Discuss this help topic in SecureBlackbox Forum

Clouds: Connect to Google Drive service and authenticate for the first time

To connect to Google Drive for the first time, it's necessary to take the following steps:

  1. Put client_id and client_secret, obtained during registration, to TElGoogleDriveDataStorage.ClientID and TElGoogleDriveDataStorage.ClientSecret properties respectively.
    Also, if you specified a Redirect URL during registration of your application, then you need to set RedirectURL property to the value of this URL. It's possible not to provide the Redirect URL.
  2. Create an instance of TElHTTPSClient, which will be used as a transport, and put a reference to the newly created instance to TElGoogleDriveDataStorage.HTTPClient property.
  3. Call TElGoogleDriveDataStorage.StartAuthorization() method and get an URL to use in the browser.
  4. For embedded browser - navigate the browser control to the URL returned by StartAuthorization() method in order to let the user login on Google authorization server.
    For external browser - direct the browser to the URL returned by StartAuthorization() method.

    If you have specified Redirect URL, then after the user is authenticated, the browser will be redirected to the URL, specified as a RedirectURL during registration of your application. The server, that handles the URL, should extract the authorization code from the requested URL. The authorization code is passed in "code" parameter of the URL.
    Instead of using an external HTTP server you can use TElOauth2RedirectReceiver component, which will do the job.

    If you have not specified Redirect URL, the browser will be redirected to the web page, on which the code will be shown (either in title, or in the body of the web page or both!). Once there appears a text line started with "Success code=", you need to extract the ending part of text after the equal sign. This is a so-called "authorization code". You will need it in order to complete the authorization process. If there appears another text line that starts with "Denied error=", this means that the user has failed to login and/or has cancelled the login process.
  5. After receiving the authorization code you need to call TElGoogleDriveDataStorage.CompleteAuthorization() method and pass the authorization code to that method. If CompleteAuthorization method is executed without errors, you need to save the value of TElGoogleDriveDataStorage.RefreshToken property. The refresh token will let you avoid re-authentication in the consequent sessions.

The code below shows how to authenticate the user with help of TElOauth2RedirectReceiver component.

C#:


// create a HTTP client for transport purpose
TElHTTPSClient transport = new TElHTTPSClient();

// set SSL versions to TLS 1.x
transport.Versions = SBSSLConstants.__Global.sbTLS1 |
   SBSSLConstants.__Global.sbTLS11 | SBSSLConstants.__Global.sbTLS12;

// provide an event handler for validating SSL certificate(s)
transport.OnCertificateValidate += ...;

// actually, create a data storage object
TElGoogleDriveDataStorage storage = new TElGoogleDriveDataStorage();

// link it to the transport client
storage.HTTPClient = transport;

// setup redirect url
storage.RedirectURL = @"http://localhost:5050/";

// set client id and client secret parameters obtained in the Box console
storage.ClientID = @"...";
storage.ClientSecret = @"...";

// restore the refresh token stored in the previous session;
// refresh tokens are explained in the next section
storage.RefreshToken = @"...";

// start authorization procedure
string url = storage.StartAuthorization();

// check if a manual authorization in a browser is required
// (no refresh token or expired refresh token provided)
if (!String.IsNullOrEmpty(url))
{
  Console.WriteLine("Authorization required");

  // create a redirect receiver to get an authorization code
  TElOAuth2RedirectReceiver receiver = new TElOAuth2RedirectReceiver();

  // activate the receiver on the specified redirect URL
  receiver.Activate(storage.RedirectURL);

  // start the default browser and ask it to open the authorization web page
  System.Diagnostics.Process.Start(url);

  // wait until the user authorizes in the browser and
  // grants access to his/her account on the Box server
  while (!receiver.Receive())
  {
      // for demo purpose, we just write a dot to the console and
      // freeze the thread for a half of a second; timeout is not handled
      Console.Write(".");
      System.Threading.Thread.Sleep(500);
  }
  Console.WriteLine();

  // complete authorization using the provided code
  storage.CompleteAuthorization(receiver.AuthorizationCode);
}

// save the refresh token for further use
Console.WriteLine("Refresh token: {0}\n", storage.RefreshToken);

How To articles about Google Drive cloud

Discuss this help topic in SecureBlackbox Forum