java - Google Domain API 在响应中不断返回 401/403。我究竟做错了什么？

Question

我正在尝试使用 Google Domains API 将简单的活动插入到授权用户的 Google+ 个人资料中。这个 API 似乎只适用于 Google Apps（现在的 G Suite）帐户和 ISV，所以我创建了一个 G Suite 帐户。这是在使用常规 Google 开发人员帐户进行多次尝试后，我得到了此处显示的相同错误。

理想情况下，我想通过这里记录的 HTTP 端点来实现这一点。

我创建了一个谷歌应用程序并生成了 OAuth2 CLIENT_ID 和 CLIENT_SECRET，当然我也启用了 Domains API。以下 Java 代码显示了为实现我的目标所采取的步骤。

import com.google.api.client.googleapis.auth.oauth2.GoogleAuthorizationCodeFlow;
import com.google.api.client.googleapis.auth.oauth2.GoogleTokenResponse;
import com.google.api.client.http.javanet.NetHttpTransport;
import com.google.api.client.json.jackson2.JacksonFactory;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.HttpClientBuilder;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.Arrays;
import java.util.List;

public class GooglePlustShenanigans {

    private static final String CLIENT_SECRET = "<client_secret>";

    private static final String CLIENT_ID = "<client_id>";

    private static final List<String> SCOPE = Arrays.asList(
            "https://www.googleapis.com/auth/plus.me",
            "https://www.googleapis.com/auth/plus.stream.write");
    private static final String REDIRECT_URI = "https://www.someuri.com/oauth2callback";


    public static void main(String[] args) throws IOException {
        GoogleAuthorizationCodeFlow flow = new GoogleAuthorizationCodeFlow.Builder(
                new NetHttpTransport(),
                new JacksonFactory(),
                CLIENT_ID,
                CLIENT_SECRET,
                SCOPE)
                .setAccessType("offline")// Set to offline so that the token can be refreshed.
                .build();
        String url = flow.newAuthorizationUrl().setRedirectUri(REDIRECT_URI).build();

        System.out.println("Please open the following URL in your browser then " +
                "type the authorization code:");
        System.out.println("  " + url);

        BufferedReader br = new BufferedReader(new InputStreamReader(System.in));
        String code = br.readLine();

        GoogleTokenResponse tokenResponse = flow.newTokenRequest(code)
                .setRedirectUri(REDIRECT_URI).execute();

        String token = tokenResponse.getAccessToken();
        String refreshToken = tokenResponse.getRefreshToken();

        System.out.println("Access token: " + token);
        System.out.println("Refresh token: " + refreshToken);

        post("Sample message", token);
    }

    public static void post(String msg, String token) throws IOException {
        HttpClient client = HttpClientBuilder.create().build();
        HttpPost post = new HttpPost("https://www.googleapis.com/plusDomains/v1/people/me/activities");
        StringEntity body = new StringEntity("{\"object\":{\"originalContent\":\"" + msg + "\"}," +
                "\"access\":{\"items\":[{\"type\":\"domain\"}],\"domainRestricted\":true}}");
        post.setHeader("Content-Type", "application/json");
        post.setHeader("Authorization", "OAuth" + token);
        post.setEntity(body);

        HttpResponse resp = client.execute(post);
        System.out.println(resp.getStatusLine().getStatusCode());
        System.out.println(resp.getStatusLine().getReasonPhrase());
        System.out.println(resp.toString());
    }
}

这是我不断收到的回复：

401
Unauthorized
HttpResponseProxy{HTTP/1.1 401 Unauthorized [Vary: Origin, Vary: X-Origin, WWW-Authenticate: Bearer realm="https://accounts.google.com/", Content-Type: application/json; charset=UTF-8, Date: Sat, 11 Feb 2017 00:38:07 GMT, Expires: Sat, 11 Feb 2017 00:38:07 GMT, Cache-Control: private, max-age=0, X-Content-Type-Options: nosniff, X-Frame-Options: SAMEORIGIN, X-XSS-Protection: 1; mode=block, Server: GSE, Alt-Svc: quic=":443"; ma=2592000; v="35,34", Transfer-Encoding: chunked] org.apache.http.client.entity.DecompressingEntity@1649b0e6}

我的下一次尝试是尝试利用 Google Java 库，结果如下：

GoogleCredential credential = new GoogleCredential.Builder()
                .setTransport(new NetHttpTransport())
                .setJsonFactory(new JacksonFactory())
                .setClientSecrets(CLIENT_ID, CLIENT_SECRET)
                .build();

        credential.setFromTokenResponse(tokenResponse);
        credential.refreshToken();    
String msg = "Happy Monday! #caseofthemondays";

    // Create a list of ACL entries
    PlusDomainsAclentryResource resource = new PlusDomainsAclentryResource();
    resource.setType("domain"); // Share to domain

    List<PlusDomainsAclentryResource> aclEntries =
            new ArrayList<>();
    aclEntries.add(resource);

    Acl acl = new Acl();
    acl.setItems(aclEntries);
    acl.setDomainRestricted(true);  // Required, this does the domain restriction

    PlusDomains plusDomains = new PlusDomains
            .Builder(new NetHttpTransport(), new JacksonFactory(), credential)
            .setApplicationName("myApp")
            .build();

    Activity activity = new Activity()
            .setObject(new Activity.PlusDomainsObject().setOriginalContent(msg))
            .setAccess(acl);
    activity = plusDomains.activities().insert("me", activity).execute();

    System.out.println(activity.toPrettyString());

输出：

    Exception in thread "main" com.google.api.client.googleapis.json.GoogleJsonResponseException: 403 Forbidden
{
  "code" : 403,
  "errors" : [ {
    "domain" : "global",
    "message" : "Forbidden",
    "reason" : "forbidden"
  } ],
  "message" : "Forbidden"
}
    at com.google.api.client.googleapis.json.GoogleJsonResponseException.from(GoogleJsonResponseException.java:146)
    at com.google.api.client.googleapis.services.json.AbstractGoogleJsonClientRequest.newExceptionOnError(AbstractGoogleJsonClientRequest.java:113)
    at com.google.api.client.googleapis.services.json.AbstractGoogleJsonClientRequest.newExceptionOnError(AbstractGoogleJsonClientRequest.java:40)
    at com.google.api.client.googleapis.services.AbstractGoogleClientRequest$1.interceptResponse(AbstractGoogleClientRequest.java:321)
    at com.google.api.client.http.HttpRequest.execute(HttpRequest.java:1065)
    at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed(AbstractGoogleClientRequest.java:419)
    at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed(AbstractGoogleClientRequest.java:352)
    at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.execute(AbstractGoogleClientRequest.java:469)

当我尝试通过 API Explorer 实现这一点时，我得到了同样的 403 错误。

然后无缘无故地我尝试了：

curl -v -H "Content-Type: application/json" -H "Authorization: OAuth$USER_ACCESS_TOKEN" -d "{"object": {"originalContent": "Happy Monday!#caseofthemondays"},"access":{"kind":"plus#acl","items":[{"type":"domain"}],"domainRestricted":true}}" -X POST https://www.googleapis.com/plusDomains/v1/people/me/activities

回复：

{
 "error": {
  "errors": [
   {
    "domain": "global",
    "reason": "authError",
    "message": "Invalid Credentials",
    "locationType": "header",
    "location": "Authorization"
   }
  ],
  "code": 401,
  "message": "Invalid Credentials"
 }
}

我错过了什么？

更新：我尝试为经过身份验证的 G Suite 域用户创建帖子，但遇到了同样的错误。

Answer 1

要使用 google plus domain api，您需要创建帐户http://apps.google.com/，然后使用此用户创建帖子。但！！！他们创建帖子域受限。我暂时还没有找到如何创建公共帖子的方法。

请参阅此链接了解更多...

Google Plus 创建帖子 - 休息 API - 禁止

如何通过 javascript API 在 Google+ 上创建新帖子？

如何在 Google+ 墙上发帖

希望它可以帮助你...