Accessing google one drive on website server side

[EricBeaudoin]

-2down votefavorite

 

I am trying to connect to google one drive on my website using php to upload submitted form information.

Client side: User fills form, submits form, goes to success page.

Website side: receives data, connects to one drive account using a predetermined user account, information is uploaded, user is redirected.

I am trying to avoid the client being asked to sign in, or do be able to have any access to the google docs files or user.

how would I do this? I saw a way to do it using Zend GData but from what I could tell you need to have access to a console. My host does not allow me to install anything.

I have tried to connect using some api code, but the requests were done through url to connect the user to one drive with their google account.

I have looked into this for the last 5 hours and just keep coming back confused. Could use some help because there is too much information for me to get a good footing on what I need to do.

 

Some one linked me to http://hublog.hubmed.org/archives/001954.html but I am confused if the one time varification is of each web client, or if its of the owner of the one drive account who is allowing others to edit his file. So as a web admin i can varify, but no one else will know they are submiting there form to php and then to google drive file?

[requinix]

Nothing quite says "farming for answers" like copying and pasting a question from another site and not noticing it includes some of their markup.

 

As far as I know, Google does not provide you a way to collect someone's Google account information and log into the services on their behalf. You need to use OAuth by, yes, redirecting the user to Google to approve of whatever permissions you need to do whatever actions you want. It can be a one-time action if you need access more than once, though it doesn't sound like you need that.

[EricBeaudoin]

Hello, thanks for your reply. I am not sure what you mean by farming for answer, but I figured if I copy my post here perhaps I would reach people who would not other wise see it. I did not notice the copying method I used (selecting body text) was going to add extra stuff to it. Sorry bout that.

 

Im not trying to collect any ones information though, I actually went the website to sign into my personal google account, to send information to another google account. It would be like having the web server log in, stay logged in. When any one sends form data the server uses that email to send the information. Nothing really to do with the client, besides the fact that they fill a form they want to submit.

 

Was hoping that the web server could be seen as a 'client' server -> server.

 

I don't want them to sign into any account personally, I dont need any of their information and I also dont want them to be connected to any of the google docs as they are supposed to be private files because they will be hosting a spreadsheet of peoples contact info.

 

does there seem to be a way for me to do this?

[requinix]

Im not trying to collect any ones information though, I actually went the website to sign into my personal google account, to send information to another google account.

Which is another way of saying "I want the server to collect information from my Google account so it can put that information in another Google account". Either way you're trying to impersonate a user, and that's a no-no.

 

It actually used to be a thing a while back, but they discontinued that method around... June 2014 I think? I remember that because it broke an application we were using at work and nobody knew it was coming (despite being deprecated for at least a couple years).

 

It would be like having the web server log in, stay logged in. When any one sends form data the server uses that email to send the information. Nothing really to do with the client, besides the fact that they fill a form they want to submit.

Having the web server log in... with someone else's account. The client (user) wills in a form... containing their Google credentials.

 

Was hoping that the web server could be seen as a 'client' server -> server.

It's not an issue of being a server/client thing. It's a question of who is able to authenticate using whose account, and the answer is "only the person who owns the account".

 

 

 

All that said, it's possible I'm misunderstanding what you're trying to do. But whatever it is, if you need to get to something in someone's Google account then you must use the OAuth process for it.

[EricBeaudoin]

Thank you for shedding some light on this situation. I think you understood my question well, thanks.

[EricBeaudoin]

I may be able to compromise and use google api so they are asked to log in. but I am concerned that they can access the file, apart from what the php code is doing. Like downloading the file, or injecting there own information or even becoming a collaborator. The file needs to be private as it is a list of peoples contact information.

 

But from what you are saying, it sounds like a web server is not a loud to sign into an account even if it is the web server owners account. Which is a major bummer

[requinix]

I may be able to compromise and use google api so they are asked to log in. but I am concerned that they can access the file, apart from what the php code is doing. Like downloading the file, or injecting there own information or even becoming a collaborator. The file needs to be private as it is a list of peoples contact information.

If it needs to be private then why are you hosting the content in Google? You have a web server, possibly even a database too, so that's where it should be managed.

 

But from what you are saying, it sounds like a web server is not a loud to sign into an account even if it is the web server owners account. Which is a major bummer

Almost. What I'm saying is that the server cannot log into someone else's Google account. I don't think there would be a problem if the server did stuff on behalf of the owner's own Google account, but that doesn't necessarily mean there's an actual method you can use in code to login in with an email address and password.

 

If you want the server to use your account then I suggest taking the OAuth approach too, then storing the tokens in a special "these are the owner's tokens" area (so they are not confused with those of a regular user). You'd only have to sign in once.

[EricBeaudoin]

 

 

If you want the server to use your account then I suggest taking the OAuth approach too, then storing the tokens in a special "these are the owner's tokens" area (so they are not confused with those of a regular user). You'd only have to sign in once. 

 

Nice, so then I would have to connect once with the web server admin google account (my personal account) to the google one drive account (my super admins account). Store this in a db and use the tokens to keep doing what is needed. When it asks me the first time it would be in the web browser?

 

Now for any other person randomly out in the world who connects to the site and uses the form script I create, they wouldnt have to log into my account (or any account), because I already did the one time login and the server now uses my emails saved credentials.

 

If that is the case, then that is what I need. This way the client never knows that the server is using my google account to edit a google one drive doc of another email. 

 

To do all this can it be done in a .php file?

 

Could you give me any / all links I would need to look at to get this going?

I saw so many docs and got confused fast.

 

Really sorry about my lack of knowledge in the subject, I did a lot of searching and still did not wrap my head around this.

[requinix]

Nice, so then I would have to connect once with the web server admin google account (my personal account) to the google one drive account (my super admins account).

I didn't follow that. You do OAuth using your personal account, you allow Google to grant your application access to the Drive data, then the server gets a token which it can use to do stuff with Drive.

 

Store this in a db and use the tokens to keep doing what is needed. When it asks me the first time it would be in the web browser?

Yes, but you're getting to a place where you need to start learning about how OAuth works.

 

In your application (using your browser) you do some specific action which initiates the OAuth process. After being redirected to Google and back to the server, it will have a token that is good for some period of time (which IIRC can be extended programmatically as needed). That token goes into a special place because it's a token for your account - not just some regular user's.

 

Now for any other person randomly out in the world who connects to the site and uses the form script I create, they wouldnt have to log into my account (or any account), because I already did the one time login and the server now uses my emails saved credentials.

Right.

 

If that is the case, then that is what I need. This way the client never knows that the server is using my google account to edit a google one drive doc of another email.

I reiterate my point about you not storing stuff in Drive this way.

 

To do all this can it be done in a .php file?

Yes. More than one, but using PHP code.

 

Could you give me any / all links I would need to look at to get this going?

I saw so many docs and got confused fast.

Uh... Google? "google oauth" should take you exactly where you need to go. You may need to specifically learn about OAuth itself - how it works and such - for Google's docs to make enough sense.

 

Really sorry about my lack of knowledge in the subject, I did a lot of searching and still did not wrap my head around this.

It should be easier now that you know what you need to look for; if searching for how to log into Google programmatically found any results, they'd all be old and useless by now.