1. 首页
  2. 问答
  3. Google App Engine Admin SDK Reports API返回403权限不足错误

Google App Engine Admin SDK Reports API返回403权限不足错误

2013-10-16 49 views
0

我开始使用Google的App Engine的一些示例代码。Google App Engine Admin SDK Reports API返回403权限不足错误

我的应用程序需要使用Google Admin SDK中的Directory API和Reports API。

我在API控制台中创建了一个项目,并打开了Services中的Admin SDK。

我在我的域的Google cPanel中的高级工具的“管理API客户端访问”部分添加了范围(与以下代码中使用的相同)。

对号码簿API的调用有效。

之后,调用报告API失败,出现错误消息:

“HttpError:https://www.googleapis.com/admin/reports/v1/activity/users/all/applications/ admin?alt = json返回“Insufficient Permission”>“

非常感谢您的帮助。

import webapp2 
import os 
from apiclient.discovery import build 
from oauth2client.appengine import OAuth2Decorator 
from oauth2client.appengine import OAuth2DecoratorFromClientSecrets 
from apiclient import errors 
import logging 
import json 

decorator = OAuth2DecoratorFromClientSecrets(
    os.path.join(os.path.dirname(__file__), 'client_secrets.json'), 
    'https://www.googleapis.com/auth/admin.directory.user.readonly') 

directoryauthdecorator = OAuth2Decorator(
    client_id='123.apps.googleusercontent.com', 
    client_secret='456-abc', 
    callback_path='/oauth2callback', 
    scope='https://www.googleapis.com/auth/admin.directory.user.readonly ' 
      'https://www.googleapis.com/auth/admin.reports.audit.readonly ' 
      'https://www.googleapis.com/auth/admin.reports.usage.readonly' 
) 

class MainHandler(webapp2.RequestHandler): 
    def get(self): 
     self.response.write('Hello world!') 

class OAuthHandler(webapp2.RequestHandler): 
    @directoryauthdecorator.oauth_required 
    def get(self): 
     users = [] 

     # Get the authorized Http object created by the decorator. 
     auth_http = directoryauthdecorator.http() 

     # Get the directory service 
     service = build("admin", "directory_v1", http=auth_http) 

     result = [] 
     page_token = None 
     while True: 
      try: 
       param = {} 
       param['domain'] = 'mydomain.com' 
       if page_token: 
        param['pageToken'] = page_token 

       files = service.users().list(**param).execute() 
       result.extend(files['users']) 
       page_token = files.get('nextPageToken') 
       if not page_token: 
        break 
      except errors.HttpError, error: 
       print 'An error occurred: %s' % error 
       break 


     users = [] 
     for user in result: 
      logging.info(user['primaryEmail']) 
      users.append(user['primaryEmail']) 

     param = {} 
     param['userKey'] = 'all' 
     param['applicationName'] = 'admin' 

     service = build('admin', 'reports_v1', http=auth_http) 

     # this call fails with the 403 Insufficient Permissions error 
     results = service.activities().list(**param).execute() 
     logging.info(results) 

app = webapp2.WSGIApplication([ 
    ('/', MainHandler), 
    ('/users', OAuthHandler), 
    (directoryauthdecorator.callback_path, directoryauthdecorator.callback_handler()), 
], debug=True)

来源

2013-10-16 hayseed

+1

小费。尝试使用oauth游乐场(https://developers.google.com/oauthplayground/)手动执行您所需的任务。请注意http请求。现在记录来自您的应用程序的http请求,并发挥点差。 – pinoyyid

回答

0

我读this后和清除从数据存储的凭据。

再次击中/ users url我得到了redirect_uri错误消息。

我回到了API项目,修复了重定向URI,并下载了client_secrets.json文件。

现在这两个调用都起作用(一个用于Directory API,另一个用于Reports API)。

来源

2013-10-17 15:10:39 hayseed

相关问题

 相关问题