1

我使用的一个应用程序有一个基于此https://gist.github.com/Daniel15/5994054编写的 js 文件选择器。

它非常古老,但直到最近才进行了微小的修改。现在,每当有人尝试使用文件选择器时,就会出现一个弹出窗口并选择他们的谷歌帐户,一旦发生这种情况,就会出现以下消息:

此应用已被阻止此应用试图访问您 Google 帐户中的敏感信息。为了确保您的帐户安全,Google 阻止了此访问。

我知道 Google 所做的更改已于 2021 年 9 月 13 日生效,但我不确定这是否是问题的原因。

我该如何解决这个问题?我不是 JS 专家,也不熟悉 google API

这是代码:

(function() {
/**
 * Initialise a Google Driver file picker
 */
var FilePicker = window.FilePicker = function(options) {
    // Config
    this.apiKey = options.apiKey;
    this.clientId = options.clientId;

    console.log('works');
    // Elements
    this.buttonEl = options.buttonEl;

    // Events
    this.onSelect = options.onSelect;
    this.buttonEl.addEventListener('click', this.open.bind(this));

    // Disable the button until the API loads, as it won't work properly until then.
    this.buttonEl.disabled = true;

    // Load the drive API
    gapi.client.setApiKey(this.apiKey);
    gapi.client.load('drive', 'v2', this._driveApiLoaded.bind(this));
    gapi.load('picker', {'callback': this._pickerApiLoaded.bind(this)});
}

FilePicker.prototype = {
    /**
     * Open the file picker.
     */
    open: function() {
        // Check if the user has already authenticated
        var token = gapi.auth.getToken();
        if (token) {
            this._showPicker();
        } else {
            // The user has not yet authenticated with Google
            // We need to do the authentication before displaying the Drive picker.
            this._doAuth(false, function() { this._showPicker(); }.bind(this));
        }
    },

    /**
     * Show the file picker once authentication has been done.
     * @private
     */
    _showPicker: function() {
        var token=gapi.auth.getToken();

        this.accessToken = token.access_token;

        this.picker = new google.picker.PickerBuilder().
            addView(google.picker.ViewId.DOCS).
            setAppId(this.clientId).
            setOAuthToken(this.accessToken).

            setDeveloperKey(this.apiKey).

            setCallback(this._pickerCallback.bind(this)).
            build().
            setVisible(true);
    },

    /**
     * Called when a file has been selected in the Google Drive file picker.
     * @private
     */
    _pickerCallback: function(data) {
        if (data[google.picker.Response.ACTION] == google.picker.Action.PICKED) {
            var file = data[google.picker.Response.DOCUMENTS][0],
                id = file[google.picker.Document.ID],
                request = gapi.client.drive.files.get({
                    fileId: id
                });

            request.execute(this._fileGetCallback.bind(this));
        }
    },
    /**
     * Called when file details have been retrieved from Google Drive.
     * @private
     */
    _fileGetCallback: function(file) {
        if (this.onSelect) {
            this.onSelect(file,this.accessToken);
        }
    },

    /**
     * Called when the Google Drive file picker API has finished loading.
     * @private
     */
    _pickerApiLoaded: function() {
        this.buttonEl.disabled = false;
    },

    /**
     * Called when the Google Drive API has finished loading.
     * @private
     */
    _driveApiLoaded: function() {
        this._doAuth(true);
    },

    /**
     * Authenticate with Google Drive via the Google JavaScript API.
     * @private
     */
    _doAuth: function(immediate, callback) {
        gapi.auth.authorize({
            client_id: this.clientId + '.apps.googleusercontent.com',
            scope: 'https://www.googleapis.com/auth/drive.readonly',
            immediate: immediate
        }, callback);
    }
};
}());

用于调用选择器的代码:

 function initPicker() {
    var picker = new FilePicker({
        apiKey: '<?=$GOOGLE_FILEPICKER_API_KEY?>',
        clientId: <?=$GOOGLE_FILEPICKER_CLIENT_ID_SHORT?>,
        buttonEl: document.getElementById('pick'),
        onSelect: function(file,ac_t) {
            //console.log(file);
            //alert('Selected ' + file.id);

    var downloadUrl = file.downloadUrl ? file.downloadUrl : file.exportLinks['application/pdf'];

    var request = new XMLHttpRequest();
    request.open('GET', downloadUrl, true);
    request.responseType = 'arraybuffer';
    request.setRequestHeader('Authorization', 'Bearer ' + ac_t);
    request.addEventListener('load', function(e) {
      hideWait()
      var item = base64ArrayBuffer(e.currentTarget.response);
      //console.log(item);
      document.getElementById('p_googledrive_name').value=file.originalFilename ? file.originalFilename : (file.title + '.pdf');
      document.getElementById('p_googledrive_content').value=item;
      document.getElementById("gd-chooser-name").innerHTML = document.getElementById('p_googledrive_name').value;

      document.getElementById("db-chooser-name").innerHTML = '';
      document.getElementById("p_file").value = '';
      document.getElementById("p_dropbox_name").value = '';
      document.getElementById("p_dropbox_bytes").value = '';
      document.getElementById("p_dropbox").value = '';
    });

    showWait();
    request.send();
        }
    });
}
4

1 回答 1

0

如果您的公共应用程序使用允许访问某些用户数据的范围,则它必须完成验证过程。如果您在测试应用程序时在屏幕上看到未验证的应用程序,则必须提交验证请求才能将其删除。在帮助中心了解有关未验证应用的更多信息并获取有关应用验证的常见问题解答。

于 2021-10-02T06:59:15.183 回答