Difference between revisions of "Cloud Storage Scopes List"

From ScummVM :: Wiki
Jump to navigation Jump to search
(Created page with "== Overview == "Scope" defines the permissions granted to the application. Some cloud storage providers have a lot of "scopes", some have only a few. Usually these are listed...")
 
m (itsits.gif)
 
(One intermediate revision by one other user not shown)
Line 22: Line 22:


Google Drive has different scopes (https://developers.google.com/drive/v3/web/about-auth#OAuth2Authorizing). The most important for us are:
Google Drive has different scopes (https://developers.google.com/drive/v3/web/about-auth#OAuth2Authorizing). The most important for us are:
* https://www.googleapis.com/auth/drive - full access to user's files;
* https://www.googleapis.com/auth/drive - full access to user files;
* https://www.googleapis.com/auth/drive.file - full access to user files created by the application;
* https://www.googleapis.com/auth/drive.readonly - read-only access to file metadata and file content;
* https://www.googleapis.com/auth/drive.readonly - read-only access to file metadata and file content;
* https://www.googleapis.com/auth/drive.appfolder - access to the Application Data folder.
* https://www.googleapis.com/auth/drive.appfolder - access to the Application Data folder.


Application Data folder is completely hidden from user, thus ScummVM uses <code>https://www.googleapis.com/auth/drive</code> and creates "ScummVM" folder in the root. Scope is passed as "scope" GET parameter in the OAuth link.
Application Data folder is completely hidden from user, thus ScummVM uses <code>https://www.googleapis.com/auth/drive.file</code> and creates "ScummVM" folder in the root. Scope is passed as "scope" GET parameter in the OAuth link.
 
Because the app is restricted to its own files, users can not place files in the google drive manually.


== Box ==
== Box ==

Latest revision as of 21:30, 16 July 2019

Overview

"Scope" defines the permissions granted to the application. Some cloud storage providers have a lot of "scopes", some have only a few. Usually these are listed while users allow access to their storage, so we should ask only for those permissions we really need.

Dropbox

Dropbox has only two scopes: one is to get access to the whole user's storage and the other is to ask access to App Folder only.

ScummVM uses the latter. Scope is selected when application is created and it seems one can't change it later.

OneDrive

OneDrive has the following scopes (https://dev.onedrive.com/auth/msa_oauth.htm#authentication-scopes):

  • offline_access - provides refresh_token;
  • onedrive.readonly - read-only access to all user's files;
  • onedrive.readwrite - read and write access to all user's files;
  • onedrive.appfolder - read and write access to a special App Folder.

ScummVM uses onedrive.appfolder offline_access. These are passed as "scope" GET parameter in the OAuth link.

Google Drive

Google Drive has different scopes (https://developers.google.com/drive/v3/web/about-auth#OAuth2Authorizing). The most important for us are:

Application Data folder is completely hidden from user, thus ScummVM uses https://www.googleapis.com/auth/drive.file and creates "ScummVM" folder in the root. Scope is passed as "scope" GET parameter in the OAuth link.

Because the app is restricted to its own files, users can not place files in the google drive manually.

Box

Box has special scopes for Organisation and Application Users management, but there is only one scope for Files: get whole access to Box storage.

ScummVM uses that one. Scopes are set in application settings within developer's page.