Google OAuth 2 services and repository

Google OAuth 2 services and repository

by Gjeo Iadus -
Number of replies: 5

First I would like to know how to remove the system account connected from the OAuth 2 services. I can only add more, but not delete it. I want to keep the services up for logging in, so I don't want to completely delete the service.

Secondly. I want to use G Suite as an unlimited storage space. So instead of uploading (to moodledata), just link to the google doc or sheet. However after fiddling about. When I'm in a course and add a resource, in this case a file, select the file within the filepicker from google drive and add it, it shows 2 options: 

Make a copy of the file
Create an access controlled link to the file

Then I choose to create a link to the file, and then in my Gdrive it creates a copy of the file I selected in the file picker. Which I don't want to happen, because I don't want 2 of the same files. Secondly, I would like it if when I edit the file (in Gdrive) I linked from within the filepicker in moodle, to get redirected to the updatet file, when someone clicks the link.

Lastly I would like to know if there is an option to share a company wide drive? Like a teamdrive. Because it doesn't show when choosing Google drive in the filepicker of Moodle only my personal Gdrive.
Average of ratings: -
In reply to Gjeo Iadus

Re: Google OAuth 2 services and repository

by Sarah Ricketts -

I'm trying to play with this too, with limited success.  Although I have connected an account, I keep getting the error "Exception - 403: The user does not have sufficient permissions for this file." when trying to create an Access Controlled Link.  Although I get the error, when I log into the connected (and authorised) google account, I can see a folder structure has been created in GDrive, with a disconnected copy of the google doc I have tried to add in Moodle.

Average of ratings: -
In reply to Sarah Ricketts

Re: Google OAuth 2 services and repository

by Gjeo Iadus -

My guess you got the warning when you logged in with your google account when selecting google drive from within the filepicker of Moodle.

It seems you have to enable a whole lot of stuff from within the google console like the Gdrive API, but before that you need to have a consent screen with all the necessary privacy policy text (just a html page, like a terms of services).


I have been trying the same, but still need a reply from Google. At least I think this is the problem.


Also you might have to set the system folder that is created to view by everybody(or a certain domain).

Average of ratings: -
In reply to Gjeo Iadus

Re: Google OAuth 2 services and repository

by Ken Task -
Picture of Particularly helpful Moodlers

@all in this thread ... have been using Google Oauth2 authentication before it was offered as part of core.   Can say this ... Google (like Moodle) isn't 'standing still'.   Because they are global and have presence in every part of the globe, there are 'watched' shall we say ... GDPR etc.

I have two servers on different networks (one of which is Google Compute Engine) and recently have been reviewing Google Oauth2 setups on both ... actually forced to in order to get both auth and Drive to work.

Anyhooo ... here are some notes/clips from recent reviews/setups of the two servers I have using Google.   Please note they are clips from Google pages ... with links to some ... and are not organized in a 1,2,3 .... sorry bout that.

Here goes:

Oauth2 has gotten more complicated to initially configure me thinks.
I already had two sites using it and they have been working but seems I can't leave well enough alone ... or felt there was something 'lurking' and decided to review setups.

It appears now that Google has a:
Google Cloud Platform/API Trust & Safety

The API's one needs for Oauth2 and for Drive is found ...
https://console.cloud.google.com/apis/

Endbled apis and services.
Google Drive API - has to be enabled.
IAM Service Account Credentials API has to be enabled.

Then one can get to OAuth2 client ID's etc.

The following clips from an email from Google's
Google Cloud Platform/API Trust & Safety.  Obviously, the project ID
here nas been obscured.


Thank you for submitting a verification request.

To proceed with the approval process, please ensure that your project api-project-ANUMBER is in compliance with the following requirements.

Domain Verification

The website ownership of the following domains should be verified. Please go to the Search Console with an account that is either a Project Owner or a Project Editor on your Project.

    mydomain.org

(which happens to be a Google Compute Engine CentOS 7 instance running
2 Moodles ... a 3.4 and a 3.5 ... both using Google Authentication.

Thank you for your patience. Please reply back to this email after your project is in compliance with the requirements above.

In console, search for 'domain verification' which will lead you to Google info ... confusing to say the least ... but don't quit!   Hang in there.   The results are worth the headache's ... IMHO!

Configure webhook notifications for api-project-myprojectnumber

You need to verify domain ownership to allow webhook notifications to be sent to your external domains. Google verifies that the user owns each of the listed domains via Search Console. Learn more

Important: Your site must be registered on Search Console  with an https:// URL or with the domain name provider verification method.

Domain

Allow webhook notifications to be sent to the following domain.

 Verify ownership

Before you register mydomain.org you must first verify ownership. You can do this in the Google Search Console.

Click the 'Teke me there' link.

It goes to:
Webmaster Central

Verify your ownership of mdlgoogle.org. Learn more.

Learn More link:

https://support.google.com/webmasters/answer/35179?visit_id=636803316864173042-1209121354&rd=1

** Verfication method
HTML file upload

https://www.google.com/webmasters/verification/home?hl=en

Great job, https://mydomain.org/ is now verified! You can now use Google services for your property such as Search Console .

Your Google Account will be recorded in Google's systems as an official owner of this property.

Note - your ownership information will be stored and be visible to other owners (both current and future).

Select the domain provider you have for your Moodle site - mine with Network Solutions ... am an old dude!

Then it will suggest ways of getting this TXT
info into DNS or
an alt way of verifying server.

The HTML file upload me thinks is easier - see ** above!

google-site-verification=bunchoflettersnumberslowercaseandcapsmixed.

Well, there ya have it!  Need to do this entire thing about 10 more times before I can begin to internalize ... and even then, if I 'snooze' I could 'loose'. :\   But that's tech/internet and cloud today for ya!

Best of luck! smile  Hoping this might help a little.

'spirit of sharing', Ken


Average of ratings: -
In reply to Ken Task

Re: Google OAuth 2 services and repository

by Hristian Daskalov -

Any idea how to verify site ownership on MoodleCloud site as i don't have access to upload the verification HTML directly the main repository or add a meta-tag into the header section (non-configurable) ...

Average of ratings: -
In reply to Gjeo Iadus

Re: Google OAuth 2 services and repository

by Bart Castel -

Hi,

I express the same remark as Gjeo in his original message: When you create an access controlled link to the file, the filename gets duplicated in the system account Google Drive:

Duplicate filenames

If you then make changes to the original file (i.e. the one not shared), these are of course not reflected in Moodle.

Does somebody know a work-around, or a specific setting somewhere, in order to avoid those duplicate filenames and only keep the shared version of the file?

Thanks in advance for any suggestion!

Bart.

Average of ratings: -