gmail api watch : 客户端未授权使用此方法检索访问令牌,或者客户端未被授权用于请求的任何范围
gmail api watch : Client is unauthorized to retrieve access tokens using this method, or client not authorized for any of the scopes requested
我正在尝试从 python google 云函数调用 User: watch。
我正在笔记本电脑上测试脚本。
我做的设置:
- 在项目上启用 gmail API
- 使用 json 凭据文件创建服务帐户
- 将服务帐户的客户端 ID 放入具有以下 API 范围的 Manage API client access
['https://mail.google.com/','https://www.googleapis.com/auth/admin.directory.user']
- 已验证 G Suite 全域委派已启用
我不断收到的错误是:
err=('unauthorized_client: Client is unauthorized to retrieve access tokens using this method, or client not authorized for any of the scopes requested.', '{\n "error": "unauthorized_client",\n "error_description": "Client is unauthorized to retrieve access tokens using this method, or client not authorized for any of the scopes requested."\n}')
我已经尝试传递服务凭据帐户并设置 userId = TARGET_INBOX,结果返回一个错误的请求。我已经尝试查看与此错误相关的其他 SO 帖子,但没有发现我做错了什么。
Pip文件:
[[source]]
name = "pypi"
url = "https://pypi.org/simple"
verify_ssl = true
[dev-packages]
pytest = "*"
[packages]
flask = "*"
google-cloud-pubsub = "*"
google-api-python-client = "*"
google-auth = "*"
[requires]
python_version = "3.7"
watch_inboxes.py
import os
import google.auth
from google.auth import impersonated_credentials
from google.auth.exceptions import RefreshError
from googleapiclient.discovery import build
import json
from googleapiclient.errors import HttpError
SCOPES = ['https://mail.google.com/', 'https://www.googleapis.com/auth/admin.directory.user']
TARGET_INBOX = '***TARGET_EMAIL_ADDRESS****'
def watch_inboxes(request):
if not os.environ['GOOGLE_APPLICATION_CREDENTIALS']:
exit(-1)
creds, proj = google.auth.default()
request = {
'labelIds': ['INBOX'],
'topicName': 'projects/***PROJECTNAME***/topics/***TOPICNAME****'
}
delegated_credentials = creds.with_subject(TARGET_INBOX)
org_service = build('gmail', 'v1', credentials=delegated_credentials)
org_rval = None
try:
org_rval = org_service.users().watch(userId='me', body=request).execute()
except HttpError as err:
print("err={}, context={}".format(err, err.content))
except RefreshError as err:
print("err={}".format(err))
print("org_rval={}".format(org_rval))
return org_rval
阅读您的代码,您似乎忘记将 scopes 添加到您的 google.auth.default()-function。
所以最终产品看起来像这样google.auth.default(scopes)
我正在尝试从 python google 云函数调用 User: watch。
我正在笔记本电脑上测试脚本。
我做的设置:
- 在项目上启用 gmail API
- 使用 json 凭据文件创建服务帐户
- 将服务帐户的客户端 ID 放入具有以下 API 范围的 Manage API client access
['https://mail.google.com/','https://www.googleapis.com/auth/admin.directory.user'] - 已验证 G Suite 全域委派已启用
我不断收到的错误是:
err=('unauthorized_client: Client is unauthorized to retrieve access tokens using this method, or client not authorized for any of the scopes requested.', '{\n "error": "unauthorized_client",\n "error_description": "Client is unauthorized to retrieve access tokens using this method, or client not authorized for any of the scopes requested."\n}')
我已经尝试传递服务凭据帐户并设置 userId = TARGET_INBOX,结果返回一个错误的请求。我已经尝试查看与此错误相关的其他 SO 帖子,但没有发现我做错了什么。
Pip文件:
[[source]]
name = "pypi"
url = "https://pypi.org/simple"
verify_ssl = true
[dev-packages]
pytest = "*"
[packages]
flask = "*"
google-cloud-pubsub = "*"
google-api-python-client = "*"
google-auth = "*"
[requires]
python_version = "3.7"
watch_inboxes.py
import os
import google.auth
from google.auth import impersonated_credentials
from google.auth.exceptions import RefreshError
from googleapiclient.discovery import build
import json
from googleapiclient.errors import HttpError
SCOPES = ['https://mail.google.com/', 'https://www.googleapis.com/auth/admin.directory.user']
TARGET_INBOX = '***TARGET_EMAIL_ADDRESS****'
def watch_inboxes(request):
if not os.environ['GOOGLE_APPLICATION_CREDENTIALS']:
exit(-1)
creds, proj = google.auth.default()
request = {
'labelIds': ['INBOX'],
'topicName': 'projects/***PROJECTNAME***/topics/***TOPICNAME****'
}
delegated_credentials = creds.with_subject(TARGET_INBOX)
org_service = build('gmail', 'v1', credentials=delegated_credentials)
org_rval = None
try:
org_rval = org_service.users().watch(userId='me', body=request).execute()
except HttpError as err:
print("err={}, context={}".format(err, err.content))
except RefreshError as err:
print("err={}".format(err))
print("org_rval={}".format(org_rval))
return org_rval
阅读您的代码,您似乎忘记将 scopes 添加到您的 google.auth.default()-function。
所以最终产品看起来像这样google.auth.default(scopes)