Google Drive API - We're sorry...... but your computer or network may be sending automated queries

Question

We have a Google Drive Oauth2 App integration. We are using Google Drive API export and get endpoints in order to read data from our customers within their Google Drive Folder. Our app was published by the Google Oauth Verification Team, but we are unable to read files that are not(csv, xls, xlsx) a Google Docs file.

This is an API request sample:

URL:

"https://www.googleapis.com/drive/v3/files/1874uz4MTNer4IszgWG_3pH6VEH2AWJPd?alt=media&access_token=ACCESS_TOKEN"

Response:

"<html><head><meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\"/><title>Sorry...</title><style> body { font-family: verdana, arial, sans-serif; background-color: #fff; color: #000; }</style></head><body><div><table><tr><td><b><font face=sans-serif size=10><font color=#4285f4>G</font><font color=#ea4335>o</font><font color=#fbbc05>o</font><font color=#4285f4>g</font><font color=#34a853>l</font><font color=#ea4335>e</font></font></b></td><td style=\"text-align: left; vertical-align: bottom; padding-bottom: 15px; width: 50%\"><div style=\"border-bottom: 1px solid #dfdfdf;\">Sorry...</div></td></tr></table></div><div style=\"margin-left: 4em;\"><h1>We're sorry...</h1><p>... but your computer or network may be sending automated queries. To protect our users, we can't process your request right now.</p></div><div style=\"margin-left: 4em;\">See <a href=\"https://support.google.com/websearch/answer/86640\">Google Help</a> for more information.<br/><br/></div><div style=\"text-align: center; border-top: 1px solid #dfdfdf;\"><a href=\"https://www.google.com\">Google Home</a></div></body></html>"

This same kind of request was working fine until Feb 7, 2020.

Using the export endpoint that exports the Google Doc file, works fine.

In the first moment, we found this link describing some changes: https://support.google.com/cloud/answer/9110914 We applied for Oauth Verification, we have passed but we still see the same issue, even if we redo the Oauth2 authentication flow generating new Access/Refresh Token. We already tried to reach out to Google about this on Both Issue Tracker and Oauth Team but both couldn't help. We do not have any kind of malware, VPN on the production server, or anything like that we could find in some related questions.

How to solve this problem?

Answer 1

In unity lets add request.SetRequestHeader("Authorization", "<API_token>"); over request.SendWebRequest();

Answer 2

In my case that error was due to me requesting the same file over 100 times in less than an hour on the same network. So it obviously looked suspicious. After some time, the problem resolved itself.

Also if you're just downloading files you can use your API key as a parameter without having to attach the access token in the header. Like so:

https://www.googleapis.com/drive/v3/files/fileID?key=apiKey&alt=media

Answer 3

I have to remove param access_token from the URL:

ls_URL  = "https://www.googleapis.com/drive/v2/files?access_token=" + fnf_GoogleAuth_GetAccessToken()

and set Header:

ln_http.SetRequestHeader("Authorization", "Bearer access_token_value")

and it's works!!

Answer 4

We managed to make it work again. We've found this: https://cloud.google.com/blog/products/application-development/upcoming-changes-to-the-google-drive-api-and-google-picker-api

Google didn't update their Drive API document, so we didn't know about this change.

Basically we have to switch from the access_token URL parameter to the Authorization Header. This is, to authenticate the API you should use the Header like this:

"Authorization" : "Bearer ACCESS_TOKEN"

This worked for us.

Thank you everyone for the help.

Answer 5

We're having the same problem and after some testing, we've found Google appears to be checking more thoroughly the origin of the tokens.

According to https://developers.google.com/drive/api/v3/about-auth

5. If the user approves, then Google gives your application a short-lived access token.
6. Your application requests user data, attaching the access token to the request.
7. If Google determines that your request and the token are valid, it returns the requested data.

We're using a JS file picker and after receiving the object data, when we attempted to $.get it, the file was downloaded correctly but that same URL anywhere else was returning an error.

UPDATE

We got it working again with https://developers.google.com/drive/api/v3/manage-downloads:

To download a file stored on Google Drive, use the files.get method with the ID of the file to download and the alt=media URL parameter. The alt=media URL parameter tells the server that a download of content is being requested.