简体   繁体   English

通过RESTful方法对Google API进行身份验证

[英]Authentication of Google APIs via RESTful methods

I need to post events that are parsed out of standardized e-mails to a shared google calendar automatically. 我需要将通过标准电子邮件解析出来的事件自动发布到共享的Google日历中。 Parsing the e-mails to create JSON objects I can do (and have done). 解析电子邮件以创建我可以(并且已经完成)的JSON对象。 But I've never actually used JSON—I don't know how to submit this to Google Calendar. 但我从未真正使用过 JSON,我不知道如何将其提交到Google日历。 I've read and re-read Google's documentation, but I don't clearly understand it. 我已经阅读并重新阅读了Google的文档,但是我不清楚。 Primarily, I don't understand how authentication can be completed without a user actually being there to input acceptance, which would defeat the purpose of this app. 首先,我不了解在没有用户实际输入接受状态的情况下如何完成身份验证,这将破坏该应用程序的目的。

Basically I am a designer turned amateur developer, and I'm strongest in PHP, with Javascript trailing behind significantly. 基本上,我是一名由设计师转为业余开发人员的人,而且我在PHP方面最强,而Javascript则明显落后。 I've built a web-app that will periodically call an HTTP request to a php document that should, having found new e-mails with events to post, parse them and post the events they contain. 我构建了一个Web应用程序,该应用程序将定期调用php文档的HTTP请求,该文档应该已找到带有事件的新电子邮件以进行发布,解析并发布其中包含的事件。 Every part of this is ready and waiting except for the posting part. 除过帐部分外,其他各部分均已准备就绪,正在等待。 If anyone can help me wrap my head around what is conceptually required to have a quiet, automatic procedure for posting to a Google Calendar I would be hugely grateful. 如果有人可以帮我解决问题,那么从概念上讲,需要一种安静的,自动的程序来发布到Google日历,我将不胜感激。 So far—just trying to get my feet in the water—this is where I've gotten to: 到目前为止-只是想让自己步入水中-这是我必须要做的:

<?php 
$url = "https://www.googleapis.com/calendar/v3/calendars/".$calendar."/events?sendNotifications=false&key={".$api_key."}";
?>

<script>
function goGoogle() {
data = "a json object will go here";
xhr = new XMLHttpRequest();
xhr.open("POST", "<?php echo $url?>", true);
xhr.setRequestHeader("Content-type", "application/json");
xhr.send(data); 
xhr.onreadystatechange = function() {
    alert(xhr.responseText);
}
}
</script>
<button onclick="goGoogle()">Sigh</button>

From the alert(xhr.responseText) call I get this at stages 2&3: alert(xhr.responseText)调用中,我在第2和第3阶段得到了这个:

{
 "error": {
  "errors": [
   {
    "domain": "global",
    "reason": "required",
    "message": "Login Required",
    "locationType": "header",
    "location": "Authorization"
   }
  ],
  "code": 401,
  "message": "Login Required"
 }
}

Now, I realize I haven't actually provided any authentication, here, so I'm not surprised it's failed. 现在,我意识到我实际上并没有提供任何身份验证,因此我不感到惊讶它失败了。 The problem is that I don't know how to authenticate. 问题是我不知道如何进行身份验证。 Help!? 救命!? :) :)

First, making sure I understand - you have an app that receives emails from various users and you want to post content from those emails to a shared Google calendar that requires authentication (otherwise you would have the ability to post those events to, say, my calendar which I wouldn't like at all). 首先,请确保我理解-您有一个应用程序可以接收来自各种用户的电子邮件,并且想要将这些电子邮件中的内容发布到需要身份验证的共享Google日历中(否则,您可以将这些事件发布到我的日历,我根本不想要)。 Furthermore, your app needs to do this without involving the end user. 此外,您的应用需要执行此操作,而无需最终用户参与。 However, you have some credentials/authentication to the shared calendar that you can encode in your app. 但是,您对共享日历有一些凭据/身份验证,可以在应用程序中对其进行编码。 (Otherwise you could again be posting to my calendar). (否则,您可能会再次发布到我的日历中)。 And finally, the entries that you make in the calendar will be "owned" by your app (that is to say, you would not have entered them on behalf of one of the users - since you don't have their credentials and they are not available to grant permission). 最后,您在日历中输入的内容将由您的应用“拥有”(也就是说,您不会代表其中一位用户输入它们-因为您没有他们的凭据,而无法授予权限)。

If all this is correct I think the place that you might start is to use ClientLogin authentication to the Google Calendar API. 如果所有步骤都正确,我认为您可能会开始使用ClientLogin身份验证到Google Calendar API。 The relevant documentation is at: https://developers.google.com/google-apps/calendar/v2/developers_guide_protocol#AuthClientLogin 相关文档位于: https : //developers.google.com/google-apps/calendar/v2/developers_guide_protocol#AuthClientLogin
Your app would use the credentials/authentication information that you have to access the shared calendar. 您的应用程序将使用访问共享日历所需的凭据/身份验证信息。

That page may also have additional information for you. 该页面可能还会为您提供其他信息。

My apologies if I misunderstood your question or if my response is too vague. 如果我误解了您的问题,或者我的回答太含糊,我深表歉意。 I haven't accessed the CalendarAPI in code, but I have been working on Authentication and OAuth2 code for the past few weeks. 我尚未使用代码访问CalendarAPI,但过去几周一直在研究Authentication和OAuth2代码。

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM