Download file from Google Picker API in rails

雨燕双飞 提交于 2019-12-02 02:33:49

You'll need to send headers with the GET request:

Authorization: Bearer [token]

Where token is gapi.auth.getToken().access_token

and gapi is defined at: gapi.load('auth', {'callback': onAuthApiLoad});

Here's what I did:

Got the file id of the file I need to download from Picker API, then passed this file id to google client api to get the direct download url of the document:

    gapi.client.request({
        'path': '/drive/v2/files/'+file_id
        'method': 'GET'
        callback: function (responsejs, responsetxt){
            var downloadUrl = responsejs.downloadUrl;
        }
    });

After getting this direct download url, I then used the "open-uri" in rails to download and save the file on my server.

I figured out another way to do this. We have to treat this as two seperate authentication.

Before the client opens up the file picker, we can have the server issue an authentication url for a file.read scope to the user.

After the user picked and chose the file, the client sends the file_id to the server and have it stored in the DB with the state as the key.

The client then opens the file.read scoped url to get authenticated a second time, which may show a Accept/Deny button, or a silent popup if the scope was already granted.

This will get the authorization code back to the server. The server can then use the scope and the authentication code (which turns into a request token) to read the file.

This particular scenario involves both the user-agent-based application and the web application client profile. So, rather than a standard 3 legged authentication, this is more like two completely seperate authentication flow. One of which is implicit (2-legged), and the other is 3 legged (auth-code). This kind of mixed-together interaction is not what oauth2.0 specifically designed for ... Hence why this was not documented...

In other word, each authentication flow can authorize one and only one "client", and by "client" we are referring to application making requests on behalf of the resource owner, which is the JS filepicker and the Server here.

Source: https://tools.ietf.org/html/rfc6749 - page 14 (client profiles)

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!