I am getting 404's for image thumbnails when I'm signed on multiple accounts and making API calls for changes.list.
The full steps to reproduce the issue are described as below:
Be signed in with two accounts, one a personal gmail account, and one a Google apps account, say User_gmail and User_gapps respectively
Make API calls to get URLs with to get a list of changes in drive.
Load up the thumbnails for images.
Expected behaviour:
Thumbnail images work.
Actual behaviour:
When I am signed in with User_gmail and User_gapps and I pick
User_gmail during the authentication flow, I can see thumbails for
all modified documents.
When I am signed in only with User_gapps or User_gmail, I can see
thumbnails correctly.
However, when signed in as both users, and I pick User_gapps as the user during the authentication flow, I see broken thumbnails.
Update: the easiest way to reproduce this is sign into multiple accounts, one personal and one apps account, and use this api. If you authorize the API with your work account, and execute a request, and click on the "thumbnailLink" URLs, you can see 404s.
https://developers.google.com/apis-explorer/#p/drive/v2/drive.changes.list?includeDeleted=false
There are two ways to see a Google Document's thumbnail. After getting the URL of the thumbnail through the Google Drive API this URL can be viewed using either 'Cookie' authorization or OAuth 2.0 Authorization.
You seem to be using the 'Cookie' authorization (i.e. the user is currently signed in the browser). What happens is that the browser will use one of the two accounts by default and unfortunately it might not use the correct account.
In that specific scenario you can append &authuser=0 or &authuser=1 to the URL of the thumbnail this will force using an account or the other, one of the two values will work.
The issue is that you don't know which value will work (1 or 0) so you would have to test the two URLs programmatically using Javascript to see which one works or fails.
The other way to load a thumbnail is to use OAuth 2 auth. This is more robust. You can do that easily by appending &access_token=<Your_OAuth_2_access_token>. Make sure you use the same OAuth access token (formerly known as Bearer token) that you used in your API requests. This way you are sure that the image will load. this will even work if the user has signed-out of his Google Account. You will need access to the actual file's data. So this won't work if you have authorized the drive.readonly.metadata scope for instance. YOu need to authorize one of the following scopes:
https://www.googleapis.com/auth/drive.filehttps://www.googleapis.com/auth/drivehttps://www.googleapis.com/auth/drive.readonly
Just beware: access tokens are only valid for 1h.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 一夜七次 的文章《How does one one avoid 404's on changes.list t》','https://www.manongdao.com/article-408690.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}