When I follow the Quickstart Tutorial: https://developers.google.com/drive/web/quickstart/quickstart-python
Entering the URL for authentication shows the following error on the website:
Error: disabled_client
The OAuth client was disabled. Request Details
cookie_policy_enforce=false
scope=https://www.googleapis.com/auth/drive
response_type=code
redirect_uri=urn:ietf:wg:oauth:2.0:oob
access_type=offline
client_id=1086226639551-hgv3m4atq7jmsdgie1d5t92qbo8k9b1g.apps.googleusercontent.com
I created id and secret for an "Installed Application" in the developer console:
https://console.developers.google.com/project
And selected "Other" as application type.
Any idea what causes the problem might help.
[EDIT] I just used PyDrive for authentication without problems:
https://github.com/googledrive/PyDrive
So I will settle for PyDrive.
Related
I'm trying to use the O365 pypl python library to receive a new auth token after changing my microsoft password. The authentication flow looks like this:
from O365 import Account
credentials = ('my_client_id', 'my_client_secret')
# the default protocol will be Microsoft Graph
# the default authentication method will be "on behalf of a user"
account = Account(credentials)
if account.authenticate(scopes=['basic', 'message_all']):
print('Authenticated!')
I receive a message saying to visit the following URL to give consent. However, when I paste the URL, I am asked to login to microsoft and then nothing happens i.e. no permissions or consent page appears. My organization recently switched to Single Sign On so I'm wondering if this could potentially be causing the issue or if anyone else has experienced this? I'm new to this and very lost so any help is greatly appreciated! Thanks so much!!
To receive auth token, please check the following:
Register your application at Microsoft Application Registration Portal.
Login to the portal to get the access token.
To consent the application in order to access the resources first get the authorization URL like below:
url = account.connection.get_authorization_url()
Visit the above URL and grant consent for the application.
To perform authentication, create Account instance and authenticate using the authenticate method.
from pyo365 import Account
account = Account(credentials=('client_id', 'client_secret'))
result = account.authenticate(scopes=['basic', 'message_all'])
After requesting a token, app consent screen will appear where you have to give consent.
The user have to provide the result url after consent.
Token will be stored in the default location if all goes as expected.
For more information in detail, please refer below links:
https://github.com/janscas/pyo365#authentication
Question about get_authorization_url · Issue #13 · janscas/pyo365 · GitHub
I'm working on a simple "bot" using the Google Chat API and I'm unable to send a message in a chat group.
In the Google Cloud Console I created a project, enabled the Google Chat API, generated OAuth credentials and in the OAuth consent screen I added this scope:
.../auth/chat
by manually entering:
https://www.googleapis.com/auth/chat
EDIT:
Initially I tried to enter the documentation suggested scope:
https://www.googleapis.com/auth/chat.bot
but it was not accepted and I got and error for an invalid scope from the cloud console interface. Also to double check this, when I tried to put it in a request I got the same error in the browser, so I came up with the working scope simply by trial and error.
Then I downloaded the credentials from the Credentials section:
client_secret_XXXXXXXXXXXX-XXXXXXXXXXXXXXXXXXXXXXXXXX.apps.googleusercontent.com.json
Locally I'm using a Google.py python wrapper around the google python modules, located here:
https://learndataanalysis.org/google-py-file-source-code/
I made a slight change in this file to use console authentication instead of browser:
flow.run_local_server() -> flow.run_console()
My code looks like this:
from Google import Create_Service
CLIENT_SECRET_FILE = 'client_secret_XXXXXXXXXXXX-XXXXXXXXXXXXXXXXXXXXXXXXXX.apps.googleusercontent.com.json'
API_NAME = 'chat'
API_VERSION = 'v1'
SCOPES = ['https://www.googleapis.com/auth/chat']
service = Create_Service(CLIENT_SECRET_FILE, API_NAME, API_VERSION, SCOPES)
text = 'My message'
space = 'spaces/XXXXXXXXXX'
chat_metadata = {
'text': text,
}
service.spaces().messages().create(parent=space, body=chat_metadata).execute()
The Create_Service call guides me through a console authorization, e.g.:
Please visit this URL to authorize this application: https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=...
Enter the authorization code:
After I visit the link, I receive a token, which I enter in the console and I get this Python error:
googleapiclient.errors.HttpError: <HttpError 403 when requesting https://chat.googleapis.com/v1/spaces/XXXXXXX/messages?alt=json returned "Request had insufficient authentication scopes.". Details: "[{'#type': 'type.googleapis.com/google.rpc.ErrorInfo', 'reason': 'ACCESS_TOKEN_SCOPE_INSUFFICIENT', 'domain': 'googleapis.com', 'metadata': {'service': 'chat.googleapis.com', 'method': 'google.chat.v1.ChatService.CreateMessage'}}]">
Apparently I supplied the chat scope with the request and also, as I mentioned, I made sure it is added to the OAuth consent screen. I couldn't find any other chat scopes.
Is there some other step I'm missing or are there any other scopes, which I should use for creating messages?
BTW, because I noticed that in the Google Cloud Console this scope's description is "View and manage chat conversations and user state" and doesn't explicitly mention "creating", I tried other calls like: service.spaces().get(), or service.spaces().members().list(). However I still got the same error.
I should also mention that the same approach works fine with the Google Drive API for creating files, folders, creating permissions, etc.
I appreciate any help with this.
Always check the documentation for the method it will tell you what scope of permissions it needs.
In this case Method: spaces.messages.create needs the following scope.
Which is not the one you are using.
(There are a lot of similar threads here but unfortunately I couldn't find the answer to my error anywhere here or on Goolge)
I'm trying to query a federated table in BigQuery which is pointing to a spreadsheet in Drive.
I've run the following command to create default application credentials for gcloud:
$ gcloud auth application-default login
But this doesn't include Drive into the scope so I'm getting the following error message (which makes sense): Forbidden: 403 Access Denied: BigQuery BigQuery: No OAuth token with Google Drive scope was found.
Then I've tried to auth with explicit Drive scope:
$ gcloud auth application-default login --scopes=https://www.googleapis.com/auth/drive,https://www.googleapis.com/auth/cloud-platform,https://www.googleapis.com/auth/bigquery
After that I'm getting the following error when I try to use bigquery python api:
"Forbidden: 403 Access Denied: BigQuery BigQuery: Access Not Configured. Drive API has not been used in project 764086051850 before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/drive.googleapis.com/overview?project=764086051850 then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry."
The project number above does not exist in our organisation and the provided link leads to a page which says:
The API "drive.googleapis.com" doesn't exist or you don't have permission to access it
Drive API is definitely enabled for the default project, so the error message doesn't make much sense. I can also query the table from the terminal using bq query_string command.
I'm currently out of ideas on how to debug this further, anyone suggestions?
Configuration:
Google Cloud SDK 187.0.0
Python 2.7
google-cloud 0.27.0
google-cloud-bigquery 0.29.0
There might be issues when using the default credentials. However, you can use a service account, save the credentials in a JSON file and add the necessary scopes. I did a quick test and this code worked for me:
from google.cloud import bigquery
from google.oauth2.service_account import Credentials
scopes = (
'https://www.googleapis.com/auth/bigquery',
'https://www.googleapis.com/auth/cloud-platform',
'https://www.googleapis.com/auth/drive'
)
credentials = Credentials.from_service_account_file('/path/to/credentials.json')
credentials = credentials.with_scopes(scopes)
client = bigquery.Client(credentials=credentials)
query = "SELECT * FROM dataset.federated_table LIMIT 5"
query_job = client.query(query)
rows = query_job.result()
for row in rows: print(row)
If you get a 404 not found error is because you need to share the spreadsheet with the service account (view permission)
According to the new Google Apps Marketplace documentation, in order to get the status of a user license, it should be enough to make a simple GET request to https://www.googleapis.com/appsmarket/v2/userLicense/{applicationId}/{userId}?key={ApiKey} where applicationId is a number, userId an email and ApiKey a string taken directly from the Google Cloud Console under APIs -> {App name} -> Server Key -> Api Key. I have also enabled the Google Apps Marketplace API in Google Cloud Console.
However, I always get the following error message:
{"error":
{"errors":[{"domain":"global","reason":"authError","message":"Invalid OAuth header","locationType":"header","location":"Authorization"}],
"code":401,"message":"Invalid OAuth header"}}
Can you help me?
EDIT: Following Arun Nagarajan's suggestion, I tried using a scope, but it still does not work. Here is my code (in Python on Google Appengine):
credentials = oauth2client.appengine.AppAssertionCredentials(scope='https://www.googleapis.com/auth/appsmarketplace.license')
http = credentials.authorize(http=httplib2.Http())
client = apiclient.discovery.build('appsmarket', 'v2', http=http, developerKey='XXXXXXXX')
entry = client.userLicense().get(applicationId='123456', userId='some_user#email.com').execute()
You have to use OAuth 2 with the https://www.googleapis.com/auth/appsmarketplace.license scope.
You cannot just get the license with just the server key.
Apologies for the basic question. I am a user of django-social-auth but can't get python-social-auth off the ground.
I have downloaded the example app, successfully sync'ed the db, and added my working facebook, linkedin and twitter app keys to settings. When I run the app I get the sample homepage with all the social media links.
When click facebook OAuth2 I get an http error: 400 Client Error: Bad Request. Implying that url callback into my server to (/complete/facebook/) is badly formed.
When I click LinkedIn or Twitter I get http error: 401 Client Error: Unauthorized.
Have I missed a bit of the config? Has anyone got the example app working out of the box?
Thanks - Guy.
Did you set your secret and key for LinkedIn and Twitter in your settings.py?
Once that is done you may have to set the redirect urls with those providers.
I tested with google and had to fix my Google API Access settings.
I changed redirect urls to http://localhost:8000/complete/google-oauth2/
UPDATE:
I am having issues with LinkedIn on oauth1 & 2. There doesnt appear to be a way to get the required API key into the request. I have attempted to hard code in the oauth1_auth.py of requests_oauthlib but with no success yet.
UPDATE 2:
Twitter worked for me by making sure my twitter developer application settings had "Allow this application to Sign in with Twitter" checked and my consumer key and secret set in my settings.py like so:
# TWITTER
#
SOCIAL_AUTH_TWITTER_KEY = '<...>'
SOCIAL_AUTH_TWITTER_SECRET = '<.....>'