user create the sheet themselves, you can code a sheet existence check in your program and create it if it doesn't already exist:
from pprint import pprint
from googleapiclient import discovery
# assuming you already have all your authentication code
sheetsService = discovery.build("sheets", "v4", credentials = credentials)
# add request body to variable sheetBody:
sheetBody = {}
# create the sheet:
sheetsService.spreadsheets().create(body = sheetBody).execute()
The https://www.googleapis.com/auth/drive.file scope allows your application to only access files created by itself which gives your application an extra level of security and trust.
In the sheetBody contents you can imclude the email address of the account running the application, if applicable, by running a Files: list request of the Drive API and reading the owners.emailAddress property of the response, to save reading the address from the JSON file.
References:
G Suite Developer:
G Suite APIs
Set Up Your Project
Build your app
Google Sheets API v4:
Python Quickstart
Google Drive API v3:
Files resource
enter image description here
I use Dropbox folder by setup Dropbox program in my computer
When I have to get direct link to any file in Dropbox folder just I go to Dropbox folder in my computer and choose that file and right click by mouse and select copy direct link of that file
How I do that by vb.net
I want to brows for file and select it and get that direct link by vb.net
And I am sorry for my bad English
[Cross-linking for reference: https://www.dropboxforum.com/t5/Discuss-Developer-API/How-do-I-get-the-share-url-of-a-local-dropbox-file-using-vb-net/m-p/345339 ]
The kind of Dropbox link you're referring to isn't a "direct" link, but rather a "shared" link, where the link itself points to an HTML preview page, where the user can download the file if they want. You can find information on this feature here:
https://help.dropbox.com/files-folders/view-only-access
Dropbox does offer an API you can use for listing, uploading, downloading, and sharing files, among other operations. You can find everything you need to get started with the Dropbox API, including documentation, tutorials, and SDKs here:
https://www.dropbox.com/developers
Dropbox does offer a .NET SDK in particular:
https://github.com/dropbox/dropbox-sdk-dotnet
To create a shared link for a file or folder using the .NET SDK, you would use the CreateSharedLinkWithSettingsAsync method:
https://dropbox.github.io/dropbox-sdk-dotnet/html/M_Dropbox_Api_Sharing_Routes_SharingUserRoutes_CreateSharedLinkWithSettingsAsync_1.htm
Is there a way to download file directly from dropbox without logging in. I find this to be a serious limitation. I want to link a few files from website. Can this be done in dropbox?
I realise this can be done with an api (at least in theory) but I have no idea what the link should look like. Cheers.
If you have a Dropbox shared link for a file that can be accessed publicly, you can download from it programmatically.
You can download directly using the link as documented here:
https://www.dropbox.com/help/desktop-web/force-download
Or, you can use the API via the /2/sharing/get_shared_link_file endpoint:
https://www.dropbox.com/developers/documentation/http/documentation#sharing-get_shared_link_file
I need to simply do this:
I need my application to use OAuth to get a user's full name, email address, gender and date of birth from Google.
I've got the whole deal about how to use OAuth. I've got the workflow and I could myself use the HttpWebRequest or the HttpClient to make requests myself and do it the raw way, which I actually prefer.
But, just to be safe, I want to use the Google API Dot Net Client. I have been reading through the vast amount of documentation about using this monstrous thing and I can't figure out a few basic things:
1) Which Google API do I need to use? Just the Google OAuth API will do? I see in the google dot net client library samples that they all get data from other Google services such as the Drives or Books services/APIs.
If I need just the basic information such as full name, email, gender and date of birth, which service do I need to query using the Google OAuth API?
2) Which NuGet package must I install? There're plenty of them with roughly the same names.
I've read a ton of stuff in the last 2 days about this and there are about 28 tabs open in my browser about this. The more I read, the more it adds to my confusion.
The NuGet package pages on the nuget website have no documentation at all. They must clearly state the purpose and the extent of services that the package provides. The latter is clearly missing. They all seem to have the same one line description instead, which is totally unhelpful.
I even took the source for the google-api-dot-net-client and tried compiling it. I didn't even know which Visual Studio version it was going to open in. I read the solution files in Notepad and they suggested that the version of 2012. So when I opened the solution in Visual Studio for Web 2012 Express, many projects did not open; it said they were incompatible with the version of Visual Studio. Also, the dependencies/references weren't loaded correctly.
I am using Windows 7 Home Premium. I've got Visual Studio Express versions from 2008 to 2013.
I need to use the OAuth API in an ASP.NET MVC application. I've seen various samples. I just need to know the basic set up information such as which binaries and which NuGet packages I need to get and from where.
Update
Hurray to hand-plumbing. I'm doing it by hand. Ditch the .NET client.
All Google.Apis NuGet packages are auto generated. As you can see there are packages for Drive, YouTube, Plus, Storage, AdSense, etc. You can read more about each package in our developers.google.com site. Take a look at the following:
https://developers.google.com/api-client-library/dotnet/ - Contains all the documentation for the .NET client library for Google APIs.
https://developers.google.com/api-client-library/dotnet/apis/ - Contains all the different Google APIs and several references to the API documentation, how to download it using NuGet, etc.
Check out our https://developers.google.com/api-client-library/dotnet/guide/aaa_oauth page. It contains a lot of information about the OAuth 2.0 protocol and several snippets
In addition, just to let you know, you don't need to use any of that:
https://code.google.com/p/google-api-dotnet-client/source/browse/ contains only the core library code that is shared between all those different APIs. All APIs shared the same OAuth 2.0 protocol, the same HTTP components, the same media upload and download mechanism and so on. Every week I update the NuGet packages by running the NuGet publisher.
Hope it makes sense now.
I am working on Dropbox Core API with Google App Engine (python). There seems to be some problems with Dropbox-python-sdk on GAE. Therefore, I have choose to use the Core APIs directly.
My app is trying to retrieve all image files from a user's dropbox (with file type permission). But I couldn't find a way to get all files without specifying the root/path (all the APIs stated here requires a specific file path)
Any idea?
EDIT Dropbox actually recommends not automatically recursing via /metadata calls. (See https://www.dropbox.com/developers/core/bestpractices.)
There's no method to get a recursive list of files, so you would need to use /search to find files or /delta with no cursor to get the full list of files.
Could the Chooser be an option here (if you're just trying to let the user pick individual files)?