谷歌日历403禁止PHP服务器到服务器通信
<?php
include('lead1.php');
require_once __DIR__ . '/vendor/autoload.php';
global $link;
$emailmsgsql = "SELECT *
FROM psleads WHERE agreeid = '6'";
$msgreqsres = mysqli_query($link, $emailmsgsql); // or die(mysql_error()0);
$msgreqs = $msgreqsres->fetch_assoc();
$start = $msgreqs['contractbegindate'] . ' ' . $msgreqs['contractbegintime'];
$end = $msgreqs['contractenddate'] . ' ' . $msgreqs['contractendtime'];
$startDT = new DateTime($start, new DateTimeZone('Pacific/Honolulu'));
$endDT = new DateTime($end, new DateTimeZone('Pacific/Honolulu'));
$startDTw3c = $startDT->format(DateTime::W3C);
$endDTw3c = $endDT->format(DateTime::W3C);
putenv('GOOGLE_APPLICATION_CREDENTIALS=./service-account.json');
define('CREDENTIALS_PATH', '~/calendar-php.json');
define('CLIENT_SECRET_PATH', './client_secret.json');
//define('CLIENT_SECRET_PATH', __DIR__ . '/client_secret.json');
$client = new Google_Client();
$client->setApplicationName("Paradise_Sound_Booking_Calendar");
$client->addScope('https://www.googleapis.com/auth/calendar');
$client->setAuthConfig(CLIENT_SECRET_PATH);
$client->setClientId('532085378494-s908fs5mu4rf2e2s60cecgaprg9pem1p.apps.googleusercontent.com');
$client->setDeveloperKey("XXXXX");//flo.gd
$client->useApplicationDefaultCredentials();
// Load previously authorized credentials from a file.
function expandHomeDirectory($path) {
$homeDirectory = getenv('HOME');
if (empty($homeDirectory)) {
$homeDirectory = getenv('HOMEDRIVE') . getenv('HOMEPATH');
}
return str_replace('~', realpath($homeDirectory), $path);
}
$credentialsPath = expandHomeDirectory(CREDENTIALS_PATH);
if (file_exists($credentialsPath)) {
$accessToken = json_decode(file_get_contents($credentialsPath), true);
} else {
// Request authorization from the user.
$authUrl = $client->createAuthUrl();
printf("Open the following link in your browser:\n%s\n", $authUrl);
print 'Enter verification code: ';
//$authCode = trim(fgets(STDIN));
$authCode = 'Manually pasted return code into script here';
// Exchange authorization code for an access token.
$accessToken = $client->fetchAccessTokenWithAuthCode($authCode);
// Store the credentials to disk.
if(!file_exists(dirname($credentialsPath))) {
mkdir(dirname($credentialsPath), 0700, true);
}
file_put_contents($credentialsPath, json_encode($accessToken));
printf("Credentials saved to %s\n", $credentialsPath);
}
$client->setAccessToken($accessToken);
// Refresh the token if it's expired.
if ($client->isAccessTokenExpired()) {
$client->fetchAccessTokenWithRefreshToken($client->getRefreshToken());
file_put_contents($credentialsPath, json_encode($client->getAccessToken()));
}
$service = new Google_Service_Calendar($client);
$event = new Google_Service_Calendar_Event(array(
'summary' => 'Booked Event ' . $msgreqs['contractbegindate'],
'start' => array(
'dateTime' => $startDTw3c,
//'dateTime' => '2015-05-28T09:00:00-07:00',
'timeZone' => 'Pacific/Honolulu',
),
'end' => array(
'dateTime' => $endDTw3c,
'timeZone' => 'Pacific/Honolulu',
)
));
$calendarId = 'iddnpsbinrifod2826eqo1kmoo@group.calendar.google.com';
$eventres = $service->events->insert($calendarId, $event);
echo json_encode($eventres);
?>
下面是我的PHP代码,我用它来测试谷歌日历中的事件插入。
我原以为我可以只使用一个API键,但谷歌似乎有一种复杂的方式来实现OAUTH,我就是搞不懂。我可以在API开发者控制台中看到我的所有403错误。
是否有人拥有将简单事件插入我的日历的工作代码。
背景:
我将从paypal收到一个IPN(完成),这将触发这个脚本,它将在我的日历中插入一个事件,而不是用户。有谁能帮我而不让我参考谷歌开发者文档吗?他们似乎稀疏,我读了一遍又一遍,但没有解决我的问题。
这是我得到的错误:
致命错误:未捕获的异常“Google_Service_exception”,消息为“{”error:{”errors:[{”domain:“global”,“reason:“forbidden”,“message:“forbidden”}],“code:”403,“message:“forbidden”}}在/home/dahfrence/flo.gd/src/Google/Http/REST.php:118堆栈跟踪:#0/home/dahfrence/flo.gd/src/Google/Http/REST.php(94):Google_Http_REST::decodeHttpResponse(Object(GuzzleHttp\Psr7\Response),Object(GuzzleHttp\Psr7\Request),'Google_Service…')1[内部函数]:Google_Http_REST::doExecute(Object(GuzzleHttp\Client),Object(GuzzleHttp\Psr7\Request),'Google##Service…'))\2/home/dahfrence/flo.gd/src/Google/Task/Runner.php(181):调用_user_func数组(数组,数组)#3/home/dahfrence/flo.gd/src/Google/Http/REST.php(58):Google#u Task#Runner-
共有1个答案
您可能需要最终确定要实现的身份验证:用户需要登录才能执行/请求谷歌服务,或者将域范围的权限委托给服务号。
如果您将使用OAuth 2.0:
应用程序必须使用OAuth 2.0来授权请求。
来自Google的示例代码:
<?php
require_once __DIR__ . '/vendor/autoload.php';
define('APPLICATION_NAME', 'Google Calendar API PHP Quickstart');
define('CREDENTIALS_PATH', '~/.credentials/calendar-php-quickstart.json');
define('CLIENT_SECRET_PATH', __DIR__ . '/client_secret.json');
// If modifying these scopes, delete your previously saved credentials
// at ~/.credentials/calendar-php-quickstart.json
define('SCOPES', implode(' ', array(
Google_Service_Calendar::CALENDAR_READONLY)
));
if (php_sapi_name() != 'cli') {
throw new Exception('This application must be run on the command line.');
}
/**
* Returns an authorized API client.
* @return Google_Client the authorized client object
*/
function getClient() {
$client = new Google_Client();
$client->setApplicationName(APPLICATION_NAME);
$client->setScopes(SCOPES);
$client->setAuthConfig(CLIENT_SECRET_PATH);
$client->setAccessType('offline');
// Load previously authorized credentials from a file.
$credentialsPath = expandHomeDirectory(CREDENTIALS_PATH);
if (file_exists($credentialsPath)) {
$accessToken = json_decode(file_get_contents($credentialsPath), true);
} else {
// Request authorization from the user.
$authUrl = $client->createAuthUrl();
printf("Open the following link in your browser:\n%s\n", $authUrl);
print 'Enter verification code: ';
$authCode = trim(fgets(STDIN));
// Exchange authorization code for an access token.
$accessToken = $client->fetchAccessTokenWithAuthCode($authCode);
// Store the credentials to disk.
if(!file_exists(dirname($credentialsPath))) {
mkdir(dirname($credentialsPath), 0700, true);
}
file_put_contents($credentialsPath, json_encode($accessToken));
printf("Credentials saved to %s\n", $credentialsPath);
}
$client->setAccessToken($accessToken);
// Refresh the token if it's expired.
if ($client->isAccessTokenExpired()) {
$client->fetchAccessTokenWithRefreshToken($client->getRefreshToken());
file_put_contents($credentialsPath, json_encode($client->getAccessToken()));
}
return $client;
}
/**
* Expands the home directory alias '~' to the full path.
* @param string $path the path to expand.
* @return string the expanded path.
*/
function expandHomeDirectory($path) {
$homeDirectory = getenv('HOME');
if (empty($homeDirectory)) {
$homeDirectory = getenv('HOMEDRIVE') . getenv('HOMEPATH');
}
return str_replace('~', realpath($homeDirectory), $path);
}
// Get the API client and construct the service object.
$client = getClient();
$service = new Google_Service_Calendar($client);
// Print the next 10 events on the user's calendar.
$calendarId = 'primary';
$optParams = array(
'maxResults' => 10,
'orderBy' => 'startTime',
'singleEvents' => TRUE,
'timeMin' => date('c'),
);
$results = $service->events->listEvents($calendarId, $optParams);
if (count($results->getItems()) == 0) {
print "No upcoming events found.\n";
} else {
print "Upcoming events:\n";
foreach ($results->getItems() as $event) {
$start = $event->start->dateTime;
if (empty($start)) {
$start = $event->start->date;
}
printf("%s (%s)\n", $event->getSummary(), $start);
}
}
如果您将使用Google Apps域范围的授权:
授权服务帐户代表域中的用户访问数据有时被称为“向服务帐户授予域范围的权限”。
SO帖子中的示例代码:
function calendarize ($title, $desc, $ev_date, $cal_id) {
session_start();
/************************************************
Make an API request authenticated with a service
account.
************************************************/
set_include_path( '../google-api-php-client/src/');
require_once 'Google/Client.php';
require_once 'Google/Service/Calendar.php';
//obviously, insert your own credentials from the service account in the Google Developer's console
$client_id = '843319906820-xxxxxxxxxxxxxxxxxxxdcqal54p1he6.apps.googleusercontent.com';
$service_account_name = '843319906820-xxxxxxxxxxxxxxxxxxxdcqal54p1he6@developer.gserviceaccount.com';
$key_file_location = '../google-api-php-client/calendar-xxxxxxxxxxxx.p12';
if (!strlen($service_account_name) || !strlen($key_file_location))
echo missingServiceAccountDetailsWarning();
$client = new Google_Client();
$client->setApplicationName("Whatever the name of your app is");
if (isset($_SESSION['service_token'])) {
$client->setAccessToken($_SESSION['service_token']);
}
$key = file_get_contents($key_file_location);
$cred = new Google_Auth_AssertionCredentials(
$service_account_name,
array('https://www.googleapis.com/auth/calendar'),
$key
);
$client->setAssertionCredentials($cred);
if($client->getAuth()->isAccessTokenExpired()) {
$client->getAuth()->refreshTokenWithAssertion($cred);
}
$_SESSION['service_token'] = $client->getAccessToken();
$calendarService = new Google_Service_Calendar($client);
$calendarList = $calendarService->calendarList;
//Set the Event data
$event = new Google_Service_Calendar_Event();
$event->setSummary($title);
$event->setDescription($desc);
$start = new Google_Service_Calendar_EventDateTime();
$start->setDateTime($ev_date);
$event->setStart($start);
$end = new Google_Service_Calendar_EventDateTime();
$end->setDateTime($ev_date);
$event->setEnd($end);
$createdEvent = $calendarService->events->insert($cal_id, $event);
echo $createdEvent->getId();
}
?>
注意:如果您计划只使用一个日历,我建议您使用一个服务帐户,然后将您的日历共享给该帐户,以避免相关SO帖子中提到的403:禁止
希望这能有所帮助。
-
在一段时间内,通过HTTPS与我们的服务器的通信工作得很好。 上周提供商更改了一些东西,从现在开始,我总是得到403错误。 我使用最新的OpenSSL DLLs V0.9.8 我已将UserAgent更改为“Mozilla/5.0(Windows NT 10.0)” SSL方法为“SSLVSSLV23” SSL模式为“SSLMClient” 什么都帮不上忙。:( 这是我得到的日志:
-
我有一个应用程序使用s2s与谷歌日历API的连接。我需要在不同的用户日历中创建事件。若要使之成为可能,用户应转到日历的设置并将其日历共享到服务帐户。但我想为用户简化这一点 - 这样他们就不需要去他们的日历设置。我没有用于用户交互的界面 - 这是一个机器人。如何以其他方式访问用户的日历?
-
我在一个网站上工作,跟踪待办事项列表,并从服务器上提取它。下面有两个示例ajax调用。任务GET调用工作正常,但添加POST不工作。出于某种原因,它给我一个403禁止的错误,结果,不执行代码。 在Django框架中发出ajax Post请求时,我看到了403禁止的错误,我阅读了@yohn发布的链接,但我不理解如何实现这个解决方案。
-
我正在使用Google. net客户端库来访问谷歌日历应用编程接口。我需要研发创建日历事件并将其发布给用户的应用程序。 这是一个服务器到服务器的应用程序,所以我创建了一个服务帐户,并用它来发送邀请。当从web浏览器提交响应时,创建的与会者对这些事件的响应将被更新,但当来自outlook等任何邮件客户端的响应时,响应将以电子邮件的形式发送给服务帐户电子邮件id(这是一个虚拟电子邮件id)。如何将有效
-
我正在使用一个服务帐户访问我们的域名用户的谷歌驱动器,这工作像一个魅力!然而,我现在正在尝试使用相同的服务帐户获得用户的activity在谷歌驱动器。 我已授予服务帐户API访问https://www.googleapis.com/auth/activity和https://www.googleapis.com/auth/drive的权限 并启用API! 然而我总是得到错误403,禁止! 可能需要
-
我收到了这个错误 已经跟踪了https://developers.google.com/admin-sdk/directory/v1/guides/delegation 我使用这个库,并在laravel 5.7:https://github.com/spatie/laravel-google-calendar上运行它 有什么办法可以解决这个问题。请帮忙。