我在我的网站上使用谷歌配置 api。我想使用 AppsService 类对用户进行身份验证。
AppsService service = new AppsService("domain", "admin username", "admin password");
UserEntry user = service.RetrieveUser("username");
但它抛出异常:请求执行失败:https ://apps-apis.google.com/a/feeds/pmu.mygbiz.com/user/2.0/username
InnerException 是:远程服务器返回错误:(503)服务器不可用。
它在 6 个月前工作。
ClientLogin(登录名和密码)已于 2012 年 4 月 20 日弃用,并于 2015 年 5 月 26 日关闭。此代码将不再有效,您需要切换到使用 Oauth2。
我认为您还需要切换到管理目录 api
PM> Install-Package Google.Apis.Admin.Directory.directory_v1
更新代码:
我可以给你一些示例代码,但我不能 100% 测试它我没有应用程序域。
助手类:
class AuthenticationHelper
{
/// <summary>
/// Authenticate to Google Using Oauth2
/// Documentation https://developers.google.com/accounts/docs/OAuth2
/// </summary>
/// <param name="clientId">From Google Developer console https://console.developers.google.com</param>
/// <param name="clientSecret">From Google Developer console https://console.developers.google.com</param>
/// <param name="userName">A string used to identify a user.</param>
/// <returns></returns>
public static DirectoryService AuthenticateOauth(string clientId, string clientSecret, string userName)
{
// There are a lot of scopes check here: https://developers.google.com/admin-sdk/directory/v1/guides/authorizing
string[] scopes = new string[] {
DirectoryService.Scope.AdminDirectoryGroup , // Manage your Groups
DirectoryService.Scope.AdminDirectoryUser // Manage users
};
try
{
// here is where we Request the user to give us access, or use the Refresh Token that was previously stored in %AppData%
UserCredential credential = GoogleWebAuthorizationBroker.AuthorizeAsync(new ClientSecrets { ClientId = clientId, ClientSecret = clientSecret }
, scopes
, userName
, CancellationToken.None
, new FileDataStore("Daimto.AdminSDK.Auth.Store")).Result;
DirectoryService service = new DirectoryService(new BaseClientService.Initializer()
{
HttpClientInitializer = credential,
ApplicationName = "Directory API Sample",
});
return service;
}
catch (Exception ex)
{
Console.WriteLine(ex.InnerException);
return null;
}
}
/// <summary>
/// Authenticating to Google using a Service account
/// Documentation: https://developers.google.com/accounts/docs/OAuth2#serviceaccount
/// </summary>
/// <param name="serviceAccountEmail">From Google Developer console https://console.developers.google.com</param>
/// <param name="keyFilePath">Location of the Service account key file downloaded from Google Developer console https://console.developers.google.com</param>
/// <returns></returns>
public static DirectoryService AuthenticateServiceAccount(string serviceAccountEmail, string keyFilePath)
{
// check the file exists
if (!File.Exists(keyFilePath))
{
Console.WriteLine("An Error occurred - Key file does not exist");
return null;
}
// There are a lot of scopes check here: https://developers.google.com/admin-sdk/directory/v1/guides/authorizing
string[] scopes = new string[] {
DirectoryService.Scope.AdminDirectoryGroup , // Manage your Groups
DirectoryService.Scope.AdminDirectoryUser // Manage users
};
var certificate = new X509Certificate2(keyFilePath, "notasecret", X509KeyStorageFlags.Exportable);
try
{
ServiceAccountCredential credential = new ServiceAccountCredential(
new ServiceAccountCredential.Initializer(serviceAccountEmail)
{
Scopes = scopes
}.FromCertificate(certificate));
// Create the service.
DirectoryService service = new DirectoryService(new BaseClientService.Initializer()
{
HttpClientInitializer = credential,
ApplicationName = "Directory API Sample",
});
return service;
}
catch (Exception ex)
{
Console.WriteLine(ex.InnerException);
return null;
}
}
}
验证:
var service = AuthenticationHelper.AuthenticateOauth("xxxxx-d0vpdthl4ms0soutcrpe036ckqn7rfpn.apps.googleusercontent.com", "NDmluNfTgUk6wgmy7cFo64RV", "userID");
发出请求:
try
{
var userList = service.Users.List();
userList.MaxResults = 10;
userList.Execute();
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
Console.ReadLine();