我有一个具有域范围委派设置的服务帐户,我正在尝试使用该服务帐户创建新帐户( google-api-services-admin-directory ),然后添加一些预设的日历( google-api-services-calendar )到新创建的帐户。
我的目录api没问题。我必须使用服务帐户创建一个委派的(管理员)用户,并且所有 directory-api 调用都可以正常工作。
但是,我一直无法使 calendar-api 调用正常工作。
Java依赖项:
df.to_dict(orient='records')
Java代码:
compile group: 'com.google.auth',name: 'google-auth-library-oauth2-http',version:'0.20.0'
compile group: 'com.google.apis',name: 'google-api-services-admin-directory',version:'directory_v1-rev53-1.20.0'
compile group: 'com.google.apis',name: 'google-api-services-calendar',version:'v3-rev20200315-1.30.9'
堆栈跟踪:
private static final JsonFactory JSON_FactORY = JacksonFactory.getDefaultInstance();
private static final List<String> SCOPES =
Arrays.asList(DirectoryScopes.ADMIN_DIRECTORY_USER,DirectoryScopes.ADMIN_DIRECTORY_GROUP,CalendarScopes.CALENDAR);
private static final String CREDENTIALS_FILE_PATH = "config/google-service-account-credentials.json";
.....
HTTP_TRANSPORT = GoogleNetHttpTransport.newTrustedTransport();
sourceCredentials =
ServiceaccountCredentials.fromStream(new FileInputStream(CREDENTIALS_FILE_PATH));
sourceCredentials = (ServiceaccountCredentials) sourceCredentials.createScoped(SCOPES);
.....
GoogleCredentials targetcredentials = sourceCredentials.createDelegated("newuser@email");
HttpRequestInitializer requestInitializer = new HttpCredentialsAdapter(targetcredentials);
targetcredentials.refreshIfExpired();//Not sure if this is required. It didn't help though
Calendar calendarService = new Calendar.Builder(HTTP_TRANSPORT,JSON_FactORY,requestInitializer).setapplicationName(MainApp.SERVICE_NAME).build();
for (String calendarKey : listOfCalendars)) {
CalendarListEntry cle = new CalendarListEntry();
cle.setId(calendarKey);
calendarService.calendarList().insert(cle).execute();//Fails with a 401
}
有趣的是错误是间歇性的。重新部署后,我总是可以第一次尝试工作。接下来,这是一个成功或失败的机会。
- 我确实将服务帐户添加到了要添加的日历中,并确保该服务帐户是日历上的“所有者”。