Google cloud platform 如何从GCE VM命令行设置使用Gmail API的凭据?
我正试图让我在GCE上的Linux虚拟机访问我的Gmail帐户,以便发送电子邮件 我找到了这篇文章,它阅读了一些Gmail帐户信息(这很有用,因为我只想测试我的连接) 但是,我不确定需要设置哪些凭据,如设置和使用时:Google cloud platform 如何从GCE VM命令行设置使用Gmail API的凭据?,google-cloud-platform,gmail-api,Google Cloud Platform,Gmail Api,我正试图让我在GCE上的Linux虚拟机访问我的Gmail帐户,以便发送电子邮件 我找到了这篇文章,它阅读了一些Gmail帐户信息(这很有用,因为我只想测试我的连接) 但是,我不确定需要设置哪些凭据,如设置和使用时: 服务帐户:我收到以下消息ValueError:客户端机密必须用于web或已安装的应用程序。 Web应用程序类型的OAuth客户端ID:代码运行良好,但在尝试首次授权应用程序访问时,我收到以下消息: 错误400:重定向\u uri\u不匹配 请求中的重定向URI,http://l
ValueError:客户端机密必须用于web或已安装的应用程序。[nov17] 在将gmail作用域添加到虚拟机的作用域后,我运行了python脚本,出现了以下错误:
Traceback (most recent call last):
File "quickstart2.py", line 29, in <module>
main()
File "quickstart2.py", line 18, in main
results = service.users().labels().list(userId="107628233971924038182").execute()
File "/home/lucasnunesfe9/.local/lib/python3.7/site-packages/googleapiclient/_helpers.py", line 134, in positional_wrapper
return wrapped(*args, **kwargs)
File "/home/lucasnunesfe9/.local/lib/python3.7/site-packages/googleapiclient/http.py", line 915, in execute
raise HttpError(resp, content, uri=self.uri)
googleapiclient.errors.HttpError: <HttpError 400 when requesting https://gmail.googleapis.com/gmail/v1/users/107628233971924038182/labels?alt=json returned "Precondition check failed.">
PS:强调我已经将我的服务帐户启用为“G套件域范围授权”。此操作生成了一个OAuth 2.0客户端ID,该ID正在python脚本中使用(变量userId)。就我个人而言,我从未理解过这个示例。我认为它太旧了(甚至兼容Python 2.6!!) 不管怎样,你可以忘记第一部分,获得这样的凭证
from googleapiclient.discovery import build
import google.auth
# If modifying these scopes, delete the file token.pickle.
SCOPES = ['https://www.googleapis.com/auth/gmail.readonly']
def main():
creds, project_id = google.auth.default(scopes=SCOPES)
service = build('gmail', 'v1', credentials=creds)
# Call the Gmail API
results = service.users().labels().list(userId='me').execute()
labels = results.get('labels', [])
if not labels:
print('No labels found.')
else:
print('Labels:')
for label in labels:
print(label['name'])
if __name__ == '__main__':
main()
要实现这一点,您需要授予VM服务帐户的作用域。停止VM,运行此(长)命令,然后再次启动VM。命令:
- 获取VM的当前作用域(并清除/格式化它们)
- 添加gmail范围
- 将作用域设置为VM(这是一个BETA命令)
gcloud beta计算实例设置范围--区域\
--范围=https://www.googleapis.com/auth/gmail.readonly,\
$(gcloud计算实例描述--zone\
--格式为json | jq-c).serviceAccounts[0].作用域“|sed-E”s/\[(.*)\]/\1/g”| sed-E“s/\”//g)
凭据,project_id=google.auth.default()GoogleAppClient.errors.HttpError:GoogleAppClient.errors.HttpError:{
"error": {
"code": 401,
"message": "Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.",
"errors": [
{
"message": "Login Required.",
"domain": "global",
"reason": "required",
"location": "Authorization",
"locationType": "header"
}
],
"status": "UNAUTHENTICATED"
}
}
from googleapiclient.discovery import build
import google.auth
# If modifying these scopes, delete the file token.pickle.
SCOPES = ['https://www.googleapis.com/auth/gmail.readonly']
def main():
creds, project_id = google.auth.default(scopes=SCOPES)
service = build('gmail', 'v1', credentials=creds)
# Call the Gmail API
results = service.users().labels().list(userId='me').execute()
labels = results.get('labels', [])
if not labels:
print('No labels found.')
else:
print('Labels:')
for label in labels:
print(label['name'])
if __name__ == '__main__':
main()
gcloud beta compute instances set-scopes <YOUR_VM_NAME> --zone <YOUR_VM_ZONE> \
--scopes=https://www.googleapis.com/auth/gmail.readonly,\
$(gcloud compute instances describe <YOUR_VM_NAME> --zone <YOUR_VM_ZONE> \
--format json | jq -c ".serviceAccounts[0].scopes" | sed -E "s/\[(.*)\]/\1/g" | sed -E "s/\"//g")