2

We are building an application that integrates Google APIs like drive, calendar, and mail. I am looking for a way to authenticate users and get their data. My confusion is that login with username, and password is deprecated which called client login and new mechanizm called OAuth2. But OAuth2 requires login every time if the user is not logged-in to display user files. And I can't understand what is the idea about that if the user writes username, password every time. We are looking for a way to show users file, events, mails without leaving our html5-jquery-php based application.

MPelletier
  • 16,256
  • 15
  • 86
  • 137
tolga_kavukcu
  • 59
  • 1
  • 1
  • 10

1 Answers1

1

See my answer to a previous question. You need to make use of access_token and refresh_token.

When the user first authenticates, you get an authorization_token. You then use that to get an access_token and a refresh_token. Now, each time your app authenticates with the user's Google account, you can check if the access_token is expired - if so, use the refresh_token to get another access_token.

Community
  • 1
  • 1
Matt Healy
  • 18,033
  • 4
  • 56
  • 56
  • Sorry for late response but my confusion is that, there is a parameter called alternateLink that allows open a user's file in google's editor. – tolga_kavukcu Dec 27 '12 at 07:21
  • What is the confusion - you'd still need to be authenticated to get that field, and obviously to open/edit the file as well. – Matt Healy Dec 27 '12 at 07:41
  • My confusion occurs at that point, sorry if i am being too much :) Let's think about this scenario, my app requests permission then user logs in to google then everything is fine user can edit own files with alternateLink. After, user logs out from google, at that point if user try to open own file, a google login screen appears. But my app got permission, there should be no need to login again. – tolga_kavukcu Dec 27 '12 at 09:43
  • The main goal of doing sync, bringing together users documents. From google, skydrive, own files, ftp files etc. But if user shows a login screen when try to open a file. its useless. – tolga_kavukcu Dec 27 '12 at 09:48
  • You must be missing something, even if the user logs out from Google, your app should still have the permission to access their data. Are you using the `access_token` and `refresh_token`? You might need to look in to Offline Access as well https://developers.google.com/accounts/docs/OAuth2WebServer#offline – Matt Healy Dec 27 '12 at 11:54
  • Hi, now i got the idea. There is a framework called dredit it helps with sessions and tokens for drive files thank u so much for ur help. – tolga_kavukcu Dec 28 '12 at 13:00
  • I faced another issue google picker doesn't show all files in drive. Files get api as well.For example when i call this url https://www.googleapis.com/drive/v2/files/ it returns a json that holds user files. But some of the files does not exists like i got a file debian_sunum.pdf in drive but api does not show it do u know why ? – tolga_kavukcu Dec 28 '12 at 13:04