0

I am new to google drive and hasn't been able to find an answer to my question so far... I have some very basic understanding, so if I missed it and there are some good articles - I will be glad to peruse them!

I know that simple authorization requires ClientId and ClientSecret which I can get from Google Dev Console. Once obtained, I can use them in my project, run requests and access files. What is not clear to me is whether I can receive such access dynamically. Eg. my application accepts gmail credentials (login/password) and if I specify them it should show me the list of all google docs for this account. Is there a way to achieve it?

pinoyyid
  • 21,499
  • 14
  • 64
  • 115
Tim
  • 1
  • Yes it's possible. The question and answer are too broad to get an answer on so. Just read the docs, watch the videos, and experiment. – pinoyyid Jul 17 '15 at 17:53
  • Sounds weird to me.. isn't it like a basic thing - "Here is my creds, show me my data"?.. – Tim Jul 17 '15 at 21:53
  • I will appreciate any suggestions regarding the docs or the videos where credentials (gmail login/password) topic is mentioned. – Tim Jul 17 '15 at 21:56
  • not possible eith email/pwd. the drive authorizing request section in official docs explain this. – Zig Mandel Jul 19 '15 at 14:10

1 Answers1

0

Hail and well met fellow traveller. Come, join me by the fire, and we will speak of your quest.

You seek to woo the Princess Drive of the Castle Google. Many Knights have sought sexy time with the Princess, and many prevailed. But be warned, Sir Knight, many have failed. You will see these withered souls trudging back on the same road you travel. Some fail to reach the castle, others think they succeeded but were seduced by the Princess's evil sister, Princess Drive Android API.

But first, let us talk of the Golden Years. The halcyon days of sessions and cookies, when the amulet of username-password would grant us access to all of the Princesses in the palace. Those were indeed joyous times where many a noble knight enjoyed many a princess. Sadly, as the legends tell us, not every knight was as noble as you or I. Many a princess fell victim to false knights. When the princesses started to offer their REST API, it was deemed necessary to offer them some personal protection against the evils of men. So the amulets of username-password were all destroyed, and each princess fitted with individual chastity belts which the elders chose to name "scopes". To unlock a scope you will need to bear a new artifact by the name of "Access Token". Remember, each princess requires you bear a different token, and be warned Sir, the power of these tokens wanes after just 60 precious minutes. For some knights, 60 minutes is sufficient for their purposes. Others however have more languid intentions. Such knights carry with them a Refresh Token with which they can forge new Access Tokens on-the-job, if you'll pardon the expression.

I see you're anxious to know more of these Access Tokens of which I speak. Here, Sir, I must counsel you to temporarily put aside thoughts of the Princess Drive, for there is a another quest you must first complete before you once more dream your dreams of the Princess. This new quest is more fearsome and fraught than any you have faced. In order to win your Access Token (and optional Refresh Token), you must first slay one of the Three Legged OAuth Dragons. Which dragon you encounter will depend on your good self. The standard Three Legged OAuth Dragon will be your quarry if you, Sir, are a devotee of one of the Server Gods. If you are of the Order of Java, or of PHP, or of node.js, then you should seek out the Standard OAuth Dragon. I offer you this scroll https://developers.google.com/identity/protocols/OAuth2WebServer which will aid you to slay the Standard Dragon. But perhaps, Sir, you are a devotee of the Client God, and you are of the order of JavaScript. In that case, you must seek out the Mutant Dragon. He may be vanquished by following the commands in this scroll https://developers.google.com/identity/protocols/OAuth2UserAgent . Whichever dragon you slay, you will be rewarded with a single Access Token. If your victory is epic enough, you will also be rewarded with a Refresh Token. If you secure a Refresh Token, then you must vow to guard this with your very life, for should a less noble Knight steal your Refresh Token, he may forge his own Access Tokens and wreak dread upon the Princess Drive.

You have mentioned the Inn of the Dev Console. You must first proceed there. Speak to the Inn Keeper and tell him of your quest. He will ask you which Dragon you intend to fight, and he will hand you your weapons. These will be your Client Id and (if you choose to fight the Two Legged Dragon) your Client Secret. If you are of the Order of Javascript, you will need to inform him of your origin so he can arrange for the CORS gate to be opened for you.

Before you engage with the dragon face to face, may I suggest you call in at https://developers.google.com/oauthplayground/ where you will find practice dragons (and princesses). Rehearse your moves and observe the dragon's response, and only when you can confidently slay the practice dragon, should you take up code to face one of the real dragons. May I also suggest you look around the corner of the playground with the sign "Use your own OAuth credentials" (you will need to pass by the Settings zone). This will allow you to test the weapons you brought from the Dev Console Inn rather than the wooden weapons you are given by the playground attendant. I have a copy of the Playground instructions here for your erudition How do I authorise an app (web or installed) without user intervention? (canonical ?)

So, I bid you luck on your path to face the OAuth Dragons. When you are victorious, return here with your token, and I will set you on the path to the Princess Drive. I have shared many a moment with the Princess, so I can tell you that she is indeed most fair, with many a pleasant offering, but she can also be a real b***** and rebuff you with "501" or "403" without warning. That's princesses for you!

Fare well

Community
  • 1
  • 1
pinoyyid
  • 21,499
  • 14
  • 64
  • 115
  • ps. My lawyer has pointed out that throughout the above text, the word "Princess" shall be deemed to refer to any member of a royal family, regardless of gender, and that Brienne of Tarth rocks – pinoyyid Jul 18 '15 at 03:14
  • Found this link useful too: https://developers.google.com/drive/web/delegation#instantiate_a_drive_service_object – Tim Jul 20 '15 at 18:46
  • Beware, young Sir. That scroll is for those knights who are members of a Domain. They are known when they are addressed, not as knight@gmail.com, but as knight@mydomain.com. If you are truly such, then you may proceed according to Service Account scroll. If you are not a Domain knight, then my advice to you is to burn that scroll lest it distract you from your true quest. – pinoyyid Jul 21 '15 at 03:13
  • Will there be a second part of the story? – Tim Jul 23 '15 at 18:19
  • The laws of this place demand two things of you. Firstly, thou art directed to the sign of the tick, to the left of my words. By depressing the leftmost button of the device known as a "mouse", the tick shall turn green and I will be pleased. Secondly, you are required to ask a new question, since it is forbidden to provide two answers to a single question, especially one as broad as yours. You have already attracted the displeasure of two sentinels who wish your question to be cast aside, and you risk the ultimate mark of scorn and shame, the "downvote" if you fail to be more specific. – pinoyyid Jul 23 '15 at 19:14