I am developing a web app for a group, and I want to be able to let anyone in the group create an event and add it to the group's calendar through the app. I was able to get the basic functionality working using Google Calendar API v3 for Javascript -- you could fill out a form with the event's start/end times, title, information, etc, and it could insert that event into the calendar.
But the problem is with authentication. If a user is logged in to a Google account that is not given permission to create events on the calendar, they are unable to add the event (Javascript writes "Forbidden" to the console). If I log out of all Google accounts and then sign in with the account that owns the calendar, the event is created with no problems (that makes sense).
Adding every single person in the group to the edit-permissions on the calendar seems like too much of a "brute force" method.
Is there a way to always authenticate the Google account that owns the calendar? Or, better yet, is there a way just to force authentication in general, even if someone is already logged in to Google / authorized to the app? Some people in the group know the calendar login/password, so if I could always bring up a Google login screen, they could just enter the calendar account information and then add the event from there. Again, I'm using Javascript (not much documentation on this...).
Thanks!
Have a look at Service Accounts. That way the calendar is owned by the application, and so the application will always have permission to update it.
If you want to avoid authentication problem from other opened session in user browser, you have to authenticate on the calendar, using server side library.
check this link:
https://developers.google.com/google-apps/calendar/auth
it bounces you from one article to other, but at the end you should get all information.
Related
I am working on a calendar synchronization between my application and personal calendars of the users. The idea is that every time an event is created or updated, this event is sent to the personal calendar of the users (they can choose syncing to Google Calendar and/or Microsoft accounts calendar).
I have this complete flow working with Google Calendar and now I am working with Microsoft oAuth and Graph API to make it work either for MS Calendars.
Currently, for MS, I have the following scenario implemented and working:
User authorizes the application to access its calendar through consent page
Server exchanges the authorization code for an access token
I can insert an event in user's calendar using its access token as Authorzation header through Microsoft Graph API (POST https://graph.microsoft.com/v1.0/me/events)
Now I am trying to figure out how I can manage event updates (when start date changes, for instance, how I will send this update for each user's MS account), knowing the following constraints of Microsoft Events API:
Property "ICalUId" is generated by MS API itself and returned in the response of Insert endpoint. I can't insert an event with my own ICalUId. This is possible with Google Calendar and very useful, because if I send an event with an existing iCalUId to import endpoint, Google updates this existing event with the sent data, and if the iCalUId doesn't exist, Google creates the event (it performs an upsert-like action).
For each event inserted at different users calendar, a new "ICalUId" is generated, even if I am sending the same event object to insert. So I get many iCalUId's for the same event, this adds complex in tracking this event in users calendars, different from Google Calendar as I mentioned before.
So that's the challenge I am facing right now. Any ideas on how I can achieve this?
Thanks in advance!
Recently google has added multiple user support to the assistant so how would use the API to identify the person by voice?
It depends what you mean by "identify the person".
There is no way for an Action to get the raw audio, so there is no way for it to do voice printing or anything along those lines.
Although each voice has to be reported against a Google User ID, you do not have direct access to that user ID.
What developers do have access to is a UID that is sent along with each request to your fulfillment server. This UID is consistent across requests, although it can be reset by a user (for example, if they reset their Google Home). You can think of this the same way you think of an HTTP cookie - you can track the UID and, if you see it again, have reasonable assurance it is the same user that accessed it last time. This breaks down, however, for the "default" account on Google Home, since anybody who doesn't have an account will map to this user.
Beyond this, you can also use Account Linking to connect a Google Account consistently to an account in your own system. If you have sufficient authentication in place, or are using one from Google or Facebook for example, this can act as an identity.
There isn't an API for developers to identify users by voice.
I inherited an application that has tons of users already authorized to get twitter data on their behalf.
The problem is the guy who created is not around anymore and I am left with consumerKey and consumerToken only.
That in itself is sufficient to interact with twitter API, but I now need to know the account details ( in particular the screen_name that created the app) .
I could not find any API to get such details. Any ideas on how to get it.?
There isn't a direct way to find the app owner's screen name, but here are a few things you can do to investigate:
Use the ConsumerKey and ConsumerSecret, that you have, to start the OAuth process.
On the Twitter Authorization screen, you can see the name of the app and who created it.
You might be able to do a Twitter search for the person who created the app and get their screen name.
Continue to authorize the app - this will put it in your app list.
Visit your personal Twitter Settings tab, click on Apps, and find the App that you authorized.
Click on the owner's name, which will lead you to a Web site.
The Web site might be the company Web site, in which case, there is no further help.
The Web site might belong to the owner and it might have a link to the owner's Twitter account where you can get their screen name.
Just know that there's nothing keeping you from using the ConsumerKey/ConsumerSecret that the other guy set up. You can create your own app - preferably with an account that belongs to the company with credentials that the company can access if you're no longer around. Then use the ConsumerKey/ConsumerSecret from the new app on subsequent deployments.
I can see many related questions on SO, but none that answers exactly what I'm confused with.
I'm using Google Calendar API in a .NET desktop application that allows user to provide his/her username/password, logs in on his behalf and adds some events to the calendar. Now I want to do exactly the same thing for Tasks feature. I'm trying to use Google Tasks API for this, but have been told that I need to do some OAuth kind of authentication, and even before that, I need to go to my gmail account and set permissions and get my project "key" to enable it.
Now does every user of my application need to do these steps in their Gmail account? Or do I need to do this in MY gmail account once and then my application code will be able to use the generated project "key" to enable my users to add tasks to THEIR gmail tasks list?
Figured it out. For anyone having a hard time understanding this, here it is:
The "key" generation step needs to be done only once per application, not for each user who's going to use your application. To generate a key, login to your Google Account and go to Google APIs Console page. Click API Access button and that's where you can generate keys for different kinds of applications like browser apps, desktop apps, Android apps etc. After registration, you'll need to take Client ID, Client secret and API key from this page and put them into the code. Sample code (.NET) for task creation and several other Google features is available here.
Once your user runs your application, he'll be taken to his Google account in his default browser where he'll be asked if he wants to allow this application to write to his calendar/tasks list. This page will display your logo and description text too that you can provide at registration time. Once allowed, this step won't be required again in the next one hour (this may be adjustable, i don't know yet).
I want to automtically add calendar entries to Google Calendar from within my Rails App. I am not able to find a gem which allows transparent integration to Gcal.
Problem with gdata - http://code.google.com/apis/gdata/articles/gdata_on_rails.html#AccessingFeeds is that its not maintained and it requires the user to go to authentication URL. I am reluctant to store user passwords to everytime authenticate them before posting to their calendar. I already have google based openid using omniauth.
I am looking for a solution which can : 1. Allow updates to user's google calendar. 2. Wont need the user to authenticate everytime they want to update their calendar.