0

我正在尝试使用服务帐户访问我的域的 google api。这是我的教程https://developers.google.com/accounts/docs/OAuth2ServiceAccount

第一个:我访问“console.developers.google.com”并创建新项目。我在我的项目中添加了日历 API。之后,我创建凭据 OAuth“服务帐户”。我使用此密钥并使用角色“ https://www.googleapis.com/auth/calendar ”创建和访问令牌。我获得了 access_token 成功。

第二,我访问“admin.google.com”并去管理API客户端访问。我添加了角色为“ https://www.googleapis.com/auth/calendar ”的客户 ID

但是当我使用此访问权限访问 GET 请求时 https://www.googleapis.com/calendar/v3/calendars/[CalendarID]?access_token= ???

我总是收到消息

{
 "error": {
  "errors": [
   {
    "domain": "global",
    "reason": "notFound",
    "message": "Not Found"
   }
  ],
  "code": 404,
  "message": "Not Found"
 }
}

似乎我的 access_token 无法访问我的域。这是我创建 access_token 的源代码。

$private_key = openssl_pkey_get_private('file://key.pem', 'notasecret');

$header = array("alg" => "RS256", "typ" => "JWT");
$header = base64_encode(utf8_encode(json_encode($header)));
$exp = time() + (60 * 60); 


$jwt_cs = array(
   "iss" => "ClientEmail@MyApp",
   "scope" => "https://www.googleapis.com/auth/calendar",
   "aud" => "https://www.googleapis.com/oauth2/v3/token",
   "exp" => $exp,
   "iat" => time(),
   "access_type" => "offline"
);
$jwt_cs = base64_encode(utf8_encode(json_encode($jwt_cs)));

openssl_sign($header.'.'.$jwt_cs, $sign, $private_key, 'sha256WithRSAEncryption');

$sign = base64_encode($sign);

$jwt = $header.'.'.$jwt_cs.'.'.$sign;
$login_data = array(
    'grant_type' => 'urn:ietf:params:oauth:grant-type:jwt-bearer',
    'assertion' => $jwt
);
$url='https://www.googleapis.com/oauth2/v3/token';

$ch = curl_init($url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($login_data));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$res = curl_exec($ch);
curl_close($ch);

你能告诉我我的错吗?

4

0 回答 0