如何在Ruby中为Google Calendar API授权服务帐户?
如何在Ruby中为Google Calendar API授权服务帐户?我试过快速入门指南,但失败了。
https://developers.google.com/calendar/quickstart/ruby#step_3_set_up_the_sample
require 'google/apis/calendar_v3'
require 'googleauth'
require 'googleauth/stores/file_token_store'
require 'fileutils'
OOB_URI = 'urn:ietf:wg:oauth:2.0:oob'.freeze
APPLICATION_NAME = 'Google Calendar API Ruby Quickstart'.freeze
CLIENT_SECRETS_PATH = 'client_secrets.json'.freeze
CREDENTIALS_PATH = 'token.yaml'.freeze
SCOPE = Google::Apis::CalendarV3::AUTH_CALENDAR_READONLY
##
# Ensure valid credentials, either by restoring from the saved credentials
# files or intitiating an OAuth2 authorization. If authorization is required,
# the user's default browser will be launched to approve the request.
#
# @return [Google::Auth::UserRefreshCredentials] OAuth2 credentials
def authorize
client_id = Google::Auth::ClientId.from_file(CLIENT_SECRETS_PATH) ### LINE 19
token_store = Google::Auth::Stores::FileTokenStore.new(file: CREDENTIALS_PATH)
authorizer = Google::Auth::UserAuthorizer.new(client_id, SCOPE, token_store)
user_id = 'default'
credentials = authorizer.get_credentials(user_id)
if credentials.nil?
url = authorizer.get_authorization_url(base_url: OOB_URI)
puts 'Open the following URL in the browser and enter the ' \
'resulting code after authorization:\n' + url
code = gets
credentials = authorizer.get_and_store_credentials_from_code(
user_id: user_id, code: code, base_url: OOB_URI
)
end
credentials
end
# Initialize the API
service = Google::Apis::CalendarV3::CalendarService.new
service.client_options.application_name = APPLICATION_NAME
service.authorization = authorize
# Fetch the next 10 events for the user
calendar_id = 'primary'
response = service.list_events(calendar_id,
max_results: 10,
single_events: true,
order_by: 'startTime',
time_min: Time.now.iso8601)
puts 'Upcoming events:'
puts 'No upcoming events found' if response.items.empty?
response.items.each do |event|
start = event.start.date || event.start.date_time
puts "- #{event.summary} (#{start})"
end
>ruby quickstart.rb
C:/ruby23/lib/ruby/gems/2.3.0/gems/googleauth-0.6.2/lib/googleauth/client_id.rb:97:in `from_hash': Expected top level property 'installed' or 'web' to be present. (RuntimeError)
from C:/ruby23/lib/ruby/gems/2.3.0/gems/googleauth-0.6.2/lib/googleauth/client_id.rb:83:in `block in from_file'
from C:/ruby23/lib/ruby/gems/2.3.0/gems/googleauth-0.6.2/lib/googleauth/client_id.rb:80:in `open'
from C:/ruby23/lib/ruby/gems/2.3.0/gems/googleauth-0.6.2/lib/googleauth/client_id.rb:80:in `from_file'
from quickstart.rb:19:in `authorize'
from quickstart.rb:39:in `<main>'
用于授权服务帐户的(过时的)文档只有Java和Python的示例。
https://developers.google.com/identity/protocols/OAuth2ServiceAccount#authorizingrequests
旧的类似问题,0个答案:使用服务帐户在Ruby中使用Google日历API
共有2个答案
对于那些仍在寻找的人来说,这对我来说很有用:
require 'google/apis/calendar_v3'
require 'googleauth'
scope = 'https://www.googleapis.com/auth/calendar'
authorizer = Google::Auth::ServiceAccountCredentials.make_creds(
json_key_io: File.open('/path/to/creds.json'),
scope: scope)
authorizer.fetch_access_token!
service = Google::Apis::CalendarV3::CalendarService.new
service.authorization = authorizer
calendar_id = 'primary'
response = service.list_events(calendar_id,
max_results: 10,
single_events: true,
order_by: 'startTime',
time_min: Time.now.iso8601)
puts 'Upcoming events:'
puts 'No upcoming events found' if response.items.empty?
response.items.each do |event|
start = event.start.date || event.start.date_time
puts "- #{event.summary} (#{start})"
end
诀窍是找到google auth library ruby的文档https://github.com/googleapis/google-auth-library-ruby
好吧,我找到了一个方法。
https://developers.google.com/api-client-library/ruby/auth/service-accounts
require 'google/apis/calendar_v3'
require 'googleauth'
# Get the environment configured authorization
scopes = ['https://www.googleapis.com/auth/calendar']
authorization = Google::Auth.get_application_default(scopes)
# Clone and set the subject
auth_client = authorization.dup
auth_client.sub = 'myemail@mydomain.com'
auth_client.fetch_access_token!
# Initialize the API
service = Google::Apis::CalendarV3::CalendarService.new
service.authorization = auth_client
# Fetch the next 10 events for the user
calendar_id = 'primary'
response = service.list_events(calendar_id,
max_results: 10,
single_events: true,
order_by: 'startTime',
time_min: Time.now.iso8601)
puts 'Upcoming events:'
puts 'No upcoming events found' if response.items.empty?
response.items.each do |event|
start = event.start.date || event.start.date_time
puts "- #{event.summary} (#{start})"
end
和
>set GOOGLE_APPLICATION_CREDENTIALS=client_secrets.json
C:\Users\Chloe\workspace>ruby quickstart.rb
Upcoming events:
- Test (2018-05-17)
- SSL Certificate for CMS (2019-02-13)
但是我想知道它在哪里保存刷新令牌和访问令牌?我现在所要做的就是让它适用于像Heroku这样的临时文件系统,并将令牌存储在数据库中。
-
我们正在尝试创建一个与谷歌管理SDK的集成,以便能够检索,更新和创建帐户在我们的领域。但是,我们不断收到一个403错误,表明我们没有被授权访问Resource/API。 我们正在使用从一个服务帐户获得的凭据,该帐户启用了域范围的授权,并且具有以下两个作用域:https://www.googleapis.com/auth/admin.directory.user.readonly,https://w
-
文档建议将服务帐户添加到GApps的第三方oauth访问列表必须由域管理员手动完成:https://developers.google.com/drive/delegation#delegate_domain-wide_authority_to_your_service_account 有没有一种方法可以通过身份验证页面来实现这一点?
-
实际上,我想使用这个api回复我的google play应用程序的评论:https://developers.google.com/android-publisher/reply-to-reviews#gaining_access但是在这里,它想让我输入auth_token。首先,我在google play中添加了服务号。之后,我创建了一个密钥,并下载了密钥的json文件。使用这个json文件,我
-
Object授权 点击Object的属性管理 Object读权限授予某个云密钥帐号 其中Grantee是生成新的云密钥生成的AppID 如果是使用新版生态云,Grantee参考下图(填写"CI"加上用户组ID) 把Object设置为所有人可以下载 FDS中两个特殊的grantId: ALL_USERS:所有访问者 AUTHENTICATED_USERS:所有通过认证的访问(密钥认证/预签名认证/O
-
我已经开始学习Spring Security性(Oauth2)。我有一个受Spring OAuth2保护的REST API服务。我想做的是,我想分离授权服务器和资源服务器,例如, 我的授权:http://server1:8080/resttest/oauth/token/grant_type=client_credentials&client_id=clientt&client_secret=se
-
我有多个微服务。客户端可以通过API网关调用这些微服务,微服务之间也可以相互通信。 理想情况下,请求将来自拥有所有权限的用户的API网关。例如,如果用户(浏览器)需要来自微服务A的数据,则只将该角色授予用户,如果内部微服务A需要来自B的数据(rest call),则不应将该角色分配给用户。 要求:如何限制/授权微服务之间的内部通信,以便只有经授权的微服务才能呼叫其他服务。 选项: > 将所有角色分