View Attach (14) Info

Add new attachment

Only authorized users are allowed to upload new attachments.

List of attachments

Kind Attachment Name Size Version Date Modified Author Change note
png
 allow_form.png 100.3 kB 1 05-Dec-2023 05:32 krivacsz
png
 bucket_and_test.png 250.0 kB 2 05-Dec-2023 05:32 krivacsz
png
 clopud_storage_api_enable.png 47.1 kB 1 05-Dec-2023 05:32 krivacsz
png
 cloud_storage_sttings.png 63.4 kB 1 05-Dec-2023 05:32 krivacsz
png
 gstroage_s3_api_vfs_enabled.pn... 174.9 kB 1 05-Dec-2023 05:32 krivacsz
png
 not_verified_domain.png 111.6 kB 1 05-Dec-2023 05:32 krivacsz
png
 oauth_form.png 61.3 kB 1 05-Dec-2023 05:32 krivacsz
png
 s3_vfs_settings.png 210.0 kB 1 05-Dec-2023 05:32 krivacsz
png
 service_account.png 113.5 kB 1 05-Dec-2023 05:32 krivacsz
png
 service_account_details.png 83.7 kB 1 05-Dec-2023 05:32 krivacsz
png
 service_account_new_key.png 72.9 kB 1 05-Dec-2023 05:32 krivacsz
png
 service_account_private_key.pn... 41.0 kB 1 05-Dec-2023 05:32 krivacsz
png
 service_acount_vfs_test.png 130.7 kB 1 05-Dec-2023 05:32 krivacsz
png
 storage_account_access.png 121.4 kB 1 05-Dec-2023 05:32 krivacsz

This page (revision-82) was last changed on 06-Jun-2025 07:51 by krivacsz

This page was created on 05-Dec-2023 05:32 by Halmágyi Árpád

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Difference between version and

At line 6 changed one line
__!!! Proxy Configuration:__ If your server accesses the internet through a proxy, make sure to whitelist the following domains for Google Authentication and Drive access:\\
----
__⚠️ Proxy Configuration:__ If your server accesses the internet through a proxy, make sure to whitelist the following domains for Google Authentication and Storage access:\\
At line 8 changed one line
- __storage.googleapis.com__\\
- __storage.googleapis.com__\\
----
At line 11 changed one line
__!!!Note:__ Ensure sure the __Cloud Storage__ is enabled at __Enabled APIs & services__. [Google API Library Link|https://console.cloud.google.com/apis/library]\\
__⚠️ Note:__ Ensure the __Cloud Storage__ is enabled at __Enabled APIs & services__. [Google API Library Link|https://console.cloud.google.com/apis/library]\\
At line 16 removed 3 lines
Create a new project. My example calls this "CrushFTP-Test".\\
[attachments|gDriveSetup/create_project.png]\\
\\
At line 21 changed 2 lines
Next, click on the "Create Credentials" button, and choose the Web Application type.\\
[attachments|gDriveSetup/create_credentials.png]\\
Go to the __Credentials__ menu, click on __Create Credentials__, and select __OAuth client ID__:\\
[SMTP Google Mail Integration/create_credentials.png]\\
At line 24 changed 2 lines
It will warn you if you don't have an "OAuth Consent" screen configured, so go there and configure that screen too.\\
[attachments|gDriveSetup/oauth_consent.png]\\
• Select the application type: __Web application__.\\
• Provide a unique name to identify your OAuth client (e.g., CrushFTP Integration).\\
Then configure the following:\\
• __Authorized JavaScript origins__: Add the base URL of your CrushFTP server (e.g., https://your-domain.com).\\
• __Authorized redirect URIs__: This is the URL Google will redirect to after successful authorization. The Redirect URL must end with __?command=register_gdrive_api__\\
At line 27 removed 2 lines
When configuring the credential, you have to tell Google the domain you will be originating from when creating the auth token, so this is the URL you use for server administration. Just the protocol://dns_or_ip:port Don't have a trailing slash or it will complain.\\
Configure the redirect URL of where Google will send you back after approval. This needs to follow the syntax in the example. Specifically, your domain needs to end with:\\
At line 30 changed 3 lines
?command=register_gdrive_api
}}}
[attachments|gDriveSetup/credential_config.png]\\
http://127.0.0.1:9090/?command=register_gdrive_api
or
https://your.crushftp.domain.com/?command=register_gdrive_api
}}}\\
At line 34 changed 3 lines
And one last important step, you need to enable the GoogleDrive API for your account if its not already.\\
[https://console.developers.google.com/apis/library/storage-component.googleapis.com/]\\
[attachments|clopud_storage_api_enable.png]\\
Finally, click the __Create__ button.\\
At line 38 changed 3 lines
Now that the API is enabled, your credentials are setup, and your redirect domains are configured, you can use the credentials in CrushFTP to get your Google auth token and get access.\\
In the User Manager, add a new remote VFS item type and set the protocol to be "GStorage".\\
Click "Get Refresh Token" to finish the config. Provide the client id and secret.\\
[SMTP Google Mail Integration/credential_config_gdrive.png]\\
At line 42 changed one line
[attachments|oauth_form.png]\\
After the credentials are created, copy the __Client ID__ and __Client Secret__.\\
At line 44 changed one line
If your domain is not verified you will get a warning message, click on Advanced and proceed further:\\
[SMTP Google Mail Integration/client_id_secret.png]\\
At line 46 changed one line
[attachments|not_verified_domain.png]\\
__⚠️ Note:__ You can configure the __OAuth consent screen__ by clicking the link above the __Authorized JavaScript origins__ section:\\
"The domains you enter in the fields below will be automatically added to your __OAuth consent screen__ as __authorized domains__."\\
Click the link to open the __OAuth consent screen__ settings, complete the configuration, and authorize your __CrushFTP domain.__\\
__Important__: After configuration, don’t forget to click __Publish App__ at __Audience__ page to make it active. Without publishing, the app will remain in __Testing__ mode, which restricts access to authorized test users only.\\
At line 48 changed one line
Click on allow:\\
__GStorage Remote Item Settings__:\\
At line 50 changed one line
[attachments|allow_form.png]\\
Select the __GStorage__ item type and click the __Get Refresh Token__ button.
At line 52 changed 3 lines
The refresh token will be saved as password.\\
Provide the bucket and the path.\\
It is done! Test the connection and save it!\\
__⚠️ Note__: To obtain the __Refresh Token__, the CrushFTP WebInterface’s host and port must match the __Redirect URL__ specified in the __Google APIs & Services__-> __Credentials__ -> __OAuth 2.0 Client IDs__. In our example, it was: http://127.0.0.1:9090 or https://your.crushftp.domain.com/\\
\\
Enter the __Client ID__ , __Client Secret__. Proceed with the authentication and authorization process.\\
__⚠️ Note__: Be sure to sign in with the __Google Account__ that has the __necessary permissions__, as configured in the __Google APIs & Services__-> __Credentials__ -> __OAuth 2.0 Client IDs__. This will automatically configure the __User name__ and __Password__.\\
[GDriveSetup/gdrive_oauth_form.png]\\
\\
If the domain is unverified, a warning message may appear. Click __Advanced__ and choose to proceed:\\
\\
[SMTP Google Mail Integration/not_verified_domain.png]\\
\\
Click on the __Allow__ button:\\
\\
[SMTP Google Mail Integration/allow_form.png]\\
\\
Provide the __Google Storage Bucket__ and the path.\\
\\
At line 68 changed one line
Click on the "Done" button.\\
Click on the __Done__ button.\\
At line 70 changed one line
Navigate to the newly created Service Account. Go to the KEYS tab. Click on the "Add KEY" button, and then select "Create new key".\\
Navigate to the newly created __Service Account__. Go to the __KEYS__ tab. Click on the __Add KEY__ button, and then select __Create new key__.\\
At line 78 changed 4 lines
Username:__google_jwt__\\
Special user name for Service Account Access.\\
Password:__<<the JSON file content>>__\\
It authenticates based on the provided JSON file.\\
Username: __google_jwt__ -> Special user name for Service Account Access.\\
Password: __<<the JSON file content>>__ -> It authenticates based on the provided JSON file.\\
At line 98 added one line
----
At line 88 changed one line
Generate __Access key__ and __Secret__. Got to [https://console.cloud.google.com/] In the left sidebar of the dashboard, click Google Cloud Storage and then Settings.\\
Generate __Access key__ and __Secret__. Got to [Google Console Cloud Link|https://console.cloud.google.com/] In the left sidebar of the dashboard, click on the __Google Cloud Storage__ and then __Settings__.\\
At line 94 changed one line
\\Domain:<<Cloud Storage -> Settings -> INTEROPERABILITY -> Domain of __Storage URI__ default is __storage.googleapis.com__>> \\
\\Domain: <<Cloud Storage -> Settings -> INTEROPERABILITY -> Domain of __Storage URI__ default is __storage.googleapis.com__>>\\
At line 109 added one line
\\
At line 111 added one line
\\
At line 113 added one line
\\
At line 115 added one line
\\\
At line 100 changed one line
__!Warning__ Signing version 4 must be enabled, as Google Cloud Storage does not support older signing versions.\\
__⚠️__ __Signing version 4__ must be enabled, as Google Cloud Storage does not support older signing versions.\\
At line 108 changed 3 lines
User name:__<<Access Key>>__\\
Password:__<<Secret>>__\\
Bucket:__<<Google Cloud Storage Bucket Name>>__\\
User name: __<<Access Key>>__\\
Password: __<<Secret>>__\\
Bucket: __<<Google Cloud Storage Bucket Name>>__\\
At line 112 changed one line
__!Warning__ Signing version 4 must be enabled, as Google Cloud Storage does not support older signing versions.\\
__⚠️__ __Signing version 4__ must be enabled, as __Google Cloud Storage__ does not support older signing versions.\\
Version Date Modified Size Author Changes ... Change note
82 06-Jun-2025 07:51 6.65 kB krivacsz to previous
81 06-Jun-2025 07:42 6.418 kB krivacsz to previous | to last
« This page (revision-82) was last changed on 06-Jun-2025 07:51 by krivacsz
G’day (anonymous guest)
CrushFTP11 | What's New

Referenced by
CrushOIDC
LeftMenu

JSPWiki