Python: Google Drive Authentification

Question

My task is to connect to Google Drive API (with the help of PyDrive module) and download some files. I somehow managed to get this thing working on my local computer - I registered my "app" at the Google Console, I downloaded the client_secret.json, ran the script, the authentification window popped out, I signed in with my Google account and Drive was accessible, everything OK.

Now I want to use my script on a server and I am basically clueless how to do that. I submitted a support ticket to my provider and their answer was:

You need to get these:

{
 "#authJson": "{"access_token":"XXX","token_type":"Bearer","expires_in":3600,"refresh_token":"YYY","created":1457455916}",
  "#appKey": "key",
  "#appSecret": "secret"
}

where #authJson is a result of 'whoevers-drive-you-want-to-access' authorization and and #appKey a #appSecret come from the oauth.

I don't know how exactly get these. I know how to download client_secret.json. So the question is: how to get these? And am I even on the right track? Or different approach is required.

The ideal final state would be: to have some sort of permanent access_token to my Google Drive which I can pass to the app (e.g. as a string parameter). The app then connects to my Drive and downloads desired files.

Robin Nabel · Accepted Answer · 2017-04-05T22:43:51.717

8

EDIT: See edit for pre-authorised server applications.

What you are looking for is CommandLineAuth() from PyDrive.

Your code should look something like this:

from pydrive.auth import GoogleAuth
from pydrive.drive import GoogleDrive 


ga = GoogleAuth()
ga.CommandLineAuth()  # This line in your code currently calls LocalWebserverAuth()
drive = GoogleDrive(self.ga)
# etc.

When you run the script on the server, it will ask you to copy-paste a link into your local browser. Once you login with a specific account, you will be given a seemingly random string of letters and numbers. Paste that string into your console and you should be good to go.

Since you likely won't want to do this everytime the script runs, consider adding a settings.yaml file to your project, which allows you to save log-in credentials. Details of how this is setup can be found in the docs.

EDIT: If you want to distribute a PyDrive script to any server without further authentication, you have to:

Download client_secret_xxxxx.json
Add a settings.yaml file to your project, see this template. Ensure that save_credentials_file: is set, e.g. creds.json
Copy the information such as client-secret from the client_secret_xxxx.json into the settings.yaml file.
Go through the auth process on our development machine - you should now have an extra file in your folder containing the credentials (e.g. creds.json)
Copy the entire directory containing the a) the original script(s), b) the settings.yaml file, and c) the generated creds.json file to the remote machine. Make sure relative paths don't change.
Profit?

Note: There are API call-limits attached to the Google Drive API preventing more than 100 calls within a 100 second period.

edited Apr 05 '17 at 22:43

answered Mar 23 '17 at 14:22

Robin Nabel

2,170
1
21
26

Hi Robin, thanks for the answer. May I ask one more question? Where to get these log-in credentials (that will be saved in the `settings.json`)? – mLC Apr 03 '17 at 14:58
Hey @mLC, did you download client_secret_xxxxxxx.json file (usually renamed to client_secrets.json when used for PyDrive) from the Google Cloud Console? It's a json-formatted file with all the information that you should need for the `settings.yaml` file. You can use [this file](https://github.com/googledrive/PyDrive/blob/master/pydrive/test/settings/test2.yaml) as a template. Also just noticed that I called it `settings.json` in my answer, it is actually called `settings.yaml`. – Robin Nabel Apr 03 '17 at 15:30
I have the `client_secret.json` :) but I guess the issue here is that I won't be able to authorize from the server as I have no access to that command line. I though the process will be following: 1) I will authorize on my local computer 2) I will get some file with my auth information 3) I will store this auth info in the `settings` file 4) I will upload this settings file onto the server 5) No more auth on the server will be required. – mLC Apr 03 '17 at 18:03
Excellent! Have a look at the `settings.yaml`, there is a `save_credentials_file:` field. You can try 1) putting `save_credentials_file: creds.json`, 2) go through the auth process on your local machine, 3) copy everything (including the `creds.json` file - make sure the relative paths don't change) to the remote machine. Haven't tried this, but it should work as you need it to :) – Robin Nabel Apr 03 '17 at 18:51
If it works, let us know, so we can amend / add this option to the answer. – Robin Nabel Apr 03 '17 at 18:53
This is a good explanation. Combined with @wang892's answer and the answers+comments on https://stackoverflow.com/questions/24419188/automating-pydrive-verification-process and https://stackoverflow.com/questions/46978784/pydrive-google-drive-automate-authentication, we have some pretty solid documentation on how to get PyDrive working! This should go into the package docs IMO – avg Jan 24 '18 at 13:15

score 0 · Answer 2 · answered Mar 23 '17 at 11:25

You need to be authenticated to access someone's private drive account. They will have to do this via a web browser the first time once they have granted you access you should just save the the refresh token above. The refresh token will enable you to access their data when ever you need from your server sided script. See: Python Quickstart

If you will only be access a drive account that you personally control then check out service accounts Using OAuth 2.0 for Server to Server Applications

Python: Google Drive Authentification

2 Answers2