PHP - Google Admin SDK - 使用服务帐户进行身份验证 "Not Authorized to access this resource/api"
PHP - Google Admin SDK - Authentication with Service Accounts "Not Authorized to access this resource/api"
我正在使用库 google/google-api-php-client 并且正在使用服务帐户创建身份验证。
我已经在 https://console.developers.google.com/ 中创建了服务帐户,并将全域权限添加到我的服务帐户。
但是我 return 我要求如下:
Google_Service_Exception in REST.php line 118:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "forbidden",
"message": "Not Authorized to access this resource/api"
}
],
"code": 403,
"message": "Not Authorized to access this resource/api"
}
}
我的函数:
$client = new \Google_Client();
$credentials_file = base_path() . '/service-account.json';
if ($credentials_file = $this->checkServiceAccountCredentialsFile($credentials_file)) {
$client->setAuthConfig($credentials_file);
}
$client->setApplicationName("app-name");
$client->setScopes([
'https://www.googleapis.com/auth/admin.directory.user',
'https://www.googleapis.com/auth/admin.directory.user.readonly'
]);
$service = new \Google_Service_Directory($client);
$userKey = 'user@domain.com';
$results = $service->users->get($userKey);
var_dump($results);
如果我尝试这里是有效的。
https://developers.google.com/admin-sdk/directory/v1/reference/users/get#auth
我可以解决问题。我在域中缺少我的用户管理员设置的主题:
$client->setSubject("admin@yourdomain.com");
结果:
$client = new \Google_Client();
$credentials_file = base_path() . '/service-account.json';
if ($credentials_file = $this->checkServiceAccountCredentialsFile($credentials_file)) {
$client->setAuthConfig($credentials_file);
}
$client->setApplicationName("app-name");
$client->setSubject("admin@yourdomain.com");
$client->setScopes([
'https://www.googleapis.com/auth/admin.directory.user',
'https://www.googleapis.com/auth/admin.directory.user.readonly'
]);
$service = new \Google_Service_Directory($client);
$userKey = 'user@domain.com';
$results = $service->users->get($userKey);
var_dump($results);
我正在使用库 google/google-api-php-client 并且正在使用服务帐户创建身份验证。
我已经在 https://console.developers.google.com/ 中创建了服务帐户,并将全域权限添加到我的服务帐户。
但是我 return 我要求如下:
Google_Service_Exception in REST.php line 118:
{
"error": {
"errors": [
{
"domain": "global",
"reason": "forbidden",
"message": "Not Authorized to access this resource/api"
}
],
"code": 403,
"message": "Not Authorized to access this resource/api"
}
}
我的函数:
$client = new \Google_Client();
$credentials_file = base_path() . '/service-account.json';
if ($credentials_file = $this->checkServiceAccountCredentialsFile($credentials_file)) {
$client->setAuthConfig($credentials_file);
}
$client->setApplicationName("app-name");
$client->setScopes([
'https://www.googleapis.com/auth/admin.directory.user',
'https://www.googleapis.com/auth/admin.directory.user.readonly'
]);
$service = new \Google_Service_Directory($client);
$userKey = 'user@domain.com';
$results = $service->users->get($userKey);
var_dump($results);
如果我尝试这里是有效的。 https://developers.google.com/admin-sdk/directory/v1/reference/users/get#auth
我可以解决问题。我在域中缺少我的用户管理员设置的主题:
$client->setSubject("admin@yourdomain.com");
结果:
$client = new \Google_Client();
$credentials_file = base_path() . '/service-account.json';
if ($credentials_file = $this->checkServiceAccountCredentialsFile($credentials_file)) {
$client->setAuthConfig($credentials_file);
}
$client->setApplicationName("app-name");
$client->setSubject("admin@yourdomain.com");
$client->setScopes([
'https://www.googleapis.com/auth/admin.directory.user',
'https://www.googleapis.com/auth/admin.directory.user.readonly'
]);
$service = new \Google_Service_Directory($client);
$userKey = 'user@domain.com';
$results = $service->users->get($userKey);
var_dump($results);