I am trying to upload videos to my account from my server daily where browser access is not there. I could do it on my desktop, where by running the below mentioned script opened up the browser, asked for my permissions and did the complete authorization needed to upload the video and then it uploaded the video.
python upload_video.py --file clips/concatenated.mp4 --title testing --desc empty_dec
/Users/devansh.dalal/Desktop/hackathon/tiktoki/venv/lib/python3.7/site-packages/oauth2client/_helpers.py:255: UserWarning: Cannot access upload_video.py-oauth2.json: No such file or directory
warnings.warn(_MISSING_FILE_MESSAGE.format(filename))
Your browser has been opened to visit:
https://accounts.google.com/o/oauth2/auth?client_id=73183172161-48495o1tqgjgih3v7j218av2bghdcm30.apps.googleusercontent.com&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2F&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fyoutube.upload&access_type=offline&response_type=code
If your browser is on a different machine then exit and re-run this
application with the command-line parameter
--noauth_local_webserver
Authentication successful.
Uploading file...
But I want a solution where I don't need to manually authorize the script as my server is fully secure. suggestions please?
First note that the authorization required by the API for uploading a video has nothing to do with the level of security of your server. You may read the doc OAuth 2.0 for Mobile & Desktop Apps for thorough info about the authorization flow on standalone computers.
The doc specifies steps 4 and step 5. By the initial OAuth flow, you get two tokens: a short-lived access token and a refresh token that produces access tokens on demand. Authentication without browser is not possible, but once having a refresh token, it can be traded programmatically for access tokens:
Initialization: obtain via browser authentication a refresh token;
Iterations: as many times as needed, query the API for an access token -- without any browser interaction! -- using the refresh token from (1), then proceed further with the call to the target API endpoint (again, without any browser interaction).
Note that the steps (1) and (2) may well be separated such that (1) is executed by a standalone (local) computer that stores the refresh token into a file; later, upon a secure transfer of that file on a different remote computer (e.g. a server that does not have a browser installed), execute (2) on that remote computer, repeatedly as needed (see Using OAuth 2.0 for server-side, standalone scripts.)