Using OAuth 2.0 Framework to Manipulate Files in Google Drive

Let's see why OAuth is important? OAuth is a specification that allows users to delegate access to their data without sharing their username and password with that service. That's cool. But why do you care, as a developer? There's a lot of information and a lot of uses that OAuth provides, that you wouldn't normally get without it, which include things like social graphs of your users, sharing information via your users, things like tweeting and posting to Facebook. You can aggregate user data in order to find interests, etc. about your users.

In our day to day interactions on internet, we come across with lots of websites where we have to create accounts to use the website for our work.  If you use different credentials for different accounts, it becomes worse where you have to remember all your usernames and passwords for each website. In order to address this issue, modern websites make use of the OAuth protocol with the concepts of “Identity Federation” and “Delegated Authorization”. For example, the website you need to create an account may provide the facility to login with an existing account in a different Identity Provider such as Facebook, Twitter or LinkedIn so you don’t need to create a new account and also remember your credentials.

In some cases, the website will ask you to fill out a lengthy form with all your personal details, but it will provide the feature to retrieve these data from your LinkedIn or Facebook account. In such case, you simply login to your Facebook or LinkedIn account and authorize that website to access your personal information. Then the website will retrieve your profile details and fill out the form for you so you do not need to enter all your details when registering the account.

Here,the scenario i have selected doesn't have a login process involved but the user will be asked to authorize the requested actions to be performed. The scenario is to upload a file to the users google drive using simple java application running on your pc and to view the metadata of the files in your google drive. First, let's see how to set up your application.

Step 1 - Creating your project on Google Console.

Here you can provide your application name as the project name. Once you have created the project it should be displayed like below.

Step 2 - Subscribing Google Drive API to your project.
Click enable APIs and Services button
Type "Google Drive" and Search.
Click the Google Drive API and click enable API.

Step 3 - Creating the Credentials.


Select Credentials Tab.

Click Create Credentials.
Select OAuth Client ID to create Credentials and Download the credentials and rename the file as credentials.json

You can change the Consent Screen Setting like Application Name and Logo in this tab. (Optional)

Step 4 - Creating the Java Project

Here, I have created Gradle project. You can include the following dependencies for your gradle.build file.

These dependencies enable the usage of OAuth and Google Services in your application.

Then create a main class including following code.

Next, copy your downloaded credentails.json file to the resource folder inside your project.

** Add a photo.jpg file your project root folder for demonstration purposes. you can change the name or file type in the main method inside the class.

Step 5 - Running the Application

Simply run the main class.
It will start opening the authorization link your default browser.
Select or Enter the google account you wish to use.

Click Allow, this will authorize the application to manipulate files inside your google drive.

Application will receive the verification code through the callback URL.
Finally, the application can finish the rest of the process now that they have received the authorization code. Here, i have hard-coded the files which have to be uploaded. So this photo will be uploaded and then most recent 10 files in your google drive will be shown with metadata info under Files: 

** Once you have run this project correctly, the previously received token will be stored in /token folder, so if you want to go through the entire process again remove the previous stored token and run again.

This is the whole process in which i have utilized the OAuth in an application to upload and view files in Google Drive and you can find the full source code in GitHub .

Comments

Post a Comment

Popular posts from this blog

Introduction to using ExpressJS with MongooseJS and NodeJS - Part 2

Image
This is a continuation of my previous blog on using express on NodeJS and MongooseJS. Please refer to that tutorial before continuing further in this tutorial. Here we gonna continue our previous applications CRUD functionalities, but first we gonna streamline our project by using nodemon package. Intializing Nodemon using following command, npm install nodemon --save-dev Here, Nodemon restarts the server automatically each time you save a file that the server uses. The reason for using it as only as a developing dependency is we only need it in development time. There are many ways to run the application using nodemon, but i will use a much simpler way, Here we gonna define nodemon in run script in package.json Now we need to enter the following command in terminal inorder to run the application, npm run dev So we are back to our main topic CRUD functionalities. We have already created GET-READ capability in previous tutorial. Let's start on POST-CREATE capabi...
Read more

Preventing Cross-Site Request Forgery (CSRF) with Double Submit Token Pattern

Image
This post is a continuation of the previous post  which refers what is Cross Site Request Forgery (CSRF) and how we can prevent this attack using Synchronizer Token Pattern. As I've mentioned in the previous post there are mainly two ways of preventing a CSRF attack. In this post we will discuss how to prevent a CSRF attack using Double Submit Cookie Pattern. To get a basic understanding of how CSRF work please refer the previous post . Double Submit Cookie Pattern If storing the CSRF token in session is problematic, an alternative defense is use of a double submit cookie. A double submit cookie is defined as sending a random value in both a cookie and as a request parameter, with the server verifying if the cookie value and request value match. When a user authenticates to a site, the site should generate a (cryptographically strong) pseudo-random value and set it as a cookie on the user’s machine separate from the session ID. The server does not have to save this va...
Read more