3

Google API OAuth 2.0 servcie Account C# ( drive api)

I am only targeting ONE Service Account.

I am looking in authenticating to a service account.

following this example: Google example

As far I can understand, the token is permanent not 1h like other authentication type. Yet there is no mention of the token in the code. Do I have to store this token? or do I have to request it every time I want to create the service, using the certificate?

Is the "service" creation code the same as described every time I need it. Or is this just for the very first time I request access to this account?

Santhan Salai
  • 3,888
  • 19
  • 29
Lambda
  • 1,020
  • 2
  • 10
  • 25
  • 1
    Hi! It need to be a service account? [This](https://conficient.wordpress.com/2014/06/18/using-google-drive-api-with-c-part-1/) and [this](https://conficient.wordpress.com/2014/06/18/using-google-drive-api-with-c-part-2/) have helped me a lot! – Daniel Oliveira May 30 '15 at 19:42
  • it is a service account to store data of the app. – Lambda May 30 '15 at 19:48
  • @Daniel, you'r right service account is useless these is no UI. Especially for Gdrive. – Lambda May 30 '15 at 20:37
  • Yep @Lambda! That article shows how to store the refresh token and use it to authenticate the app. Please, let me know if I could post as anwser. =) – Daniel Oliveira May 30 '15 at 22:07
  • yes +1 for pointing this good article warning about limitation of service account. – Lambda May 31 '15 at 08:41

2 Answers2

3

As I've commented, the article "Using Google Drive API with C#" part 1 and part 2, shows how to store the refresh token and use it to authenticate in the name of app. It's also warning about the limitations of the service account, in many cases "useless" as you said.
Here's another one implementation of IDataStore.

Hope that help you! =)

Community
  • 1
  • 1
Daniel Oliveira
  • 1,101
  • 9
  • 26
0

Google offers a few options for authenticating users. One of them is Service Accounts which provides more secure communication between your app and Google server while authenticating users.

Normally, if you use Google oAuth library in server side, a shared key is used to authenticate user and to get a token which includes access_token, toke type, refresh_token, expire time. In this case, user should give you permissions.

However, when you use Service account, user is not involved and service account is used for authentication. In this case, in first time, you should use Service Account to get a token and store it in your DB. That way, you will be able to use it next time while sending API calls. And of course, for security reasons, this access token will expire. In this case, you will use refresh_token which returns when you get token for the first time. With using refresh token, you will be able get a new access token.

Mert Metin
  • 411
  • 1
  • 8
  • 21
  • I decided against service account because it has no UI as described in article pointed by @Daniel. However, you point to what I was suspecting: it is a different process first time / every day use. Yet the example does not mention anything about a token, how to retrieve it and how to use it after. – Lambda May 31 '15 at 08:39
  • In document, it mentions about access tokens. Just search it. – Mert Metin May 31 '15 at 12:39