As we have seen in my previous blog, OAuth2.0 integrations have some drawbacks and headache regarding tokens!
In this tutorial we will set up simple service account in a developer console and attach it to our backend(mine is node server) and authenticate, so that we can access all the drive apis for creating,deleting,moving folders or files in drive.
lets move on!!
Steps going to cover:
- Account setup in developer console
- Integrating the service account with backend
- Getting Authorized with service account credentials
- Example to create a File
step-1:Account setup in developer console
go to console.developer.google.com and create a project (if you have already one ignore this one).
In previous blog i have discussed steps to create a project .
Now go to credentials section
click on create credentials and choose Service account.
after that enter the service account name and create
After that, In step 2(optional) it will ask the role.. you can give full access to project
(i.e owner) and continue
In step-3 if you wanna add specific user to access this service account you give add there or else skip it! and Press Done!
After that you can see your newly created service account in credentails section
Now click on the edit button of your service account and scroll down on that page.
you will see Keys section, now ADD key=>create new key=>JSON=>create
One Json file with service account credentails gets downloaded..save it. we are gonna use it in our server!!
your file looks like this
Step-2 Integrating the service account with backend
Save the service account json credentials in your .env file in server.
So now in server get the npm package of googleapis
npm install googleapisStep-3 Getting Authorized with service account credentials
go to your controller or service and add this piece to authorize/initialize the drive Instance.
import {google} from ‘googleapis’const scopes = [‘https://www.googleapis.com/auth/drive'];const auth = new google.auth.JWT(client_email, null, private_key, scopes)const drive = google.drive({ version: ‘v3’, auth });
Here the client_email,private_key are from your json service account credentials.
and yeah thats it! we have configured and authorized service account..
(easy right!!)
lets have an example of creating one file..
Ohh wait!! before that we have to understand one thing about service account!
As service account is similar to any other google account it wont have much of a storage !
so we link our central drive folder to service account and start creating files and folders in that particular shared folder
lets have a look at that!!
go to your central account drive. and create a folder in it say: ServiceAccountDemo
and share that particular folder to a client_email(which is a field in your service account JSON credential file)
press done and if asks any prompt ,press share anyway
Now we have linked our folder with service account, we can start creating files into this folder with the help of service account!
Step-4: Example to create a File
here along with the service account credentials i have stored my linked folder(serviceAccountDemo) id in the .env, so that it will be parent to all my files..
this is my .env with neccessary fields from credentails.json and share folder Id(i.e. serviceAccountFolderId)
piece of code for file creation:
fileCreation(fileCreateRequest: IFileCreateRequest, callback: any) {if (fileCreateRequest.name && fileCreateRequest.parent && fileCreateRequest.type) {let data = {name: fileCreateRequest.name,parents: [fileCreateRequest.parent],mimeType: FileMimeTypes[fileCreateRequest.type]}drive.files.create({ requestBody: data, fields: ‘*’ }, (createErr: any, createResponse: any) => {if (!createErr) {logger.info(‘File created successfully ‘ + fileCreateRequest.name);callback(null, createResponse.data);} else {logger.error(createErr.data.error);callback(createErr.data.error, null);}})} else {callback(‘InSufficient Request Payload’, null);}}
thats it! we have successfully create a file in our drive!!
if you want extra piece of code for copy,delete,permission creation/deletion
feel free to ask!!
Thanks for you time!!
