Quickstarts explain how to set up and run an app that calls a
Google Workspace API.
Google Workspace quickstarts use the API client libraries to handle some
details of the authentication and authorization flow. We recommend that
you use the client libraries for your own apps. This quickstart uses a
simplified authentication approach that is appropriate for a testing
environment. For a production environment, we recommend learning about
authentication and authorization
before
choosing the access credentials
that are appropriate for your app.
Create a Go command-line application that makes requests to the
Google Drive Activity API.
Objectives
- Set up your environment.
- Set up the sample.
- Run the sample.
Prerequisites
Set up your environment
To complete this quickstart, set up your environment.
Enable the API
Before using Google APIs, you need to turn them on in a Google Cloud project.
You can turn on one or more APIs in a single Google Cloud project.
If you're using a new Google Cloud project to complete this quickstart, configure
the OAuth consent screen and add yourself as a test user. If you've already
completed this step for your Cloud project, skip to the next section.
-
In the Google Cloud console, go to Menu menu
> APIs & Services
> OAuth consent screen.
Go to OAuth consent screen
- For User type select Internal, then click Create.
- Complete the app registration form, then click Save and Continue.
For now, you can skip adding scopes and click Save and Continue.
In the future, when you create an app for use outside of your
Google Workspace organization, you must change the User type to External, and then,
add the authorization scopes that your app requires.
- Review your app registration summary. To make changes, click Edit. If the app
registration looks OK, click Back to Dashboard.
Authorize credentials for a desktop application
To authenticate end users and access user data in your app, you need to
create one or more OAuth 2.0 Client IDs. A client ID is used to identify a
single app to Google's OAuth servers. If your app runs on multiple platforms,
you must create a separate client ID for each platform.
-
In the Google Cloud console, go to Menu menu > APIs & Services > Credentials.
Go to Credentials
- Click Create Credentials > OAuth client ID.
- Click Application type > Desktop app.
- In the Name field, type a name for the credential. This name is only shown in the Google Cloud console.
- Click Create. The OAuth client created screen appears, showing your new Client ID and Client secret.
- Click OK. The newly created credential appears under OAuth 2.0 Client IDs.
- Save the downloaded JSON file as
credentials.json
, and move the
file to your working directory.
Prepare the workspace
Create a working directory:
mkdir quickstart
Change to the working directory:
cd quickstart
Initialize the new module:
go mod init quickstart
Get the Google Drive Activity API Go client library and OAuth2.0 package:
go get google.golang.org/api/driveactivity/v2
go get golang.org/x/oauth2/google
Set up the sample
In your working directory, create a file named quickstart.go
.
In the file, paste the following code:
package main
import (
"context"
"encoding/json"
"fmt"
"log"
"net/http"
"os"
"reflect"
"strings"
"golang.org/x/oauth2"
"golang.org/x/oauth2/google"
"google.golang.org/api/driveactivity/v2"
"google.golang.org/api/option"
)
// Retrieve a token, saves the token, then returns the generated client.
func getClient(config *oauth2.Config) *http.Client {
// The file token.json stores the user's access and refresh tokens, and is
// created automatically when the authorization flow completes for the first
// time.
tokFile := "token.json"
tok, err := tokenFromFile(tokFile)
if err != nil {
tok = getTokenFromWeb(config)
saveToken(tokFile, tok)
}
return config.Client(context.Background(), tok)
}
// Request a token from the web, then returns the retrieved token.
func getTokenFromWeb(config *oauth2.Config) *oauth2.Token {
authURL := config.AuthCodeURL("state-token", oauth2.AccessTypeOffline)
fmt.Printf("Go to the following link in your browser then type the "+
"authorization code: \n%v\n", authURL)
var authCode string
if _, err := fmt.Scan(&authCode); err != nil {
log.Fatalf("Unable to read authorization code: %v", err)
}
tok, err := config.Exchange(context.TODO(), authCode)
if err != nil {
log.Fatalf("Unable to retrieve token from web: %v", err)
}
return tok
}
// Retrieves a token from a local file.
func tokenFromFile(file string) (*oauth2.Token, error) {
f, err := os.Open(file)
if err != nil {
return nil, err
}
defer f.Close()
tok := &oauth2.Token{}
err = json.NewDecoder(f).Decode(tok)
return tok, err
}
// Saves a token to a file path.
func saveToken(path string, token *oauth2.Token) {
fmt.Printf("Saving credential file to: %s\n", path)
f, err := os.OpenFile(path, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600)
if err != nil {
log.Fatalf("Unable to cache oauth token: %v", err)
}
defer f.Close()
json.NewEncoder(f).Encode(token)
}
// Returns a string representation of the first elements in a list.
func truncated(array []string) string {
return truncatedTo(array, 2)
}
// Returns a string representation of the first elements in a list.
func truncatedTo(array []string, limit int) string {
var contents string
var more string
if len(array) <= limit {
contents = strings.Join(array, ", ")
more = ""
} else {
contents = strings.Join(array[0:limit], ", ")
more = ", ..."
}
return fmt.Sprintf("[%s%s]", contents, more)
}
// Returns the name of a set property in an object, or else "unknown".
func getOneOf(m interface{}) string {
v := reflect.ValueOf(m)
for i := 0; i < v.NumField(); i++ {
if !v.Field(i).IsNil() {
return v.Type().Field(i).Name
}
}
return "unknown"
}
// Returns a time associated with an activity.
func getTimeInfo(activity *driveactivity.DriveActivity) string {
if activity.Timestamp != "" {
return activity.Timestamp
}
if activity.TimeRange != nil {
return activity.TimeRange.EndTime
}
return "unknown"
}
// Returns the type of action.
func getActionInfo(action *driveactivity.ActionDetail) string {
return getOneOf(*action)
}
// Returns user information, or the type of user if not a known user.
func getUserInfo(user *driveactivity.User) string {
if user.KnownUser != nil {
if user.KnownUser.IsCurrentUser {
return "people/me"
}
return user.KnownUser.PersonName
}
return getOneOf(*user)
}
// Returns actor information, or the type of actor if not a user.
func getActorInfo(actor *driveactivity.Actor) string {
if actor.User != nil {
return getUserInfo(actor.User)
}
return getOneOf(*actor)
}
// Returns information for a list of actors.
func getActorsInfo(actors []*driveactivity.Actor) []string {
actorsInfo := make([]string, len(actors))
for i := range actors {
actorsInfo[i] = getActorInfo(actors[i])
}
return actorsInfo
}
// Returns the type of a target and an associated title.
func getTargetInfo(target *driveactivity.Target) string {
if target.DriveItem != nil {
return fmt.Sprintf("driveItem:\"%s\"", target.DriveItem.Title)
}
if target.Drive != nil {
return fmt.Sprintf("drive:\"%s\"", target.Drive.Title)
}
if target.FileComment != nil {
parent := target.FileComment.Parent
if parent != nil {
return fmt.Sprintf("fileComment:\"%s\"", parent.Title)
}
return "fileComment:unknown"
}
return getOneOf(*target)
}
// Returns information for a list of targets.
func getTargetsInfo(targets []*driveactivity.Target) []string {
targetsInfo := make([]string, len(targets))
for i := range targets {
targetsInfo[i] = getTargetInfo(targets[i])
}
return targetsInfo
}
func main() {
ctx := context.Background()
b, err := os.ReadFile("credentials.json")
if err != nil {
log.Fatalf("Unable to read client secret file: %v", err)
}
// If modifying these scopes, delete your previously saved token.json.
config, err := google.ConfigFromJSON(b, driveactivity.DriveActivityReadonlyScope)
if err != nil {
log.Fatalf("Unable to parse client secret file to config: %v", err)
}
client := getClient(config)
srv, err := driveactivity.NewService(ctx, option.WithHTTPClient(client))
if err != nil {
log.Fatalf("Unable to retrieve driveactivity Client %v", err)
}
q := driveactivity.QueryDriveActivityRequest{PageSize: 10}
r, err := srv.Activity.Query(&q).Do()
if err != nil {
log.Fatalf("Unable to retrieve list of activities. %v", err)
}
fmt.Println("Recent Activity:")
if len(r.Activities) > 0 {
for _, a := range r.Activities {
time := getTimeInfo(a)
action := getActionInfo(a.PrimaryActionDetail)
actors := getActorsInfo(a.Actors)
targets := getTargetsInfo(a.Targets)
fmt.Printf("%s: %s, %s, %s\n", time, truncated(actors), action, truncated(targets))
}
} else {
fmt.Print("No activity.")
}
}
Run the sample
In your working directory, build and run the sample:
go run quickstart.go
-
The first time you run the sample, it prompts you to authorize access:
-
If you're not already signed in to your Google Account, sign in when prompted. If
you're signed in to multiple accounts, select one account to use for authorization.
- Click Accept.
Your Go application runs and calls the Google Drive Activity API.
Authorization information is stored in the file system, so the next time you run the sample
code, you aren't prompted for authorization.
Next steps