I want to upload files in admin's Dropbox account(eg: admin#xyz.com), When someone register on my site and upload files. The files should upload on Admin's Dropbox account.
I am using nodejs, When I try to use API to upload files into Dropbox. It requires authentication(Admin's credentials of Dropbox).
Is there any way to use Dropbox API with Grant-type Password to upload files in developer's account.
The Dropbox API does not offer a way to upload programmatically using the username/password, but instead you should get an access token for the desired account, and store and re-use that. You can get an access token for an arbitrary account via the OAuth app authorization flow:
https://www.dropbox.com/developers/reference/oauth-guide
Related
I have nodejs server script. I would like to be access the Google API -- specifically, Google Photos. Google Photos API doesn't accept service accounts, but only oauth2. The problem is that I am using this script on a headless server (it's a remote backup script).
I am using this module to authenticate: https://www.npmjs.com/package/googleapis and would like to use this one to access the photos: https://www.npmjs.com/package/googlephotos
I created my Google App, I added the Google Photo API; I then created an Oauth authentication method, and given it the right scopes. However, right now to authenticate I am using a script I run on the terminal, which then open a page -- a modified version of this https://raw.githubusercontent.com/googleapis/google-api-nodejs-client/master/samples/oauth2.js which actually saves the access token.
I would really need the script to deal with authentication by itself. Especially since this is a personal application, and access tokens will tend to expire.
Is this impossible to do?
I'm trying to build some kind of instagram clone for me and my friends only. I'm using react in the frontend and node in the backend.
I'm also using azure to store the files my users upload. I've already manage to get Shared access signature (SAS), but I don't know if there's a more appropriate way to do this. Is generating a new SAS every time i want to show a post overkill? Is there a way to get a token so I can give an authenticated user read access to a container of blobs? So i dont have to make a sas for every blob.
At the moment, given a blob URL with valid sas token (not experired) in it, you can access the blob even in a browser with no login in my site.
Edit: To illustrate what I want to do here it is an example:
When you send some picture in a DM in twitter, you can try to get the URL of the picture. If you try to access that URL with incognito mode, you can't access that file. I can't find any resource on how to do something like that.
I am new to google drive API. I want to use google drive to save my web site files. file should be save to one google drive(my google drive). Any one can login to my web site and upload files. To use google drive there is a authentication process and token generation. That generated token need to use with API.
My problem is how can I do that without using user's google account(user don't want to login). Even they don't know they are uploading images to my google drive. I am using Node and AngularJs.
I have an idea to generate token in node server using my google account credentials and pass to client side. Is it possible?
please help me!!
Yes, you can use get a token for your Drive using a service account, and then pass that to the client. However anyone that can read the token can use it to access your Drive, so don't share it publicly.
https://developers.google.com/identity/protocols/OAuth2ServiceAccount
I have a system that generate some data files. These files contains user data, and I want to store it on Amazon S3 to save my server space and bandwidth, but the file must be protected from unauthorized access. Is there any way to generate a download token for a specific file on amazon S3, or something that allows only users authenticated on my website to download specific files? And invalidate this token after some time or after the download finishes?
Yes, you can implement your own authentication system for Amazon. You need to send Auth token from your backend to users who authenticated by you. The following post from official amazon blog explains clearly.
http://mobile.awsblog.com/post/Tx1YVAQ4NZKBWF5/Amazon-Cognito-Announcing-Developer-Authenticated-Identities
You can have create the expiration link for the objects that stored on S3 bucket.AWS provide the link expiration services for the objects. When user finished download you can expire the link.
https://aws.amazon.com/blogs/aws/amazon-s3-object-expiration/
I was looking into the Amazon S3 documentation and I realized that when a permanent IAM user would be added, an AccessID and a SecretID would be generated. However, when a temporary user would be added, an AccessID, a SecretID and a token would be generated. This token would have to be passed as a parameter in the ensuing requests. The details can be found here.
Why exactly are tokens used? What is the need/usecase that it satisfies?
Thanks.
Did you see the Amazon documentation on Use Cases for Granting Temporary Access?
I've used this sort of temporary access with a music service to grant web and mobile users temporary access to music files stored on S3. I generated a custom url for users for each S3 file -- the URL would expired immediately, so it couldn't be shared with others.