0

I've inherited a python (2.7) program which uses oauth2client to access a google drive. It appears that the credentials that the program is using has edit, but not create or delete permissions, which is not what we want.

However, all I have is a client_id,access_token, etc... but I don't know which account this actually is to get on the google side and give correct permissions to the account.

How do I get the actual client NAME information that is necessary on the google permissions side to set this up?

I'm accessing oath with:

store = Storage(creds_filename)
credentials = store.get()

the creds file looks like:

{"_module": "oauth2client.client",
 "scopes": ["https://www.googleapis.com/auth/spreadsheets"],
 "token_expiry": "2019-01-10T20:32:28Z",
 "id_token": null,
 "user_agent": "ResponseRates",
 "access_token": FIRST_STRING_OF_CHARACTERS,
 "token_uri": "https://accounts.google.com/o/oauth2/token",
 "invalid": false,
 "token_response": {
     "access_token": FIRST_STRING_OF_CHARACTERS,
     "scope": "https://www.googleapis.com/auth/spreadsheets",
     "expires_in": 3600,
     "token_type": "Bearer"},
 "client_id": SECOND_STRING_OF_CHARACTERS.apps.googleusercontent.com",
 "token_info_uri": "https://www.googleapis.com/oauth2/v3/tokeninfo",
 "client_secret": THIRD_STRING_OF_CHARACTORS,
 "revoke_uri": "https://accounts.google.com/o/oauth2/revoke",
 "_class": "OAuth2Credentials",
 "refresh_token": FOURTH_STRING_OF_CHARACTORS,
 "id_token_jwt": null
}

(Hopefully I deleted anything dangerous from that...)

Brian Postow
  • 11,709
  • 17
  • 81
  • 125
  • The Access Token is the result of OAuth Flows. This means that your software is grabbing the token after authentication. Go back to your Client Secret Credentials file. The information that you need is in that file. If you do not have that file, how are you implementing OAuth? If you look at the Client ID, you will notice that it begins with the Google Project Number. Edit your question with more details. – John Hanley Jan 10 '19 at 20:43
  • `creds_filename` should have the information that you are looking for. `client NAME` is not stored, but the the account / project information will be there. – John Hanley Jan 10 '19 at 22:02
  • I put a redacted creds_filename in the question. WHich bit gives me the account name? – Brian Postow Jan 10 '19 at 22:33
  • You don't get the account name, you get the project number. Then login to the Google Console and switch to that project. To see how projects are mapped, execute `gcloud projects list` at you desktop. You will see a list of project IDs and project numbers. – John Hanley Jan 10 '19 at 22:52
  • Ok, I see the list of project IDs. I think that maybe I'm just looking for the creds in the wrong place. – Brian Postow Jan 11 '19 at 16:06

0 Answers0