c# - 如何使用服务帐户通过 .NET C# 访问 Google Analytics API V3？

Question

我意识到这个问题之前已经被问过，但示例代码的方式很少，所以我再次问，但至少有一点方向。

经过数小时的搜索，我想出了以下部分实现。

namespace GoogleAnalyticsAPITest.Console
{
    using System.Security.Cryptography.X509Certificates;
    using DotNetOpenAuth.OAuth2;
    using Google.Apis.Analytics.v3;
    using Google.Apis.Analytics.v3.Data;
    using Google.Apis.Authentication.OAuth2;
    using Google.Apis.Authentication.OAuth2.DotNetOpenAuth;

    class Program
    {
        static void Main(string[] args)
        {
            log4net.Config.XmlConfigurator.Configure();
            string Scope = Google.Apis.Analytics.v3.AnalyticsService.Scopes.Analytics.ToString().ToLower();
            string scopeUrl = "https://www.googleapis.com/auth/" + Scope;
            const string ServiceAccountId = "nnnnnnnnnnn.apps.googleusercontent.com";
            const string ServiceAccountUser = "nnnnnnnnnnn@developer.gserviceaccount.com";
            AssertionFlowClient client = new AssertionFlowClient(
                GoogleAuthenticationServer.Description, new X509Certificate2(@"7039572692013fc5deada350904f55bad2588a2a-privatekey.p12", "notasecret", X509KeyStorageFlags.Exportable))
            {
                Scope = scopeUrl,
                ServiceAccountId = ServiceAccountId//,ServiceAccountUser = ServiceAccountUser
            };
            IAuthorizationState state = AssertionFlowClient.GetState(client);
            AnalyticsService service = new AnalyticsService(authenticator);
            string profileId = "ga:xxxxxxxx";
            string startDate = "2010-10-01";
            string endDate = "2010-10-18";
            string metrics = "ga:visits";
            DataResource.GaResource.GetRequest request = service.Data.Ga.Get(profileId, startDate, endDate, metrics);
            request.Dimensions = "ga:date";
            GaData data = request.Fetch();
        }
    }
}

我有几个问题。调用会AssertionFlowClient.GetState(client)导致“invalid_scope”响应，如 DotNetOpenAuth 日志中所示

2012-10-19 13:27:36,272 (GMT-4) [8] 信息 DotNetOpenAuth - DotNetOpenAuth，版本=4.0.0.11165，文化=中性，PublicKeyToken=2780ccd10d57b246（官方）2012-10-19 13:27:36,284（ GMT-4) [8] 调试 DotNetOpenAuth.Messaging.Channel - 准备发送 AssertionFlowMessage (2.0) 消息。2012-10-19 13:27:36,294 (GMT-4) [8] INFO DotNetOpenAuth.Messaging.Channel - 为https://accounts.google.com/o/oauth2/token准备传出 AssertionFlowMessage (2.0) 消息：grant_type : assertion assertion_type: http://oauth.net/grant_type/jwt/1.0/bearer assertion: (一堆编码字符到这里)

2012-10-19 13:27:36,296 (GMT-4) [8] 调试 DotNetOpenAuth.Messaging.Channel - 发送 AssertionFlowMessage 请求。2012-10-19 13:27:36,830 (GMT-4) [8] 调试 DotNetOpenAuth.Http - HTTP POST https://accounts.google.com/o/oauth2/token 2012-10-19 13:27:36,954 (GMT-4) [8] 错误 DotNetOpenAuth.Http - 来自https://accounts.google.com/o/oauth2/token的 WebException : { "error" : "invalid_scope" }

我尝试指定 ServiceAccountId 和 ServiceAccountUser 中的一个或两个，但没有成功。

其次，即使我获得了 IAuthorizationState，我也不确定如何获得可以传递给 AnalyticsService 构造函数的 IAuthenticator。

以下是我用来启用 D​​otNetOpenAuth 日志记录的 web.config。

<?xml version="1.0"?>
<configuration>
  <configSections>
    <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler,log4net, Version=1.2.10.0, Culture=neutral, publicKeyToken=1b44e1d426115821" />
    <!--<section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false"/>-->
    <sectionGroup name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection, DotNetOpenAuth">
      <section name="openid" type="DotNetOpenAuth.Configuration.OpenIdElement, DotNetOpenAuth" requirePermission="false" allowLocation="true"/>
      <section name="oauth" type="DotNetOpenAuth.Configuration.OAuthElement, DotNetOpenAuth" requirePermission="false" allowLocation="true"/>
      <section name="messaging" type="DotNetOpenAuth.Configuration.MessagingElement, DotNetOpenAuth" requirePermission="false" allowLocation="true"/>
      <section name="reporting" type="DotNetOpenAuth.Configuration.ReportingElement, DotNetOpenAuth" requirePermission="false" allowLocation="true"/>
    </sectionGroup>
  </configSections>
  <log4net>
    <appender name="RollingFileAppender" type="log4net.Appender.RollingFileAppender">
      <file value="DotNetOpenAuth.log"/>
      <appendToFile value="true"/>
      <rollingStyle value="Size"/>
      <maxSizeRollBackups value="10"/>
      <maximumFileSize value="100KB"/>
      <staticLogFileName value="true"/>
      <layout type="log4net.Layout.PatternLayout">
        <conversionPattern value="%date (GMT%date{%z}) [%thread] %-5level %logger - %message%newline"/>
      </layout>
    </appender>
    <appender name="TracePageAppender" type="OpenIdProviderWebForms.Code.TracePageAppender, OpenIdProviderWebForms">
      <layout type="log4net.Layout.PatternLayout">
        <conversionPattern value="%date (GMT%date{%z}) [%thread] %-5level %logger - %message%newline"/>
      </layout>
    </appender>
    <!-- Setup the root category, add the appenders and set the default level -->
    <root>
      <level value="ALL"/>
      <appender-ref ref="RollingFileAppender"/>
      <appender-ref ref="TracePageAppender"/>
    </root>
    <!-- Specify the level for some specific categories -->
    <logger name="DotNetOpenAuth">
      <level value="ALL"/>
    </logger>
  </log4net>
  <dotNetOpenAuth>
    <!-- This is an optional configuration section where aspects of dotnetopenauth can be customized. -->
    <!-- For a complete set of configuration options see http://www.dotnetopenauth.net/developers/code-snippets/configuration-options/ -->
    <!--<messaging clockSkew="00:10:00" lifetime="00:03:00" strict="true">-->
    <!--<messaging>
      <untrustedWebRequest timeout="00:00:30" readWriteTimeout="00:00:01.500" maximumBytesToRead="1048576" maximumRedirections="10">
        <whitelistHosts>
          -->
    <!-- Uncomment to enable communication with localhost (should generally not activate in production!) -->
    <!--
          <add name="localhost"/>            
        </whitelistHosts>
      </untrustedWebRequest>
    </messaging>-->
    <!-- Allow DotNetOpenAuth to publish usage statistics to library authors to improve the library. -->
    <reporting enabled="false"/>
  </dotNetOpenAuth>
  <appSettings>
    <!--<add key="log4net.Internal.Debug" value="true" />-->
  </appSettings>
  <runtime>
  </runtime>
  <startup>
    <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/>
  </startup>
</configuration>

Answer 1

以下代码，从我原来的问题更正，基于 Ian Fraser 在以下位置提供的示例：

https://groups.google.com/forum/#!msg/google-search-api-for-shopping/4uUGirzH4Rw/__c0e4hj0ekJ

他的代码解决了三个问题：

1. 似乎 AnalyticsService.Scopes.AnalyticsReadonly 不起作用，至少对我或我这样做的方式不起作用。
2. 出于某种原因，必须将 ServiceAccountUser 分配给 AssertionFlowClient 实例的 ServiceAccountId 属性。
3. OAuth2Authenticator 提供了我正在寻找的 IAuthenticator。

在您的项目中，包括对以下内容的引用：

• Lib\DotNetOpenAuth.dll
• 库\Google.Apis.dll
• Lib\Google.Apis.Authentication.OAuth2.dll
• 服务\AnalyticsService\Google.Apis.Analytics.v3.dll

-

namespace GoogleAnalyticsAPITest.Console
{
    using System.Security.Cryptography.X509Certificates;
    using Google.Apis.Analytics.v3;
    using Google.Apis.Analytics.v3.Data;
    using Google.Apis.Authentication.OAuth2;
    using Google.Apis.Authentication.OAuth2.DotNetOpenAuth;
    using Google.Apis.Util;

    class Program
    {
        static void Main(string[] args)
        {
            log4net.Config.XmlConfigurator.Configure();            
            const string ServiceAccountId = "nnnnnnnnnnn.apps.googleusercontent.com";
            const string ServiceAccountUser = "nnnnnnnnnnn@developer.gserviceaccount.com";
            AssertionFlowClient client = new AssertionFlowClient(
                GoogleAuthenticationServer.Description, new X509Certificate2(@"value-privatekey.p12", "notasecret", X509KeyStorageFlags.Exportable))
            {
                Scope = AnalyticsService.Scopes.AnalyticsReadonly.GetStringValue(),
                ServiceAccountId = ServiceAccountUser //Bug, why does ServiceAccountUser have to be assigned to ServiceAccountId
                //,ServiceAccountUser = ServiceAccountUser
            };
            OAuth2Authenticator<AssertionFlowClient> authenticator = new OAuth2Authenticator<AssertionFlowClient>(client, AssertionFlowClient.GetState);            
            AnalyticsService service = new AnalyticsService(authenticator);            
            string profileId = "ga:64968920";
            string startDate = "2010-10-01";
            string endDate = "2010-10-31";
            string metrics = "ga:visits";
            DataResource.GaResource.GetRequest request = service.Data.Ga.Get(profileId, startDate, endDate, metrics);
            request.Dimensions = "ga:date";
            GaData data = request.Fetch();            
        }

    }
}

Answer 2

我昨天检查了分析 API，注意到它是多么无证，也没有样本等。

无论如何，我创建了一个库，您可以使用它通过几行轻松访问分析，并直接将数据绑定到 DataTables 以获取返回的数据，它在 github 上是开源的，所以请随意贡献:)

https://github.com/rmostafa/DotNetAnalyticsAPI

用法

Analytics.AnalyticsManager manager = new Analytics.AnalyticsManager(Server.MapPath("~/bin/privatekey.p12"), "YOUR_EMAIL");
            manager.LoadAnalyticsProfiles();


List<Analytics.Data.DataItem> metrics = new List<Analytics.Data.DataItem>();
metrics.Add(Analytics.Data.Visitor.Metrics.visitors);
metrics.Add(Analytics.Data.Session.Metrics.visits);
List<Analytics.Data.DataItem> dimensions = new List<Analytics.Data.DataItem>();
dimensions.Add(Analytics.Data.GeoNetwork.Dimensions.country);
dimensions.Add(Analytics.Data.GeoNetwork.Dimensions.city);


System.Data.DataTable table = manager.GetGaDataTable(DateTime.Today.AddDays(-3), DateTime.Today, metrics, dimensions, null, metrics);

所有 Google API 报告命令都有直接的代码映射，其分类方式与 API 相同，因此即使根本不阅读 API 文档，您也可以使用它，因为属性中记录了所有功能，我编写了解析完整 api 文档的代码和资源化了我从物理类生成的 XML 中的 Metrics、Dimensions、Calculated Features，您可以像上面的示例一样直接使用它们，玩起来很有趣 :) 享受

https://github.com/rmostafa/DotNetAnalyticsAPI

Answer 3

string scope = Google.Apis.Util.Utilities.GetStringValue(AnalyticsService.Scopes.AnalyticsReadonly);

Answer 4

这是我在此处发布的工作示例 [1]：Automated use of google-api-dotnet-client with OAuth 2.0我对查找和拼凑代码进行了大量研究，希望这可以节省您一些时间。

Answer 5

关于 Richard Collette 的回答，如果您想在 READONLY 模式下使用 Analytics API，请注意使用他的方法，正确的使用方法是：

string Scope = "analytics.readonly"

并不是

string Scope = AnalyticsService.Scopes.AnalyticsReadOnly.ToString().ToLower()

正如他似乎告诉有一个错误。事实上，错误在于该.toString()方法返回analyticsreadonly而不是analytics.readonlyGoogle 喜欢的方式。就是这样。