Uploading files to google drive via API - specifically using user entered credentials

Question

I have written a tool that uploads images, as part of a wider process, to sites such as imgur and imgbb. Users of my tool create their own account on these image hosting platforms and enter an API key into my application to enable this. My tool generates images, pushes them to the image host and captures the resulting URL somewhere.

I would like to do the same for google drive. My tool is written in Java.

However I am struggling to understand the credentials options. I'm looking for the simplest approach where a user can generate some 'credentials' within their google drive account and enter them into a UI of my tool, which would enable it to upload images files to their google drive.

This API call here https://developers.google.com/drive/api/guides/manage-uploads looks pretty simple to upload a single file, but it leaves out any mention of authentication/authorization.

Can someone provide any insights or point to an example of how a not-particularly-technical-user can supply credentials to my tool to allow it to upload?

Thanks.

Answer 1

Can someone provide any insights or point to an example of how a not-particularly-technical-user can supply credentials to my tool to allow it to upload?

Answer: There are none.

Your going to have to go though the route of using Oauth2, and requesting authorization of the user to access the their data. You will need to make your own project on google developer console, registering your application and applying for verification.

Note: with google api keys only grant access to public data not private user data, and they can not be shared in the manner you are using with these other services.

To be clear you are NOT going to be able to do what you are currently doing with these other services. It is against googles TOS to share a client id and client secret with anyone. So you are not going to be able to ask these users to create their own project on google developer console and have it verified. This is something you the developer will need to do.

I recommend following the official google drive QuickStart for java to start with so that you understand how authorization works. This is however a sample for an installed application this sample will only work if your users are running this code from their machine, not if it is a web application.

   /**
   * Creates an authorized Credential object.
   *
   * @param HTTP_TRANSPORT The network HTTP Transport.
   * @return An authorized Credential object.
   * @throws IOException If the credentials.json file cannot be found.
   */
  private static Credential getCredentials(final NetHttpTransport HTTP_TRANSPORT)
      throws IOException {
    // Load client secrets.
    InputStream in = DriveQuickstart.class.getResourceAsStream(CREDENTIALS_FILE_PATH);
    if (in == null) {
      throw new FileNotFoundException("Resource not found: " + CREDENTIALS_FILE_PATH);
    }
    GoogleClientSecrets clientSecrets =
        GoogleClientSecrets.load(JSON_FACTORY, new InputStreamReader(in));

    // Build flow and trigger user authorization request.
    GoogleAuthorizationCodeFlow flow = new GoogleAuthorizationCodeFlow.Builder(
        HTTP_TRANSPORT, JSON_FACTORY, clientSecrets, SCOPES)
        .setDataStoreFactory(new FileDataStoreFactory(new java.io.File(TOKENS_DIRECTORY_PATH)))
        .setAccessType("offline")
        .build();
    LocalServerReceiver receiver = new LocalServerReceiver.Builder().setPort(8888).build();
    Credential credential = new AuthorizationCodeInstalledApp(flow, receiver).authorize("user");
    //returns an authorized Credential object.
    return credential;
  }