I am trying to do an app that requires google spreadsheet API, however it looks like I can't enable it from the console. Therefore, I can't ask for the permissions to the documents.
I know that it is possible, because I found this playground: https://developers.google.com/oauthplayground which asks for permissions for Spreadsheet API, but I just don't know how they did it.
Can someone help me, please?
You need to use OAuth2 with the https://spreadsheets.google.com/feeds permission scope. If you would like to create new spreadsheet file in the user's Drive, then you also need the https://www.googleapis.com/auth/drive scope.
See this for more on the Spreadsheet API and this for Drive.
Related
I've been trying to use the google sheets api key to get data from a spreadsheet I created. But the thing is that I've failed many tries.
I know a way to do this, and it's using the credentials.json and the OAuth2, but with this method, when I run my program, it redirects me to the browser for an authentication. And that's something I donĀ“t need.
My development is back-end and of course I don't need any authentication in any browser.
So I don't know what else I can do because when I try to use the URL "https://sheets.googleapis.com/v4/spreadsheets/{spreadsheetId}" after getting the API KEY, I receive errors like "the caller does not have permission".
I read that to be able to use the api key with google sheets I must make my spreadsheet public but that's something I don't want to, I can't make my spreadsheet public because it contains sensitive information.
If anyone can help me I'd really thank you..
I found this tool from google recently https://developers.google.com/oauthplayground/
and well I am currently doing an authentication practice for an api with node and passpor.js, I would like to know which of these apis is the one that I should choose to obtain a token with the user, the email and the profile photo, in the tutorial I saw that use https://www.googleapis.com/auth/userinfo.profile, so I don't know if it is depreciated or has been replaced by a new one, or if it is something that can be used in production.
And well also if you could explain a little more about what this tool is, I would appreciate it a lot.
On OAuth Playground you can "input your own scope".
Copy and paste https://www.googleapis.com/auth/userinfo.profile and click Authorize APIs.
Then exchange for an access token.
After that you can call https://www.googleapis.com/oauth2/v2/userinfo and it should return the data you are looking for.
I've been creating an extension for VSTS, and so far i have stored some data in documents in collections (https://learn.microsoft.com/en-us/vsts/extend/develop/data-storage).
The problem I have now, is that I need to GET these documents somehow from an external application. I have looked into: https://github.com/Microsoft/vsts-auth-samples/tree/master/ClientLibraryConsoleAppSample to get the authorization done, but then I am unable to get the documents. If I try to access through the REST API I have issues authorizing myself(without the personal access token provided. The application is supposed to work for every user, and i cannot get and use every user's personal access token. This is not feasible for 350+ people) as well as I am unable to get the REST API working. The documentation on all of this is severely lacking.
Anyone able to help?
The documentation is lacking, because the Data Storage is isolated for the extension and there is no easy way to access the data from outside of the extension. If you need external access, you also need to store your data externally. Azure storage or in a TFVC/Git repo under the VSTS account.
As for per-user storage access, that's also isolated and would indeed require either a account owner token or a user specific Oauth or PAT token.
I have found the solution. The documentation states that there are 2 ways of working with the documents/collections. REST API and their VSS wrappers. The url required to get all documents in a certain collection is as follows:
https://{account}.extmgmt.visualstudio.com/_apis/ExtensionManagement/InstalledExtensions/{publisherName}/{extensionName}/Data/Scopes/Default/Current/Collections/{collectionName}/Documents/{documentName}.
Using this in a browser works just fine. All that needs to be done in order to use this with an external application is authorization.
If you use sdk methods from docs like VSS.getService(VSS.ServiceIds.ExtensionData) you can view (easiest in dev tool in browser) the request.
Its look like:
https://extmgmt.dev.azure.com/{organization}/_apis/ExtensionManagement/InstalledExtensions/{publisher id}/{extension id}/Data/Scopes/Default/Current/Collections/{collections (by default 'MyCollection')}/Documents
I need a way to identify users. I have a Google site that is users access via their gmail accounts. My site is designed to allow users to view any data, but edit only their own data. This works fine for me as I'm the owner of the site and publisher of the scripts, but Session.getActiveUser().getUserLoginId() returns null for anyone else.
Please provide me the solution about this problem. Any link / any piece of code?
I suppose, that the script is deployed with the Execute the app as: combobox set to me. Please check it and change the combobox value to User accessing the web app.
I am impressed by what I have seen of yeroon.net/ggplot2 which is a web interface for Hadley Wickham's R package ggplot2. I want to try it out on my own data. The part that has me very excited is that one can use data stored in one's own Google spreadsheet as the data. One just signs into their Google Account so that yeroon.net/ggplot2 can access the spreadsheet list. I have been hesitant to do it. If I sign in whilst on yeroon.net am I handing over my username and password to a third party? It would not be wise of me to divulge my google password to third parties since Google is fast becoming my repository of everything.
How do I know if Jeroon's application is using ClientLogin or OAuth? My understanding is very basic and may be wrong but nevertheless here it is. OAuth would be better since it does not actually pass the password onto the third party application.
I am the creator of the yeroon.net/ggplot2, someone pointed me to this topic. I'll try to explain how the system currently works.
The application is using AuthSub authentication. The moment you sign into your Google account, a Google session is created. This session only has access to the Google documents and Google spreadsheet services that you gave permission for on the Google login page, so not to e.g. your mailbox.
Once you logged in, you retrieve a session token from Google: a unique key that belongs to the session and can be used to make requests to access your Google data. The session token is stored as a cookie on your browser until you close it. Every time you make a request to yeroon.net servers, this token is added to the request.
Using this token, the yeroon.net servers can access your google data, e.g. to retreive a spreadsheet. The token is not stored on the server, although I understand that you have to take my word on this. Also it is not possible to find out your username or password from the session token; it can only be used to retreive data, as long as the session lives.