I wish to run a simple process on my server/laptop that will upload files to my google drive on a daily basis, once a day. I don't wish to share this, allow other users to use it etc.
All examples I find seem to involve browsing to an address to gain permission from the user (me) and then getting an auth code etc and proceding
ref: Java quickstart
Is there a way/example to do this without need of a browser, getting permission getting unique auth code each time as I only want to do this for my account?
Can I use a bash script with CURL commands rather than having to use Java?
Yes. See How do I authorise an app (web or installed) without user intervention? (canonical ?)
Yes. It becomes a complicated script if your file is large and you are doing resumable uploads, but for small files it's perfectly feasible. You'll need to play around a bit to get the correct encoding, multipart mime body, mime type and content size, but it's all eminently doable. You'll start by calling Google's auth api with your stored refresh token to get an access token. Then you'll set that access token into an Authorization bearer header as part of your content upload call.
Related
We are developing a Java application that is supposed to show models from users store.
initially, I'm trying to allow users to login using their autodesk account, and check if they are entitled to access my app.
I couldn't find any good example to show how it is done, I just want to confirm that what I will be doing is the recommended thing or if there is better options.
First, on app start, I will show an embedded webbrowser that will open
"https://developer.api.autodesk.com/authentication/v1/authorize?response_type=code&client_id=XXX&redirect_uri=XXX&scope=XXX"
the app will get the url from our server (so not saved locally) and the call back is pointing to an api on our server. then as user login and consent, will get the code from the url, close the login dialog and continue to get the bearer token using plain rest apis to /authentication/v1/gettoken.
As I said, not 100% sure if this is approved way or not or even if it is doable or not. so thought to check before we implement it.
After that I will just use rest apis to browse and get the model.
any thoughts or complains ?
Thanks in advance
Rest assured that the workflow being proposed here is actually orthodoxical and well “approved” by our official tutorials:
https://forge.autodesk.com/en/docs/oauth/v2/tutorials/get-3-legged-token/
http://learnforge.autodesk.io/#/oauth/3legged/
Unfortunaly the code sample for that bit is in node and we are still working on a Java equilvalent
Some of our endpoints require 3-legged oauth to access personal data - see here for an example and you can always refer to the authentication context section of each endpoint for the oauth flow required.
I am able to access resources from Microsoft Graph using Get access without user. However, this method does not allow me to access resources which require delegated permissions.
I also tried to use the Get access on behalf of a user method, but it will require my user to sign in through a webpage, which is not desired in my scenario.
Is it possible to generate an authorization code with a long life time (possibly over a year) and use that code to request an access token, which can then be used to get resources that require delegated permissions?
Note: I know generating an authorization code with such a long life time is not a good idea, but this code will be used by the back-end program to access resources and not the user. So I do not want the user sign in page to pop up. Looking to implement this in Java.
Thanks!
In order to use delegated permission, the end user needs to sign in interactively through an OAuth2.0 flow.
Now, you can use a user's creds with the Resource Owner Credentials Flow which is simply posting the username/password to Azure AD and getting tokens back. This path is not recommended as it's brittle (For example, MFA will not work) and requires your app to manage the user's credentials.
Your best bet is to create some kind of sign in experience for your users that allows them to sign in and consent to your application. Refresh tokens in Azure AD have a lifetime of until-revoked meaning they can last as long as a year if not longer. The bottleneck you'll hit is the end user's password expiring which would lead them to need to sign in again.
For some help with this, Azure AD has an ADAL4j library you can use. I've also written a small Spring MVC Java code sample for the Azure AD v2.0 endpoint (Microsoft Accounts + Azure AD Accounts) that uses a 3rd party library.
I am trying to create a purely command line based dropbox client for myself. How do I get the authorization code for the token without opening the browser. How do I use the Google OAuth API for Java to achieve this?
Dropbox doesn't offer a way to get an access token without using the browser. The user (in this case, you) needs to go to Dropbox to authorize the app, but this only needs to be done once.
I recommend using the Dropbox Java Core SDK:
https://www.dropbox.com/developers/core/sdks/java
The tutorial here shows you how to do this with a command line app:
https://www.dropbox.com/developers/core/start/java
Or, even simpler, since this is only for your own account, you can generate an access token for your account for an app you own using the "Generate" access token button on the app's page on the App Console:
https://www.dropbox.com/developers/apps
I am trying to create an application (in java) to monitor files in Dropbox (File added, File deleted, File modified... etc). I can get my application to generate a https url using the DropboxAPI. The problem is that I have to manually copy and paste the url into a browser, log in on that browser and hit allow. Once they do this once I can easily store the information so they do not have to redo this process. Unfortunately the program does not stay running up and is frequently restarted.
My hope is that it is possible to get past this step since I will have access to the users Dropbox password and username already in the application.
Any suggestions?
When you say "easily store this information", what information are you storing and where are you storing it?
Once you finish the OAuth flow, save the access token somewhere persistent (like to a file or to a database). That way, if your program gets restarted you just load the access token and use that without re-doing the OAuth flow.
In the official Dropbox Java SDK, load your saved access token and then call setAccessTokenPair.
I have written a simple program to upload files to dropbox server, for backup purpose.
If you are looking for an implementation . You may check out the code via https://github.com/Jintian/dropbox.
I have a Flex/Java application on Google App Engine and all I want is to load large images from Google Cloud Storage using URLRequest in Flex. I'm sure this is simple but I can't get it to work. I will manually upload the images using the Google APIs Console so I don't need to write anything from the App. The images can not be public.
I'm not 100% sure how to access the file so this may be the problem. I tried these:
"/gs/mybucket/myimage.jpg" : not found
"/mybucket/myimage.jpg" : not found
"http://commondatastorage.googleapis.com/mybucket/myimage.jpg" : denied
I added myappid#appspot.gserviceaccount.com in the Team tab in Google APIs Console with Can View permission and I used GSUtil to get and set ACLs on both mybucket and myimage.jpg to add a READ permission for myappid#appspot.gserviceaccount.com but that didn't help.
What am I doing wrong?
I'm not really sure how flex works or how it is trying to access the blobs.
However, if you want to respond to a http request with the content of a Google Storage object then you can use the serve method.
https://developers.google.com/appengine/docs/java/blobstore/overview#Serving_a_Blob
Are you authorizing the URLRequest call with an OAuth token? If not, then even though the request is initiated from an app engine app, it'll look to Google Cloud Storage like an unauthenticated, public read. I don't know if flex has a trace option but if there's a way to examine the request details, I'd check to see if you're setting up the proper authentication.
If it turns out to be too difficult to get flex to play nicely with OAuth, you could also use signed URLs (a.k.a. query string authenticated URLs). This gives you the ability to create a URL with a special signature that implicitly conveys your authorization but only people with that link can access the object. The object's ACL can be be set to disallow public access but your signed URLs will be able to read the object. You can also time limit a signed URLs, if you like. Here's the documentation on how to use this technique.