Downloading file from Google Drive by using Google Picker

Question

I'm trying to build a webpage on which user can select an image from Google Drive by using Google Picker and download selected files to my server by using PHP script.

I have managed to setup the Picker, and i get fileIDs but when i pass this IDs to my backend and try GET method i get an authentication error.

I have spent 2 days working on this and researching, but more I read google official documentation the more confused I am.

Can someone tell me, or link me the example how implement this? Is it possible to somehow pass the oAuthv2 token from the GooglePicker to my PHP backend and then use that token with the GET request?

Thank you very much in advance !

edit:

here is the error that im geting when i try GET https://www.googleapis.com/drive/v2/files/SOME_FILE_ID

{
 "error": {
  "errors": [
   {
    "domain": "usageLimits",
    "reason": "dailyLimitExceededUnreg",
    "message": "Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup.",
    "extendedHelp": "https://code.google.com/apis/console"
   }
  ],
  "code": 403,
  "message": "Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup."
 }

Answer 1

Before you call the GET, you must set an Authorisation-Header containing an up to date access token.

If you want to do this manually, the steps are:-

1. Request permission using your app-id/client-id and scopes. This will return to you an authorization code.
2. Use the authorization code to request a refresh token and an access token
3. Store the refresh token for future use
4. Set the access token in an http header Authorization (something like Authorization: Bearer ya29.AHES6ZR3HQa9trJM_IQcgNlM0SI4FvLQFiQfcAZCWLobfpjqtGlT6A)
5. Issue your GET

You can see the whole process in action by clicking around at https://developers.google.com/oauthplayground/

Alternatively, if your client app already has an access token, you could send that to your server alongside the file ID and your server can simply set that directly into the Authorization header.

There are PHP libraries you can use instead, eg. go to https://developers.google.com/drive/v2/reference/files/insert and scroll down to see the PHP samples. It's entirely your choice whether you build the URLs by hand or use the libraries. The big disadvantage to the libraries is that if something goes wrong, you really need to understand and trace the http anyway to see what's going on, so might as well get to learn and love them from day one.

The message "Daily Limit for Unauthenticated Use Exceeded" seems to confuse first timers (me included). It's the "Unauthenticated Use" which is the important part, meaning you haven't set the Authorization header. Google APIs have a daily quota for unauthorized use (stuff like URL shortener). In the case of Drive, that quota is ZERO, hence the error.

Answer 2

@pinoyyid said everything as it is, and inspired by him, here is the actual solution I came up with:

If you want to download a file, you need two variables - oAuthToken and fileId

oAuthToken you get from JS client side when user authenticates. If you use the example from google docs (https://developers.google.com/picker/docs/), the function looks like this:

function handleAuthResult(authResult) {
    if (authResult && !authResult.error) {
        oauthToken = authResult.access_token;
        oauthToken; // <-- THIS IS THE Bearer token
        createPicker();
        }
}

fileId you get from when user picks a file. Again, a modified example from google docs:

function pickerCallback(data) {
    if (data[google.picker.Response.ACTION] == google.picker.Action.PICKED) {
        var doc = data[google.picker.Response.DOCUMENTS][0];
        alert('You picked fileId: ' + doc[google.picker.Document.ID]);
    }
}

Probably you will pass these data as a form request, or through ajax. Simple cURL call from backend to download the file:

$oAuthToken = 'ya29.XXXXXXXXXXXXXXXXXXXXXXXXX-XXXXXXXXX-XXXXXXX-XXXXXX-X-XXXXXXXXXXXX-XXXX';
$fileId = '0B4zzcXXXXXXXXXXXXXXXXXXXXXX';

$getUrl = 'https://www.googleapis.com/drive/v2/files/' . $fileId . '?alt=media';
$authHeader = 'Authorization: Bearer ' . $oAuthToken ;


$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $getUrl);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
    $authHeader ,
]);

$data = curl_exec($ch);
$error = curl_error($ch);
curl_close($ch);

file_put_contents("destination-file.jpg", $data);

Docs about file download: https://developers.google.com/drive/web/manage-downloads

Answer 3

You store the refresh token in the database. When an API call is checked whether the current token is still valid. If not, a new access-token is retrieved by using the refresh-token