I have uploaded some test files to my google drive using their website and my gmail account (x#gmail.com). The files are in "My Drive" and not shared drive. I am then trying to write a google drive java api and oauth authorization code flow based program to transfer the ownership of these files to my another gmail account(y#gmail.com). i.e both the accounts belong to #gmail.com.
I am logged in to my application using x#gmail.com using authorization code workflow and my app is trying to access Google APIs with my access token. I am able to create a new permission on test files to make y#gmail.com a "writer" of the file. But when I try to make "y" an owner, I get error message. This is despite of x being the owner and being the one whose access token is used.
How do I transfer the ownership to another account?
Message changePerms(#PathVariable(name = "fileId") String fileId, #PathVariable(name = "userEmail") String newOwnerEmail) throws Exception {
Drive drive = new Drive.Builder(HTTP_TRANSPORT, JSON_FACTORY, getOauthCredentials())
.setApplicationName("my-app").build();
Permission newOwnerPermission = new Permission();
newOwnerPermission.setEmailAddress(newOwnerEmail);
newOwnerPermission.setType("user");
newOwnerPermission.setRole("owner"); // Works if this is "writer" so my credentials and auth is working
drive.permissions().create(fileId,newOwnerPermission).setTransferOwnership(true).execute();
}
Error :
POST https://www.googleapis.com/drive/v3/files/19wvNc4TmXhODJa7Iy3Qq97UAD8fJrVg/permissions?transferOwnership=true
{
"code": 400,
"errors": [
{
"domain": "global",
"message": "Bad Request. User message: \"You can't change the owner of this item.\"",
"reason": "invalidSharingRequest"
}
],
I think you can't transfer ownership files if they have been uploaded to your Drive. There was a mention of this on the help page, but that one line was removed earlier this year (though I can't say I know why as it appears that nothing has changed).
The current version of the help page is here, but as you can see using the Wayback Machine that only one month ago the following line was still present:
You can only transfer ownership of Google files and folders.
So I would say that this is probably the reason.
Related
I am trying to get posts of specific Facebook brand page using following curl command
https://graph.facebook.com/v2.10/me/photos?access_token=xxx
Getting following error
{
"error": {
"message": "An active access token must be used to query information about the current user.",
"type": "OAuthException",
"code": 2500,
"fbtrace_id": "DH1T17dMqR+"
}
}
I have used following curl command to get active access token https://graph.facebook.com/oauth/access_token?type=client_cred&client_id=XXX&client_secret=YYY
Facebook app have been created by page admin and client ID & client secret used to get app access token.
Earlier we are using page-id instead of "me" identifier to get the post using above curl and it was working fine for specific facebook account.
Where page-id is id of specific facebook page whose post you want to get.
Now, same configuration is not working for other page.
The page is most likely restricted by age or location, so you have to use a User Token or Page Token for /page-id/photos.
More information about Tokens:
http://www.devils-heaven.com/facebook-access-tokens/
https://developers.facebook.com/docs/facebook-login/access-tokens/
I'm having trouble with my Java program using the AWS SDK to interact with an S3 bucket.
This is the code I use to create an S3 client:
public S3StorageManager(S3Config config) throws StorageException {
BasicAWSCredentials credentials = new BasicAWSCredentials(myAccessKey(), mySecretKey());
AWSStaticCredentialsProvider provider = new AWSStaticCredentialsProvider(credentials);
this.s3Client = AmazonS3ClientBuilder
.standard()
.withCredentials(provider)
.withRegion(myRegion)
.build();
When I try to download a file, before starting the download I check wether the file exists or not with:
s3Client.doesObjectExists(bucketName, objectName);
This is where I get 403: FORBIDDEN.
The weird thing is this problem is raised only when I try to perform an object existence check before performing uploads in the same session.
In other words, after initializing the s3Client:
- if I first try to check if an object exists, it raises the FORBIDDEN problem;
- if I first perform file upload, it works fine and after that any object existence check works fine as well;
Here is my stacktrace:
com.amazonaws.services.s3.model.AmazonS3Exception: Forbidden (Service: Amazon S3; Status Code: 403; Error Code: 403 Forbidden; Reques
t ID: A23BB805491E411F)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleErrorResponse(AmazonHttpClient.java:1588) ~[aws-java-sdk-core-1.
11.128.jar:?]
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1258) ~[aws-java-sdk-core-1.11
.128.jar:?]
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:1030) ~[aws-java-sdk-core-1.11.128
.jar:?]
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:742) ~[aws-java-sdk-core-1.11.128.jar:
?]
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:716) ~[aws-java-sdk-core-1.11.1
28.jar:?]
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:699) ~[aws-java-sdk-core-1.11.128.jar:?]
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$500(AmazonHttpClient.java:667) ~[aws-java-sdk-core-1.11.128.jar
:?]
at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:649) ~[aws-java-sdk-core-1.1
1.128.jar:?]
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:513) ~[aws-java-sdk-core-1.11.128.jar:?]
at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:4169) ~[aws-java-sdk-s3-1.11.128.jar:?]
at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:4116) ~[aws-java-sdk-s3-1.11.128.jar:?]
at com.amazonaws.services.s3.AmazonS3Client.getObjectMetadata(AmazonS3Client.java:1237) ~[aws-java-sdk-s3-1.11.128.jar:?]
at com.amazonaws.services.s3.AmazonS3Client.getObjectMetadata(AmazonS3Client.java:1213) ~[aws-java-sdk-s3-1.11.128.jar:?]
at com.amazonaws.services.s3.AmazonS3Client.doesObjectExist(AmazonS3Client.java:1272) ~[aws-java-sdk-s3-1.11.128.jar:?]
Another weird thing is that all these problems started when I moved my Java program an EC2 remote machine.
If I execute it on my local machine, the S3 interaction works fine.
However I don't think the problem depends on the IAM roles, since I use the AWSStaticCredentialsProvider.
Your credentials may be correct, but you will still get FORBIDDEN if you do not set the correct IAM polices. To check for objects in s3 you need the following:
{
"Version":"2012-10-17",
"Statement":[
{
"Effect":"Allow",
"Action":[
"s3:ListBucket"
],
"Resource":["arn:aws:s3:::examplebucket"]
},
{
"Effect":"Allow",
"Action":[
"s3:GetObject"
],
"Resource":["arn:aws:s3:::examplebucket/*"]
}
]
}
Make sure the date time is set correctly on the machine you are making the request from, otherwise you will get a 403.
You need an action "ListBucket" for your bucket but not for the file in your bucket like:
{
"Action": [
"s3:ListBucket"
],
"Resource": "arn:aws:s3:::bucketName",
"Effect": "Allow"
}
I really look like an IAM policy issue.
What is your user's policies on your local machine vs what is your IAM role with which policy(ies)?
For your EC2 instance, when you create it, create a role with "AmazonS3FullAccess" policy, if it solves the problem you'll remove the useless rights.
I am new to the Facebook API. What I am trying to do without success is from my laptop create a new access token for myself through the Facebook API.
Below is the URL I am using to create this new access token:
String url = "
https://graph.facebook.com/oauth/authorize?client_id=##########&client_secret=##########&redirect_uri=http%3A%2F%2Fintelligentretrieval.com"
When I use my client id and then the client_secret (I assume this is the client password) then I get an error
{
"error": {
"message": "Missing redirect_uri parameter.",
"type": "OAuthException",
"code": 191
}
}
What exactly is the problem with this and the reason for the error?
Facebook requires a redirect_uri so I decided to dot it to my company site home page.(I figure this isn't the best place to redirect it but where should I redirect this?)
I want to redirect the result (generated access token) to my laptop from where I am making this URL request.
What exactly is the problem with this?
Is this possible with a browser like Chrome?
Is this possible using java?
Also is it possible to extend the access token expiration to 60 days with this url?
Please let me know if there is any confusion with any part of this post or if the answer can be found elsewhere.
I made some apps, which using fb graph to get the facebook page feed like
https://graph.facebook.com/Troll.Football/photos/uploaded
Using this URL i get all the facebook photos link, and later i downloaded that.
But last week or more exactly after 1st may facebook start to protect this feed using a acess key, they saying
{
"error": {
"message": "An access token is required to request this resource.",
"type": "OAuthException",
"code": 104
}
}
I can generate a access token using one of my fb app from user,
but how i use this acess token with my URL.
I mean what will be the new url to access the page photos.
The new url will be the same url with the the access token appended as a parameter
https://graph.facebook.com/Troll.Football/photos/uploaded?access_token=YOUR_ACCESS_TOKEN
I'm trying to write an AppEngine app that writes a Google Document to Google Drive, puts in a specific set of folders and sets access rights. I have this working with the old DocsList API but since that just got deprecated I decided to update my code (and I had some additional functions to add anyway).
Problem I'm facing is this: When I use a service account and try to impersonate a specific user I get a 403 with usageLimits even though I have not used up any of my quota.
Here is the code I'm using:
GoogleCredential credentials = new GoogleCredential.Builder()
.setTransport(HTTP_TRANSPORT)
.setJsonFactory(JSON_FACTORY)
.setServiceAccountId("xxxxxxxxxxgserviceaccount.com")
.setServiceAccountScopes(DriveScopes.DRIVE)
.setServiceAccountPrivateKeyFromP12File(
new java.io.File("xxxx-privatekey.p12"))
.setServiceAccountUser("user#xxxxxx.org").build();
I than use these credentials to initiate my Drive object:
Drive d = Drive.builder(httpTransport, jsonFactory)
.setHttpRequestInitializer(credentials)
.setJsonHttpRequestInitializer(new JsonHttpRequestInitializer() {
#Override
public void initialize(JsonHttpRequest request) {
DriveRequest driveRequest = (DriveRequest) request;
driveRequest.setPrettyPrint(true);
}
}).setApplicationName("MYAPPNAME").build();
BTW: I've tried using new Drive(....) but that just won't work, no matter what I try. Keeps throwing errors that internal methods are not found!
Back to this issue:
When I than use 'd' to call something like .files().get("SOMEFILEID").execute() I get a 403
{ "code" : 403,
"errors" : [ {
"domain" : "usageLimits",
"message" : "Daily Limit Exceeded. Please sign up",
"reason" : "dailyLimitExceededUnreg",
"extendedHelp" : "https://code.google.com/apis/console"
} ],
"message" : "Daily Limit Exceeded. Please sign up"
}
I can't figure out why this doesn't work. I've look online all day but can't find a suitable answer. Some help is very much appreciated.
So pinoyyid's answer did help, although it wasn't the definitive answer.
I ended up solving it like this:
I took my AppID (xxxxx.apps.googleusercontent.com) and added it to my CPanel https://www.google.com/a/cpanel/[[YOURDOMAIN]]/ManageOauthClients
with these scopes:
https://www.googleapis.com/auth/drive
https://www.googleapis.com/auth/drive.file
https://www.googleapis.com/auth/userinfo.email
https://www.googleapis.com/auth/userinfo.profile
After that I had could do an authenticated request to the Drive environment. Running into a stack of different issues now but the 403 got solved.
I usually get a 403 when the API call was missing the Authorization http header. Trace the http and look at the headers. The rationale for the "quota" message is that without an Auth header, you are anonymous, and the quota for anonymous use is zero.
You might also check that your app is registered for both of the Drive APIs, as I've heard that that can cause the same problem.
On the internal method issue, that sounds like you're using incompatible library versions. What worked best for me was to delete all of the libraries I had downloaded with the sample code, then use the Google Eclipse plugin to "Google/Add Google APIs..." to download all of the latest versions.