Google api 在谷歌+;域的API访问失败\u被拒绝
这简直要了我的命!我正在尝试使用域范围的委托,列出我的域中某个用户的Google Plus圈子。这应该正是GoogleDeveloperAPI示例所做的 我在Google的云控制台中设置了一个应用程序,在那里启用了Google+for Domains API,并创建了一个服务器证书 然后,我在GoogleApps管理控制台中添加了这个范围 我的代码:Google api 在谷歌+;域的API访问失败\u被拒绝,google-api,google-plus,google-apps,Google Api,Google Plus,Google Apps,这简直要了我的命!我正在尝试使用域范围的委托,列出我的域中某个用户的Google Plus圈子。这应该正是GoogleDeveloperAPI示例所做的 我在Google的云控制台中设置了一个应用程序,在那里启用了Google+for Domains API,并创建了一个服务器证书 然后,我在GoogleApps管理控制台中添加了这个范围 我的代码: package com.MYDOMAIN.plus; import java.io.IOException; import java.secur
package com.MYDOMAIN.plus;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.util.Arrays;
import java.util.List;
import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
import com.google.api.client.http.HttpTransport;
import com.google.api.client.http.javanet.NetHttpTransport;
import com.google.api.client.json.JsonFactory;
import com.google.api.client.json.jackson.JacksonFactory;
import com.google.api.services.plusDomains.PlusDomains;
import com.google.api.services.plusDomains.model.Circle;
import com.google.api.services.plusDomains.model.CircleFeed;
public class PlusHelper {
// Fill in the following values based upon the previous steps
private static final String SERVICE_ACCOUNT_EMAIL = "39578475189-vefb22ohjt9dahloahfsp9h9bol7r6ie@developer.gserviceaccount.com";
private static final String SERVICE_ACCOUNT_PKCS12_FILE_PATH =
"/Users/kees/Documents/workspace/MYDOMAINPlus/2a282bbacf8895b821e7cf662a98de4d65e38b2a-privatekey.p12";
private static final String USER_EMAIL = "kees@MYDOMAIN.com";
// List the scopes your app requires. These must match the scopes
// registered in the Admin console for your Google Apps domain.
private static final List<String> SCOPE = Arrays.asList(
"https://www.googleapis.com/auth/plus.circles.read");
private static PlusDomains authenticate(final String userEmail) throws GeneralSecurityException, IOException {
System.out.println(String.format("Authenticate the domain for %s", userEmail));
HttpTransport httpTransport = new NetHttpTransport();
JsonFactory jsonFactory = new JacksonFactory();
// Setting the sub field with USER_EMAIL allows you to make API calls using the special keyword
// "me" in place of a user id for that user.
GoogleCredential credential = new GoogleCredential.Builder()
.setTransport(httpTransport)
.setJsonFactory(jsonFactory)
.setServiceAccountId(SERVICE_ACCOUNT_EMAIL)
.setServiceAccountScopes(SCOPE)
.setServiceAccountUser(USER_EMAIL)
.setServiceAccountPrivateKeyFromP12File(
new java.io.File(SERVICE_ACCOUNT_PKCS12_FILE_PATH))
.build();
// Create and return the authorized API client
PlusDomains service = new PlusDomains.Builder(httpTransport, jsonFactory, credential).setApplicationName("PlusSync").build();
return service;
}
public static void main(String[] args) {
/** Global Drive API client. */
PlusDomains plusDomains;
try {
plusDomains = PlusHelper.authenticate(USER_EMAIL);
PlusDomains.Circles.List listCircles = plusDomains.circles().list(USER_EMAIL);
listCircles.setMaxResults(5L);
CircleFeed circleFeed = listCircles.execute();
List<Circle> circles = circleFeed.getItems();
// Loop until no additional pages of results are available.
while (circles != null) {
for (Circle circle : circles) {
System.out.println(circle.getDisplayName());
}
// When the next page token is null, there are no additional pages of
// results. If this is the case, break.
if (circleFeed.getNextPageToken() != null) {
// Prepare the next page of results
listCircles.setPageToken(circleFeed.getNextPageToken());
// Execute and process the next page request
circleFeed = listCircles.execute();
circles = circleFeed.getItems();
} else {
circles = null;
}
}
} catch (GeneralSecurityException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
有人知道吗?这真让我受不了,因为我以前在另一个领域工作过
顺便说一句,我的代码和stacktrace中的“MYDOMAIN”显然是实际域的替代品。在反复修改后找到了答案。在新的云控制台中,证书的客户端ID似乎与OAuth框中的客户端ID不同。我所做的是:下载证书的JSON。此json包含一个客户端id值,与云控制台中的客户端id不同。在您的管理API面板中使用JSON中的客户机ID来授权作用域,这样就可以了
com.google.api.client.auth.oauth2.TokenResponseException: 400 Bad Request
{
"error" : "access_denied"
}
at com.google.api.client.auth.oauth2.TokenResponseException.from(TokenResponseException.java:105)
at com.google.api.client.auth.oauth2.TokenRequest.executeUnparsed(TokenRequest.java:332)
at com.google.api.client.auth.oauth2.TokenRequest.execute(TokenRequest.java:352)
at com.google.api.client.googleapis.auth.oauth2.GoogleCredential.executeRefreshToken(GoogleCredential.java:269)
at com.google.api.client.auth.oauth2.Credential.refreshToken(Credential.java:454)
at com.google.api.client.auth.oauth2.Credential.intercept(Credential.java:215)
at com.google.api.client.http.HttpRequest.execute(HttpRequest.java:854)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed(AbstractGoogleClientRequest.java:410)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed(AbstractGoogleClientRequest.java:343)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.execute(AbstractGoogleClientRequest.java:460)
at com.MYDOMAIN.plus.PlusHelper.main(PlusHelper.java:60)