Youtube API request credentials - McMap

About

Youtube API request credentials

Asked 29/11, 2018 at 4:25 Answered 5/12, 2018 at 12:49

Solved python oauth-2.0 google-api youtube-api youtube-data-api

H

1

13

I created an python application that is using the Youtube api (so examples are in python, but doesn't really matter, the concepts should be the same). I managed to get it working where I can connect and make api calls. However, when I connect to the api, I have to define a flow that checks if a the credentials storage file exists. If it doesn't, then I have to manually sign in using the flow. After sign in the file (main.py-oauth2.json), is created with the token. I would like to be able to download the credentials without having to sign manually sign in. I was hoping there was a way to make a POST request for that token, like I have seen here, but I have been able to do this with Youtube api. Does anyone know how to implement the desired feature ?

main.py

flow = flow_from_clientsecrets(CLIENT_SECRETS_FILE,
    scope=YOUTUBE_UPLOAD_SCOPE,
    message=MISSING_CLIENT_SECRETS_MESSAGE)
storage = Storage(OAUTH_CREDENTIALS)

credentials = storage.get()

if credentials is None or credentials.invalid:
    # manual / UI login
    credentials = run_flow(flow, storage, args)

Trying to use a google service account throws 401 errors on upload.

credentials = Credentials.from_service_account_file(
    SERVICE_ACCOUNT_FILE, scopes=YOUTUBE_UPLOAD_SCOPES)

if credentials is None or credentials.expired:
    raise ValueError('Invalid credentials')

return build(YOUTUBE_API_SERVICE_NAME, YOUTUBE_API_VERSION,
    credentials=credentials)
...
status, response = insert_request.next_chunk()
# <HttpError 401 "Unauthorized">

Evidence this can be done

The oauth2client.service_account.ServiceAccountCredentials class is only used with OAuth 2.0 Service Accounts. No end-user is involved for these server-to-server API calls, so you can create this object directly without using a Flow object.

youtube api Oauth flow docs

https://developers.google.com/identity/protocols/OAuth2#serviceaccount

Hellhole answered 29/11, 2018 at 4:25 Comment(4)

Are you pertaining about how to use the downloaded client_secrets.json? – Rabid 29/11, 2018 at 11:38

@jess, i don't believe so. From my understanding, the flow uses the client secrets to store the client api details, you still have to login to get a token. From what i have read here, developers.google.com/api-client-library/python/guide/aaa_oauth – Hellhole 29/11, 2018 at 14:51

Yes you will still to login from your google account to generate client secrets from the console. – Rabid 30/11, 2018 at 10:47

Unfortunately, what you desire is not possible with the YouTube API. Specifically, the YouTube API does not support service account credentials. The closest thing you could do would be to create it like it's an 'installed' application, with a long-term token that you ask for, but that would still require at least one initial user sign in. See developers.google.com/youtube/v3/guides/… for more details. – Tate 5/12, 2018 at 6:34

A

6

The problem is that most YouTube data is private user data. Being that it is private user data you must be authenticated as a user who has access to the data in question in order to access it. To do that we use Oauth2 and login to our account and get an access token and a refresh token returned.

The access token can be used to request data from the Youtube Api, the refresh token can be used to request a new access token when ever the access token expires (After an hour)

Normally i would say that you should consider using a service account. Services accounts are dummy users who can be preconfigured with access to user data. Unfortunately the Youtube api does not support service accounts.

What you should be doing and what i have done a number of times in the past is to authenticate your code once. Get the refresh token and save it. In the future whenever you wish to run your application you simply use the refresh token to request a new access token and you will be able to access the api. You wont have to manually type your login and password and consent to the access anymore everything can be done in the background using the refesh token.

Note: You will need to watch it there are some cases that can cause a refresh token to expire but you shouldn't worry for the most part they are good for as long as you continue to use them regularly.

I am not a python dev but found this

from oauth2client import client, GOOGLE_TOKEN_URI

CLIENT_ID = "client_id"
CLIENT_SECRET = "client_secret"
REFRESH_TOKEN = "refresh_token"


credentials = client.OAuth2Credentials(
    access_token = None, 
    client_id = CLIENT_ID, 
    client_secret = CLIENT_SECRET, 
    refresh_token = REFRESH_TOKEN, 
    token_expiry = None, 
    token_uri = GOOGLE_TOKEN_URI,
    token_ id = None, 
    revoke_uri= None)

http = credentials.authorize(httplib2.Http())

Angelinaangeline answered 5/12, 2018 at 12:49 Comment(9)

Correct me if im wrong, but you have to create a flow, for a user to go through, to get the refresh token, do you know of a way to obtain a refresh token without having to use the google UI, or an automated function maybe? – Hellhole 5/12, 2018 at 15:46

There isn't one you will need to have the user do that at least once then save the redirect URI. A user Will always have to login and click on the consent screen both are webpages – Angelinaangeline 5/12, 2018 at 17:0

So there is no way to connect to the youtube account, with the google account associated with either the serve rice account, or the client api? i thought the docs explicitly say no end user is needed. – Hellhole 5/12, 2018 at 17:32

YouTube APIs does not support service a counts. I have never heard of a client API so I don't know what documentation you are referring to. a user will always have to grant you permission to access their data you can't just access any users data you wish. – Angelinaangeline 5/12, 2018 at 17:49

Maybe there is a work around? Could i make a POST with the username/password and get a token or user credentials. That step doesn't have to use the youtube api. What I'm trying to accomplish to to have an automatic sign in, by the application. I'm not trying to access any other user account but my own, which the application is using to upload videos to my youtube account? – Hellhole 5/12, 2018 at 18:3

You can't work around this a user must login and click the consent screen. This is the point of Oauth2. Google shut down client login in 2015 you can't use login and password. There is no way too automatically sign-in. You only need to do it once to get the refresh token I don't understand why that is a problem when it's your own account. – Angelinaangeline 5/12, 2018 at 18:55

The app records video from a webcam, and when the recording is done, i want it to automatically upload that video to my youtube account. Having to log into google ever time the app records the webcam, makes the feature not desirable. – Hellhole 5/12, 2018 at 19:14

Again you dont need to login everytime. You need to login one single time save the refresh token. Everytime there after your code will use the refresh token to request an access token. You dont need to login again you dont need to click on anything again just ONCE, the first time. Not the second time, not the third time. Only the first time one time. – Angelinaangeline 5/12, 2018 at 19:16

Yeah, i noticed that the token had an expiration date, but you are correct, its past that date, but still letting me in. Thanks for the help, when i read the docs I had it in my head that this was doable and i was just messing something help. That is my bad. – Hellhole 5/12, 2018 at 19:46

Recommended topics

#Godot #Unity #Godot 4.X #Mongodb

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

© 2022 - 2024 — McMap. All rights reserved.