1

我已经彻底阅读了这篇文章:https ://developers.google.com/google-apps/documents-list/#using_google_apps_administrative_access_to_impersonate_other_domain_users 我已经用谷歌搜索死了。

到目前为止,我已经能够:

  1. 授权:

    • 客户登录
    • OAuth 令牌(使用我的域密钥)

  2. 为域中的所有用户检索文档提要(在 #1 中以任一方式授权)
    我正在使用提要中的“条目”来导出/下载文档,并且对于未与管理员共享的文档,其他用户总是被禁止。我正在使用的提要查询是这样的:( https://docs.google.com/feeds/userid@mydomain.com/private/full/?v=3 我尝试过使用和不使用 ?v=3)

我还尝试在 uri 和客户端属性中添加 xoauth_requestor_id(我在帖子中也看到了 xoauth_requestor):client.xoauth_requestor_id = ...

代码片段:

客户端登录(使用管理员凭据):

client.http_client.debug = cfg.get('HTTPDEBUG')
client.ClientLogin( cfg.get('ADMINUSER'), cfg.get('ADMINPASS'), 'HOSTED' )

认证:

client.http_client.debug = cfg.get('HTTPDEBUG')
client.SetOAuthInputParameters( gdata.auth.OAuthSignatureMethod.HMAC_SHA1, cfg.get('DOMAIN'), cfg.get('APPS.SECRET') )
oatip = gdata.auth.OAuthInputParams( gdata.auth.OAuthSignatureMethod.HMAC_SHA1, cfg.get('DOMAIN'), cfg.get('APPS.SECRET') )
oat = gdata.auth.OAuthToken( scopes = cfg.get('APPS.%s.SCOPES' % section), oauth_input_params = oatip )
oat.set_token_string( cfg.get('APPS.%s.TOKEN' % section) )
client.current_token = oat

检索到提要后:

# pathname eg whatever.doc
client.Export(entry, pathname)
# have also tried
client.Export(entry, pathname, extra_params = { 'v': 3 } )
# and tried
client.Export(entry, pathname, extra_params = { 'v': 3, 'xoauth_requestor_id': 'admin@mydomain.com' } )

关于我在这里缺少什么的任何建议或指示?谢谢

4

1 回答 1

1

您非常接近正确实施。在上面的示例中,您有:

client.Export(entry, pathname, extra_params = { 'v': 3, 'xoauth_requestor_id': 'admin@mydomain.com' } )

xoauth_requestor_id 必须设置为您要模拟的用户。您还需要在令牌或客户端中使用带有 xoauth_requestor_id 设置的 2-Legged OAuth 1.0a。

import gdata.docs.client
import gdata.gauth

import tempfile


# Replace with values from your Google Apps domain admin console
CONSUMER_KEY = ''
CONSUMER_SECRET = ''

# Set this to the user you're impersonating, NOT the admin user
username = 'userid@mydomain.com'
destination = tempfile.mkstemp()

token = gdata.gauth.TwoLeggedOAuthHmacToken(
    consumer_key, consumer_secret, username)
# Setting xoauth_requestor_id in the DocsClient constructor is not required
# because we set it in the token above, but I'm showing it here in case your
# token is constructed via some other mechanism and you need another way to
# set xoauth_requestor_id.
client = gdata.docs.client.DocsClient(
    auth_token=token, xoauth_requestor_id=username)
# Replace this with the resource your application needs
resource = client.GetAllResources()[0]
client.DownloadResource(resource, path)
print 'Downloaded %s to %s' % (resource.title.text, destination)

这是 TwoLeggedOAuthHmacToken 类的源代码中的引用:

  1. http://code.google.com/p/gdata-python-client/source/browse/src/gdata/gauth.py#1062

以下是源代码中提供 xoauth_requestor_id 构造函数参数的引用(按顺序阅读):

  1. http://code.google.com/p/gdata-python-client/source/browse/src/atom/client.py#42
  2. http://code.google.com/p/gdata-python-client/source/browse/src/atom/client.py#179
  3. http://code.google.com/p/gdata-python-client/source/browse/src/gdata/client.py#136
于 2012-04-13T00:27:54.113 回答