I'm trying to get Google Calendar Push Notifications working for Resources (aka Rooms). They work perfectly for user calendars, but when I call/watch on a Resource, it successfully creates. I get the initial "Sync" call on the server, but then I never hear back from Google again.
My approach to creating the watch is to authenticate an administrator, and use that Token to add the watch on the resource that the administrator had added as a calendar to his list, so it's showing up in the calendarList/list call. I've also turned on all notifications on the admin's account for that calendar.
Any idea on what I might be doing wrong?
Make sure that you register the domain of your receiving URL. If you plan to use https://domain.com/notifications as your receiving URL, you need to register https://domain.com. Each watchable Google Calendar API resource has an associated watch method at a URI of the following form:
https://www.googleapis.com/apiName/apiVersion/resourcePath/watch
You need to send a POST request to the watch method for the resource to set up a notification channel for messages about changes to a particular resource.
POST https://www.googleapis.com/calendar/v3/calendars/my_calendar#gmail.com/events/watch
Authorization: Bearer auth_token_for_current_user
Content-Type: application/json
{
"id": "01234567-89ab-cdef-0123456789ab", // Your channel ID.
"type": "web_hook",
"address": "https://domain.com/notifications", // Your receiving URL.
...
"token": "target=myApp-myCalendarChannelDest", // (Optional) Your channel token.
"expiration": 1426325213000 // (Optional) Your requested channel expiration time.
}
}
Each notification channel is associated both with a particular user and a particular resource (or set of resources). A watch request will not be successful unless the current user owns or has permission to access this resource.
Check this documentation.
Related
Just wondering if there is a way to set up a Cloud Function to delete the entire Firebase Project.
Basically like a Self Destruct scenario.
Kind Regards.
As mentioned by #Frank, Resource Manager has method called Method: projects.delete.
Here's a guide on using it on postman:
Open the Google Cloud Console.
At the top-left, click Menu menu > APIs & Services > Credentials.
Click Create credentials > OAuth Client ID.
Select the appropriate application type for your project and enter any additional information required. For your use-case, choose Web Application. (If this is your first time creating a client ID, you can also configure your consent screen by clicking Consent Screen. The following procedure explains how to set up the Consent screen. You won't be prompted to configure the consent screen after you do it the first time.)
For Authorized redirect URIs, click Add URI. Go back to Postman, copy the Callback URL from Postman as highlighted green on the image below and paste it on the Add URI textbox.
Click Create client ID.
A dialog box named OAuth client created will pop up after creating Client ID as shown in the image.
Take note of Client ID and Client Secret. Click on the DOWNLOAD JSON. Securely save it somewhere safe.
Open the JSON file you've saved. JSON file should look like this:
{
"web": {
"client_id": "xxxxxxx.apps.googleusercontent.com",
"project_id": "xxxxxxxxx",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://oauth2.googleapis.com/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_secret": "xxxxx-xxxxxxxxxxxx-xxxxxx",
"redirect_uris": [
"https://oauth.pstmn.io/v1/browser-callback"
]
}
}
Back to Postman Authorization Tab, Configure New Token.
Fill out all information required:
Token Name: Any name you want.
Grant Type: Authorization Code.
Auth URL: "auth_uri" from JSON file.
Access Token URL: "token_uri" from JSON file.
Client ID: "client_id" from JSON file.
Client Secret: "client_secret" from JSON file.
Scope: "https://www.googleapis.com/auth/cloud-platform" (For Reference: Authorization Scopes)
Client Authentication: Send as Basic Auth header.
Click Get New Access Token.
Follow the prompt login on your screen. Your Access Token is now generated.
Click Use Token.
You should now be able to Send a DELETE request.
I have a service account, and I downloaded the credentials that look like:
{
"installed":{
"client_id":"abc123",
...
}
}
And I go through the procedure of running the node.js based code which attempts to create the token file with getNewAccessToken, and it gives me the prompt:
Authorize this app by visiting this url: https://accounts.google.com/o/oauth2/v2/auth?ac...
When I go to the link, it asks me to log in with my google account.
That sets the token and I can send google calendar events where the calendar id is set to primary (and it is set to be from me) but I can't set the calendar id to John.Smith#mycompany.com
It says
{
"domain": "calendar",
"reason": "requiredAccessLevel",
"message": "You need to have writer access to this calendar."
}
I am not sure how to make it so my service account can be used to send events on behalf of our staff members. Is it because when authorizing I logged in as my account instead of the service account, and if so, how do I authorize as the service account.
Update: I am using the code provided in the google calendar api quickstart guide
I want to implement an Actions for Google app that links to user account in a Firebase project and query's their data. I have a website that is set up using Firebase UI that logs them in and redirects them to a dummy page that basically just says "You have been logged in." I cannot see any documentation anywhere that shows how to return this auth token to google so the assistant can use it to query things on their account. Does anybody know how to accomplish this? I am using this documentation https://developers.google.com/actions/identity/google-sign-in-oauth?creation=no. This is the specific text I am not understanding.
"Your service creates an access token and returns it to Google by redirecting the user's browser back to Google with the access token attached to the request."
This basically means that, instead of returning a new page, you issue an HTTP redirect to a URL that they have sent you as part of the request. You will need to add some parameters to this URL that include the auth info, and this is how Google will get the information - via the redirect handled by the user's browser.
They provide some details further down in step 4 on that page, which reads
Send an HTTP response that redirects the user's browser to the URL
specified by the redirect_uri parameter. Include all of the following
parameters in the URL fragment:
access_token: the access token you just generated
token_type: the string bearer
state: the unmodified state value from the original request
The following is an example of the resulting URL:
https://oauth-redirect.googleusercontent.com/r/YOUR_PROJECT_ID#access_token=ACCESS_TOKEN&token_type=bearer&state=STATE_STRING
Not able to establish watch channel. getting unauthorized push notification error 401. Done all required settings for web_hook to work.added domain in domain verification tab. Stuck here for weeks. plz help me out. thanks.
first of all you should have a ssl certificate as push notification only work on https:// you can read all about the requirement here https://developers.google.com/google-apps/calendar/v3/push
but the thing missing in the above link is you shoul have the authentication token set on the callback url ( similar to that when you set before calling a google API.. ) and dont forget to take access token from database (assuming that you had it stored at the time of authentication) as system will not read it from session on callback url.
You need to add this value to the headers of your request:
"Authorization: Bearer user_token"
You can get user token with a GET Google_Http_Request to https://www.googleapis.com/oauth2/v3/token
PHP example to get Google token:
Use Google APIs PHP Client library.
$TokenRequest = new Google_Http_Request(
"https://www.googleapis.com/oauth2/v3/token",
"GET"
);
$Token = $Client->getAuth()->authenticatedRequest($TokenRequest);
I'm trying to use the Instagram Realtime API with a Meteor app. Basically you can subscribe to a tag get latest posts.
So I need to setup a callback URL and send a post request with my callbackurl, the object & fields that I want to subscribe and a verify string. A Instagram server is sending a get request with my verify string and a random string (challenge) and the Meteor server has to respond to this with the challenge string.
I'm getting the following error serverside:
error_message: 'Challenge verification failed. Sent "b58b60bb367d40148defa4e6240b2dc2", received "<!DOCTYPE> html..."..etc
In order to verify the subscription, your server must respond to the GET request with the hub.challenge parameter only.
How do I respond to instagram API with the hub.challenge parameter.
Resources:
http://instagram.com/developer/realtime/#