python - failedPrecondition when using google Oauth2 Service Account -

-

there're 3 types of google api client_id:
1. web application
2. service account
3. installed application

i have used 3. installed application successfullly base on oauth2client, failed on 2. service account. wanna access own gmail inbox oauth2.0 credentials.

import imaplib import json import urllib2 oauth2client.client import signedjwtassertioncredentials httplib2 import http apiclient.discovery import build import os  reldir = os.path.dirname(os.path.relpath(__file__)) client_secret_file = os.path.join(reldir, 'gmail_service.json') oauth_scope = "https://mail.google.com" gmail_address = 'my_gmail_address@gmail.com'  def jwt_oauth2():     '''     https://developers.google.com/identity/protocols/oauth2serviceaccount     '''     open(client_secret_file) f:         data = json.loads(f.read())     private_key = data['private_key']     client_email = data['client_email']     credentials = signedjwtassertioncredentials(         client_email,   private_key, scope=oauth_scope)      http_auth = credentials.authorize(http())     try:         gmail_service = build('gmail', 'v1', http=http_auth)         threads = gmail_service.users().messages().list(userid='me').execute()     except exception e:         return e

i got exception same question. encounter exception while trying add sub=gmail_address credentials:
accesstokenrefresherror: unauthorized_client: unauthorized client or scope in request.

i'm trying figure out problem, credentials without sub:

>>> credentials = signedjwtassertioncredentials(     client_email,   private_key, scope=oauth_scope) >>> http = credentials.authorize(http()) >>> credentials.access_token >>> credentials.refresh(http) >>> credentials.access_token u'ya29.pagjjddcxjwsihfn6hku1yakdwn7xmjbks5o76pmrpe1hw1bbgwfzifjp81ade55almvgjv-ybyiyq' >>> gmail_service = build('gmail', 'v1', http=http) >>> request = gmail_service.users().messages().list(userid='me') >>> response = request.execute() {  "error": {   "errors": [    {     "domain": "global",     "reason": "failedprecondition",     "message": "bad request"    }   ],   "code": 400,   "message": "bad request"  } }

try use credentials sub: 

>>> credentials = signedjwtassertioncredentials(     client_email,   private_key, scope=oauth_scope, sub=gmail_address) >>> http = credentials.authorize(http()) >>> credentials.access_token >>> credentials.refresh(http) accesstokenrefresherror: unauthorized_client: unauthorized client or scope in request.

i found similar question google oauth2 service account http/rest authentication, don't know node.js. appreciated.

you should use sub field specify account want impersonate.

say, using service account, want details of user user@domain.com, sub field should populated as:

sub: user@domain.com

you should make sure have given service account access users in domain. refer - https://developers.google.com/drive/web/delegation


Comments

Post a Comment

Popular posts from this blog

Android : Making Listview full screen -

-
<linearlayout xmlns:android="http://schemas.android.com/apk/res/android" xmlns:tools="http://schemas.android.com/tools" android:layout_width="match_parent" android:layout_height="match_parent" android:orientation="vertical" tools:context=".mainactivity"> <edittext android:layout_margintop="5dp" android:layout_width="match_parent" android:layout_height="50dp" android:background="@drawable/location_edittext" android:id="@+id/locationeditext" android:textsize="15sp" android:textcolor="#999" android:paddingleft="15dp" /> <com.example.ravi_gupta.slider.viewpagercustomduration android:layout_width="wrap_content" android:layout_height="0dp" android:id="@+id/viewpager" android:scrollbarstyle="outsideoverlay" android:layout_weight="0.5&quo
Read more

javascript - Parse JSON from the body of the POST -

-
i'm using cameratag.com record video on website. service can send json response server can save data database. don't know how proceed here: the documentation states please note json repsonse passed in body of post , not form parameters. here example of how parse response in ruby: data = json.parse(request.raw_post) video_uuid = data["uuid"] but don't know how data on javascript. i'm not experienced in js please bare me :) post sample: { "uuid": "00012710-4b65-0131-ffe6-22000a499ea4", "camera_uuid": "98373a20-79ee-0130-3e42-1231390fcc11", "created_at": "2013-12-20t05:25:02.000z", "percent_complete": 100, "short_code": "kktb4q", "metadata": { }, "state": "published", "recorded_from": "http://singwho.com", "publish_type": null, "formats": [ { "name&qu
Read more

javascript - Chrome Extension: Interacting with iframe embedded within popup -

-
i writing chrome extension needs interact urls user not have open. therefore using hidden iframes embedded within popup, , attempting click button within iframe. however, receiving same origin policy error. know possible extension interact iframes of different domain via content scripts when iframe on tab user has open, not sure if possible use content scripts interact iframes directly in popup. here code: manifest.json "content_scripts": [ { "js": [ "bin/jquery.min.js", "interaction.js" ], "all_frames": true, "run_at": "document_start", "matches": [ "http://*/*", "https://*/*" ] }], "permissions": [ "activetab", "tabs", "http://*/", "https://*/" ], interaction.js $(document).ready(function() { $('div#iframes').append("<iframe id='shop' src=
Read more