0

I want to create a Python script that can do some really basic things (add/remove files in a shared google drive) The script will be running on remote PCs so anything involving web authentication is off the table

I read online that using a service account was the way to go, so I did the following:

  • Created a project

  • Enabled the Google Drive API for the project

  • Created a service account for the project (left "Grant this service account access to project", couldn't figure out what, if anything, I should put here)

  • Created a key for the service account, downloaded it and tried to use it the following way:

     service_account_info = json.load(open('service_account.json'))
 SCOPES = ['https://www.googleapis.com/auth/drive.metadata.readonly&#39',
           "https://www.googleapis.com/auth/drive.file",
           "https://www.googleapis.com/auth/drive"]

 creds = service_account.Credentials.from_service_account_info(service_account_info, scopes=SCOPES)

 service = build('drive', 'v3', credentials=creds)

 results = service.files().list(pageSize=10, fields="nextPageToken, files(id, name)").execute()
 items = results.get('files', [])

Which results in an exception after my "results" line executes:

google.auth.exceptions.RefreshError: ('No access token in response.', {'id_token': '[longtoken'})

I saw something that hinted I needed to use the "OAuth 2.0 Playground" where I tick off "Use your own Oauth credentials", specify the ClientID and ClientSecret and authorize the Google Drive APIs but when I try to do that I Just get "Error 400: redirect_uri_mismatch" (and I'm not sure if resolving this will actually get me anywhere)

Is there a viable way of doing what I want to do?

Adam Vengroff
  • 45
  • 1
  • 6
  • 1
    A quick search showed many similar questions, have you tried this?https://stackoverflow.com/a/28322123/8363401 – Danish Hasan Nov 17 '20 at 18:38
  • In your question, you say `Created a key for the service account, downloaded it and tried to use it the following way:`. But the script is trying to retrieve the file list instead of the download of file. Can I ask you about the detail of your goal? If I misunderstood your question, I apologize. – Tanaike Nov 17 '20 at 22:25
  • Sorry, retrieving a file list was just a proof-of-concept to show that I could do _something_ with service – Adam Vengroff Nov 18 '20 at 01:09
  • For installed applications, please read the [OAuth 2.0 protocol](https://developers.google.com/identity/protocols/oauth2) and the sub section [Installed Aplications](https://developers.google.com/identity/protocols/oauth2#installed) – Aerials Nov 18 '20 at 08:29
  • 1
    @AdamVengroff were you successful in achieving what you wanted? – Aerials Nov 24 '20 at 16:03
  • No I gave up and went with an alternate route. It looks like a service account can do what I want to do but I wasn't able to find a simple solution – Adam Vengroff Nov 24 '20 at 19:17

1 Answers1

0

You're missing these steps:

  1. Setting up Oauth consent
  2. Create OAuth Client ID Credentials for a Desktop App using the OAuth Consent
  3. Tunnel a remote port from your server to your local Machine

Service account is possible but it is also possible to authenticate on a remote machine -see here

4th_haim_sister
  • 21
  • 1