0

I have spring+maven based java application having rest web service. For each call to this rest webservice, I want my application to upload a file to my google drive account.

I found this.

How can I authentication account before uploading in my application? Do I need Google OAuth2.0 for web application server application? or Authentication method in quick start guide for java will do for my application? I am new to OAuth.

Is there any complete guide on google drive authentication and using drive APIs?

What is the difference between google Oauth2.0 for installed app and google Oauth2.0 for web application server? When should I use each?

rsnhah
  • 339
  • 3
  • 14

1 Answers1

1

If you've used the Authentication method in the Quickstart, that will do to have a authenticated request for uploading files.

To give a little description about Server Application and Authentication method in the Quickstarts:

Server Application Authentication are mostly paired with service accounts to authorize API requests, particularly when calling Cloud APIs to access project-based data rather than user-specific data. Web server applications can use service accounts in conjunction with user authorization.

This OAuth 2.0 flow is specifically for user authorization. It is designed for applications that can store confidential information and maintain state. A properly authorized web server application can access an API while the user interacts with the application or after the user has left the application.

OAuth 2.0 for Installed App

While some OAuth 2.0 Authentication like Javascript (Client-Side) is called the implicit grant flow. It is designed for applications that access APIs only while the user is present at the application. These applications are not able to store confidential information.

In this flow, your app opens a Google URL that uses query parameters to identify your app and the type of API access that the app requires. You can open the URL in the current browser window or a popup. The user can authenticate with Google and grant the requested permissions. Google then redirects the user back to your app. The redirect includes an access token, which your app verifies and then uses to make API requests.

Hope this helps.

Mr.Rebot
  • 6,025
  • 2
  • 13
  • 76
  • Does it mean that, OAuth 2.0 for installed App requires user action? If I am having google drive account, and I am running my application with client_secret.json as suggested in tutorial, do I still need user action to authenticate and grant requested permissions? My app will be running on server, and its web service endpoint will get triggered on some event, endpoint will process that triggered request and upload a file to drive account. The app does nothing else apart from this. We don't want to achieve this by involving user actions. Only one user drive account should be required. – rsnhah Oct 16 '17 at 10:19
  • I am having headless application and I used OAuth2.0 for service account as it does not require user consent. https://developers.google.com/identity/protocols/OAuth2ServiceAccount – rsnhah Oct 23 '17 at 13:57