{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Animai°情兽 的问题《Accessing Google Drive from Windows service》','https://www.manongdao.com/q-416042.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I'm trying to understand if it's possible to access a Google Drive from a traditional Windows Service, without involving the user.
Following the guides on https://developers.google.com/drive/quickstart, I've been able to create a command line application which uploads a file to Google Drive. However, this application launches the web browser and redirects me to Google's Authorization Server page which gives me an authorization code I have to enter in the command line app. Obviously this won't work for an application which is running as a Windows Service which will try to upload files to Google Drive at different times. In my scenario, it would simply not be possible to involve the user more than once and that would be during set-up.
As far as I can tell, the authorization code is only valid for a short period of time. If I try to reuse it later, I get an exception.
At https://developers.google.com/accounts/docs/OAuth2, there are description of possible authentication scenarios. The only scenario which matches what I am trying to do is the "Service Accounts" scenario. This allows an application to access services Google without involving the user. However, according to the same page applications using service accounts cannot access data.
I get the impression that Google don't want to bother with old-style authentication (username/password) due to the security issues this may cause. Storing user/pass in configuration is of course not great from a security point of view. Am I missing something, or is what I'm trying to do simply not supported?
The quickstart application is a simplified command-line app that cuts some corners to make the getting started experience quicker but it can still be used as a starting point for a Windows service.
If you don't want to launch the browser, you have to remove the call to
Process.Start(authUri.ToString())and perhaps print the authorization url to the console so that the user can copy the link.You only need to perform this manual step once, as long as the application stores the refresh token and the access token that are returned when exchanging the access code. The access token expires after one hour but the refresh token never expires (unless the user manually revokes access to the app) and the latter is the one that is used to request new access tokens.
The documentation also includes a complete .NET application that shows how to store the tokens and how to address the various authorization edge cases: https://developers.google.com/drive/examples/dotnet