4

I am implementing a Google File Picker, using the drive.file OAuth scope (in order to avoid usage of sensitive/restricted scopes). The picker works as expected and we are able to receive the file ID for the selected file and download the contents of it using the access token and the Drive or Sheets APIs. However, none of the image thumbnails are rendered - screenshot below. The console and network logs indicate that all the thumbnail requests are getting 403: Forbidden.

Adding the drive.readonly scope in addition to the drive.file scope in the consent flow fixes this issue - the thumbnails are successfully retrieved and rendered. Also, using the root Drive scope (https://www.googleapis.com/auth/drive) fixes the issue, since the client has full access to all content in Drive. However, both of these fixes use Restricted scopes, which I'd like to avoid.

It seems like image thumbnails may not be covered under the limited permissions of the drive.file scope, but I can't seem to find any documentation that clearly explains this. Can anyone confirm whether this is true, or whether there is a workaround that will allow for thumbnails to be rendered while using only the drive.file scope or other Recommended scopes?

missing thumbnails screenshot

mhaldeman
  • 41
  • 1
  • Can you please share the code you are using to open the Picker? Using [this example](https://developers.google.com/picker/docs#example) code it works with the `drive.file` scope. – Alessandro Sep 09 '20 at 14:58

1 Answers1

1

I'm not sure if you have been able to sort this out, but I'm having the same problem. It seems the only thumbnails showing are for files that are publicly available, and adding the (restricted) scope of https://www.googleapis.com/auth/drive.readonly does show the thumbnails.

Bruno Bernardino
  • 476
  • 2
  • 5
  • 12