[英]google api - server to server auth can access but not expected data
[英]Google API - Auth server to server
我需要一項服務來處理 PHP Symfony 中開發的項目中 gmail 帳戶中的電子郵件...
我找到了這個例子: https://github.com/googleapis/google-api-php-client/blob/main/docs/oauth-server.md但比幫助更令人困惑......
我寫了這段代碼:
src/服務/Gmail.php
<?php
namespace App\Service;
use Google\Client;
class Gmail
{
private \Google\Service\Gmail $api;
private function getGoogleClient(): Client
{
$credentialsPath = getenv('GOOGLE_APPLICATION_CREDENTIALS');
if (empty($credentialsPath)) {
throw new \Exception('You need to set env var GOOGLE_APPLICATION_CREDENTIALS');
}
if (!file_exists($credentialsPath)) {
throw new \Exception('Credentials file path ' . getenv('GOOGLE_APPLICATION_CREDENTIALS') . ' set in GOOGLE_APPLICATION_CREDENTIALS does not exist');
}
$client = new Client();
$client->useApplicationDefaultCredentials();
return $client;
}
private function getApi(): \Google\Service\Gmail
{
if (!isset($this->api)) {
$this->api = new \Google\Service\Gmail($this->getGoogleClient());
}
return $this->api;
}
public function getUserMessages($userId): \Google\Service\Gmail\ListMessagesResponse
{
return $this->getApi()->users_messages->listUsersMessages($userId);
}
}
然后我按照 Google Workspace for developers 中描述的步驟進行操作:
但此時我不知道我需要什么類型的憑據:“OAuth 客戶端 ID”還是“服務帳戶”??? 如果我選擇“Oauth 客戶端 ID”,我想我必須使用服務器端 url 的應用程序類型“Web 應用程序”? 還是選擇“服務帳戶”?
使用服務帳戶我收到此錯誤:
In REST.php line 134:
{
"error": {
"code": 401,
"message": "Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.
google.com/identity/sign-in/web/devconsole-project.",
"errors": [
{
"message": "Login Required.",
"domain": "global",
"reason": "required",
"location": "Authorization",
"locationType": "header"
}
],
"status": "UNAUTHENTICATED",
"details": [
{
"@type": "type.googleapis.com/google.rpc.ErrorInfo",
"reason": "CREDENTIALS_MISSING",
"domain": "googleapis.com",
"metadata": {
"service": "gmail.googleapis.com",
"method": "caribou.api.proto.MailboxService.ListMessages"
}
}
]
}
}
您尚未正確授權您的服務帳戶委托給您域中的用戶。
require_once('../../vendor/autoload.php');
// Some user within your workspace domain
$user_to_impersonate = "your@domain.com";
$sender = $user_to_impersonate;
$to = 'another@domain.com';
$subject = 'Hello';
$messageText = 'How are you doing?';
// The path to your service account credentials goes here.
putenv("GOOGLE_APPLICATION_CREDENTIALS=credentials.json");
$client = new Google_Client();
$client->useApplicationDefaultCredentials();
$client->setSubject($sender);
$client->setApplicationName("Quickstart");
$client->setScopes(["https://mail.google.com/"]);
$service = new Google_Service_Gmail($client);
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.