I am developing an application to access Google APIs and I have working the Calendar and Google Cloud Print APIs using OAuth 2.0 for devices.
A few months ago on the Google forum I asked about the Drive API returning "invalid_scope" and they informed us that for devices they were limiting scopes and hoped to open more up shortly.
We asked then about when the other APIs (like Drive) may open up to devices as we have customer asking us to add this to our application.
Hoping someone from Google can answer this question. Thanks!
Request:
POST /o/oauth2/device/code HTTP/1.0
Accept: text/html
Host: accounts.google.com
Content-type: application/x-www-form-urlencoded
Content-length: 92
client_id=xxxxxx&scope=https://www.googleapis.com/auth/drive
Answer:
{
"error" : "invalid_scope"
}
Yes, we will be opening the device flow back up for access to more scopes. We're still working on the details but are aiming to make this change later this quarter.
Related
it's my first time to ask question on stackoverflow.
I am trying to write some data from Raspberry Pi to Google Sheets directly, and followed this article "Get Credentials for Google Spreadsheet" https://docs.wso2.com/display/IntegrationCloud/Get+Credentials+for+Google+Spreadsheet to get authentification.
Everything was smooth till Google OAuth 2.0 Playground. I sellected all URLs under Google Sheets API V4, then clicked "Authorize APIs". I got the message: "404 Not Found The resource could not be found."
Please advise the possible steps which I may did wrong, then I can try to figure out the solution. Thank you.
I have recently learnt about API and started using them for learning purpose.
I have tried the twitter API,but there is something I don't understand
Process of sending tweets with an API
Get your API token (need to tell a lot of informations and wait some time before it's validated)
Make http post request with the token to 'https://api.twitter.com/1.1/statuses/update
Tweet posted successfully
Process of sending tweets with your browser:
Create an account (don't need that much information, it's instant)
Login, write a tweet
When you click on submit, a http post request is sent (to the same url that above) and there is a Bearer token in the request header
Tweet posted successfully
So that leads to my question, why should I contact twitter to have an API token, if I can have one just by creating an account ?
How do twitter back-end know that the request is coming from a browser (normal use) or if it's coming from a third part app ?
The direct answer to your question is that the only approved way (inside of the Terms of Service) of sending Tweets programmatically is to use the official API.
There are a variety of ways in which websites and web services can detect browser automation or usage, and that's not really a question for a programming community like Stack Overflow.
What exactly are you trying to do, and why would you choose not to use the supported official API?
my dev and I would like to implement the google picker on our website. It will allow the web-visitor to upload their files from their Google drive to our website.
My dev is now trying to get the API for the google picker however they are asking for a "demo video that showcases the process to request an OAuth token" and we were wondering how we should do it when we don't have the API from google.
We are doing all of this on the staging site and we were wondering how are we suppose to do this demo video when the API is not provided and not installed.
please enlighten us, thank you!
See the question How can I make sure the verification process is as streamlined as possible? in the FAQ. It explains what the verification team is looking for with the video. Mostly it's just about showing how your product uses OAuth and the various APIs -- in your case how it asks for access to Drive, how the picker is used, etc. You're showing the integration from the user perspective.
I have spent the last couple of nights bashing my head against the wall amongst a see of conflicting out of date documentation and semi-helpful blog posts that were/are appropriate to what I am trying to do.
Essentially I want to write a wee personal app do download my images from PicasaWeb/Google+ and store them on my local hard disk.
I have managed to do the following:
Figured out the GData API for the appropriate request to get private album data (works fine in my 'google-logged-in' chrome browser)
Got the correct private data back from my GData URL with the token generated by the OAuth playground.
Managed to get an OAuth2 token back from https://www.googleapis.com/oauth2/v3/token using JWT.
However - when I try my access token I generate myself I get back a forbidden response with the message 'Not authorized to view access private'.
I am pretty stumped - my only guess is that my service account configured in google developers console doesn't actually have access to my personal google stuff like google+ photos. When I look in there I can see the OAuth playground has access. How do I give my app access - and do I need to in this scenario?
Thanks in advance,
Robert
"my only guess is that my service account configured in google developers console doesn't actually have access to my personal google stuff".
Totally correct.
I guess I see 2-3 questions per month on SO where people have made the false assumption that a Service Account is some kind of proxy to their Google Account. It isn't. It's a completely new and independent account.
The two approaches you can take are:-
Share the items to the Service Account so it has permission to access them.
Give your app direct access to your Picassa account. See How do I authorise an app (web or installed) without user intervention? (canonical ?) for the steps involved.
Recently, AuthSub died...?
Is it possible to migration from session_token of Authsub to refresh_token of OAuth2 ?
Please tell me how to do it if possible.
Its still supported, but is failing for us as well (and others if search twitter for it). I'm wondering if Google is experience a technical issue with AuthSub or if they made a change (e.g. patch/release) earlier this week that is causing the issues?
We see it working for some Google accounts and fail for others - starting on Dec 10/11. So, its not impacting every Google account.
We are currently not capturing the outgoing requests to google. We are using the library gdata-calendar-1.0.jar to make google calendar api calls using AuthSub and the library is throwing an exception with the exception message "Unknown authorization header". This worked perfectly up until Dec 10/11th or so for all of our users.
What is strange is now the same calls do work for certain gmail accounts but not for others.
In our testing we are seeing that turning off the enhanced security in our web application results in the warning displayed to the user on the Google Authorization page but makes the connection work for the accounts that are failing.
Here are the api calls we are making:
AuthSubUtil.exchangeForSessionToken to connect to the google account
CalendarService.query to get events
CalendarService.insert to insert events in calendar
CalendarService.getFeed to get the calendars
AuthSub is still supported by Google as per Google's deprecation policy.
As for a migration path to OAuth2, currently there is none.