使用 Google 进行身份验证后,我无法更改其他用户的签名
I'm unable to change other users signature after authenticating with Google
我一直在开发一种工具,稍后将使用它来管理我组织中的用户签名,我已经设法完成了所有应用程序,但在测试过程中我发现我只能更改我的签名。 ..
我认为问题与权限和授权有关。我使用的是 OAuth 客户端 ID,我在 console.developers.google.com 上创建了项目,并启用了 Gmail API。
下面是我的代码的重要部分:
public async void btnAuthorize_Click(object sender, EventArgs e)
{
try
{
updateOutput("Trying to authorize with Google", "I");
using (var stream = new FileStream("client_secrets.json", FileMode.Open, FileAccess.Read))
{
credential = await GoogleWebAuthorizationBroker.AuthorizeAsync(
GoogleClientSecrets.Load(stream).Secrets,
new[] { GmailService.Scope.GmailSettingsBasic }, "user"
, CancellationToken.None, new FileDataStore("Gmail.Signature"));
}
updateOutput("Authorized successfully", "I");
btnUpdateSignature.Enabled = true;
}
catch (Google.GoogleApiException ex)
{
updateOutput(ex.Message, "E");
}
}
private void btnUpdateSignature_Click(object sender, EventArgs e)
{
// reading the users list one by one
// reading the signature text
// replacing the place holders with actual values
// upload the real signature text
// Create the service.
string signatureLocal = "";
string[] dataFields;
string userEmail;
int position=0;
string stat = "";
try
{
if (csvData_Arr.Length > 0)
{
foreach (string line in csvData_Arr)
{
if (position==0)
{
// skip this step, this is the header
position++;
}
else
{
dataFields = line.Split(',');
userEmail = dataFields[0];
signatureLocal = mapSignatureFields(signatureText, dataFields);
updateOutput("Updating signature for: " + userEmail, "I");
stat = updateSignature(userEmail, signatureLocal);
updateOutput(stat, "D");
if (chkGetbackSig.Checked == true)
{
updateOutput("Final signature: " + signatureLocal, "I");
}
position++;
}
}
}
}
catch (Exception ex)
{
updateOutput(ex.Message, "E");
}
}
private string updateSignature(string emailID, string signatureText)
{
SendAs sendAsObj = new SendAs();
service = new GmailService(new BaseClientService.Initializer()
{
HttpClientInitializer = credential,
ApplicationName = "Gmail API - Signature Manager",
});
try
{
sendAsObj.SendAsEmail = emailID;
sendAsObj.Signature = signatureText;
service.Users.Settings.SendAs.Patch(sendAsObj, emailID, emailID).Execute();
UsersResource.SettingsResource.SendAsResource.GetRequest sendAsRes = service.Users.Settings.SendAs.Get(emailID, emailID);
if (chkGetbackSig.Checked==true)
{
return sendAsRes.Execute().Signature.ToString();
}
return "";
}
catch (Google.GoogleApiException ex)
{
return ex.Message;
}
}
执行应用程序时,它可以成功更新我的签名,但是当涉及到其他用户时,它returns如下:
Google.Apis.Requests.RequestError Invalid user id specified in
request/Delegation denied [403] Errors [ Message[Invalid user id
specified in request/Delegation denied] Location[ - ]
Reason[forbidden] Domain[global] ]
我有点迷茫,不知道应该在哪里以及如何让它与其他用户一起工作。我在创建项目时使用的帐户对域具有超级管理员权限。
感谢您的帮助
编辑 1:
我尝试使用服务帐户,但我似乎做错了:
private async void button1_Click(object sender, EventArgs e)
{
string signatureLocal = "";
string[] dataFields;
string userEmail;
int position = 0;
string stat = "";
string certPath=appPath + "saKey.p12";
var cert = new X509Certificate2(certPath, "notasecret", X509KeyStorageFlags.Exportable);
string[] scopes = new string[] {GmailService.Scope.GmailSettingsBasic};
try
{
updateOutput("Trying to authorize with Google", "I");
ServiceAccountCredential cred = new ServiceAccountCredential(
new ServiceAccountCredential.Initializer("xxx@cool-monolith-153015.iam.gserviceaccount.com")
{
Scopes = scopes
}.FromCertificate(cert));
serviceSA = new GmailService(new BaseClientService.Initializer()
{
HttpClientInitializer = cred,
ApplicationName = "Gmail API - Signature Manager",
});
updateOutput("Authorized successfully", "I");
SendAs sendAsObj = new SendAs();
foreach (string line in csvData_Arr)
{
if (position == 0)
{
// skip this step, this is the header
position++;
}
else
{
dataFields = line.Split(',');
userEmail = dataFields[0];
signatureLocal = mapSignatureFields(signatureText, dataFields);
updateOutput("Updating signature for: " + userEmail, "I");
sendAsObj.SendAsEmail = userEmail;
sendAsObj.Signature = signatureLocal;
serviceSA.Users.Settings.SendAs.Patch(sendAsObj, userEmail, userEmail).Execute();
UsersResource.SettingsResource.SendAsResource.GetRequest sendAsRes = serviceSA.Users.Settings.SendAs.Get(userEmail, userEmail);
if (chkGetbackSig.Checked == true)
{
updateOutput(sendAsRes.Execute().Signature.ToString(), "D");
}
updateOutput(stat, "D");
if (chkGetbackSig.Checked == true)
{
updateOutput("Final signature: " + signatureLocal, "I");
}
position++;
}
}
}
catch (Google.GoogleApiException ex)
{
updateOutput(ex.Message, "E");
}
}
我找到了一个工作代码:
private async void button1_Click(object sender, EventArgs e)
{
string signatureLocal = "";
string[] dataFields;
string userEmail;
int position = 0;
string stat = "";
string certPath=appPath + "saKey.p12";
var cert = new X509Certificate2(certPath, "notasecret", X509KeyStorageFlags.Exportable);
string[] scopes = new string[] {GmailService.Scope.GmailSettingsBasic, GmailService.Scope.MailGoogleCom};
try
{
SendAs sendAsObj = new SendAs();
foreach (string line in csvData_Arr)
{
if (position == 0)
{
// skip this step, this is the header
position++;
}
else
{
dataFields = line.Split(',');
userEmail = dataFields[0];
updateOutput("Trying to authorize with Google", "I");
ServiceAccountCredential cred = new ServiceAccountCredential(
new ServiceAccountCredential.Initializer("xxx@cool-monolith-153015.iam.gserviceaccount.com")
{
User = userEmail,
Scopes = scopes
}.FromCertificate(cert));
updateOutput("Authorized successfully", "I");
serviceSA = new GmailService(new BaseClientService.Initializer()
{
HttpClientInitializer = cred,
ApplicationName = "Gmail API - Signature Manager",
});
signatureLocal = mapSignatureFields(signatureText, dataFields);
updateOutput("Updating signature for: " + userEmail, "I");
sendAsObj.SendAsEmail = userEmail;
sendAsObj.Signature = signatureLocal;
serviceSA.Users.Settings.SendAs.Patch(sendAsObj, userEmail, userEmail).Execute();
UsersResource.SettingsResource.SendAsResource.GetRequest sendAsRes = serviceSA.Users.Settings.SendAs.Get(userEmail, userEmail);
if (chkGetbackSig.Checked == true)
{
updateOutput(sendAsRes.Execute().Signature.ToString(), "D");
}
updateOutput(stat, "D");
if (chkGetbackSig.Checked == true)
{
updateOutput("Final signature: " + signatureLocal, "I");
}
position++;
}
}
}
catch (Google.GoogleApiException ex)
{
updateOutput(ex.Message, "E");
}
}
这里有一个问题,如果我每次迭代都 re-authenticate 可以吗?我可能每秒钟都会有 1000 个帐户进行身份验证...
谢谢!
我一直在开发一种工具,稍后将使用它来管理我组织中的用户签名,我已经设法完成了所有应用程序,但在测试过程中我发现我只能更改我的签名。 ..
我认为问题与权限和授权有关。我使用的是 OAuth 客户端 ID,我在 console.developers.google.com 上创建了项目,并启用了 Gmail API。
下面是我的代码的重要部分:
public async void btnAuthorize_Click(object sender, EventArgs e)
{
try
{
updateOutput("Trying to authorize with Google", "I");
using (var stream = new FileStream("client_secrets.json", FileMode.Open, FileAccess.Read))
{
credential = await GoogleWebAuthorizationBroker.AuthorizeAsync(
GoogleClientSecrets.Load(stream).Secrets,
new[] { GmailService.Scope.GmailSettingsBasic }, "user"
, CancellationToken.None, new FileDataStore("Gmail.Signature"));
}
updateOutput("Authorized successfully", "I");
btnUpdateSignature.Enabled = true;
}
catch (Google.GoogleApiException ex)
{
updateOutput(ex.Message, "E");
}
}
private void btnUpdateSignature_Click(object sender, EventArgs e)
{
// reading the users list one by one
// reading the signature text
// replacing the place holders with actual values
// upload the real signature text
// Create the service.
string signatureLocal = "";
string[] dataFields;
string userEmail;
int position=0;
string stat = "";
try
{
if (csvData_Arr.Length > 0)
{
foreach (string line in csvData_Arr)
{
if (position==0)
{
// skip this step, this is the header
position++;
}
else
{
dataFields = line.Split(',');
userEmail = dataFields[0];
signatureLocal = mapSignatureFields(signatureText, dataFields);
updateOutput("Updating signature for: " + userEmail, "I");
stat = updateSignature(userEmail, signatureLocal);
updateOutput(stat, "D");
if (chkGetbackSig.Checked == true)
{
updateOutput("Final signature: " + signatureLocal, "I");
}
position++;
}
}
}
}
catch (Exception ex)
{
updateOutput(ex.Message, "E");
}
}
private string updateSignature(string emailID, string signatureText)
{
SendAs sendAsObj = new SendAs();
service = new GmailService(new BaseClientService.Initializer()
{
HttpClientInitializer = credential,
ApplicationName = "Gmail API - Signature Manager",
});
try
{
sendAsObj.SendAsEmail = emailID;
sendAsObj.Signature = signatureText;
service.Users.Settings.SendAs.Patch(sendAsObj, emailID, emailID).Execute();
UsersResource.SettingsResource.SendAsResource.GetRequest sendAsRes = service.Users.Settings.SendAs.Get(emailID, emailID);
if (chkGetbackSig.Checked==true)
{
return sendAsRes.Execute().Signature.ToString();
}
return "";
}
catch (Google.GoogleApiException ex)
{
return ex.Message;
}
}
执行应用程序时,它可以成功更新我的签名,但是当涉及到其他用户时,它returns如下:
Google.Apis.Requests.RequestError Invalid user id specified in request/Delegation denied [403] Errors [ Message[Invalid user id specified in request/Delegation denied] Location[ - ] Reason[forbidden] Domain[global] ]
我有点迷茫,不知道应该在哪里以及如何让它与其他用户一起工作。我在创建项目时使用的帐户对域具有超级管理员权限。
感谢您的帮助
编辑 1: 我尝试使用服务帐户,但我似乎做错了:
private async void button1_Click(object sender, EventArgs e)
{
string signatureLocal = "";
string[] dataFields;
string userEmail;
int position = 0;
string stat = "";
string certPath=appPath + "saKey.p12";
var cert = new X509Certificate2(certPath, "notasecret", X509KeyStorageFlags.Exportable);
string[] scopes = new string[] {GmailService.Scope.GmailSettingsBasic};
try
{
updateOutput("Trying to authorize with Google", "I");
ServiceAccountCredential cred = new ServiceAccountCredential(
new ServiceAccountCredential.Initializer("xxx@cool-monolith-153015.iam.gserviceaccount.com")
{
Scopes = scopes
}.FromCertificate(cert));
serviceSA = new GmailService(new BaseClientService.Initializer()
{
HttpClientInitializer = cred,
ApplicationName = "Gmail API - Signature Manager",
});
updateOutput("Authorized successfully", "I");
SendAs sendAsObj = new SendAs();
foreach (string line in csvData_Arr)
{
if (position == 0)
{
// skip this step, this is the header
position++;
}
else
{
dataFields = line.Split(',');
userEmail = dataFields[0];
signatureLocal = mapSignatureFields(signatureText, dataFields);
updateOutput("Updating signature for: " + userEmail, "I");
sendAsObj.SendAsEmail = userEmail;
sendAsObj.Signature = signatureLocal;
serviceSA.Users.Settings.SendAs.Patch(sendAsObj, userEmail, userEmail).Execute();
UsersResource.SettingsResource.SendAsResource.GetRequest sendAsRes = serviceSA.Users.Settings.SendAs.Get(userEmail, userEmail);
if (chkGetbackSig.Checked == true)
{
updateOutput(sendAsRes.Execute().Signature.ToString(), "D");
}
updateOutput(stat, "D");
if (chkGetbackSig.Checked == true)
{
updateOutput("Final signature: " + signatureLocal, "I");
}
position++;
}
}
}
catch (Google.GoogleApiException ex)
{
updateOutput(ex.Message, "E");
}
}
我找到了一个工作代码:
private async void button1_Click(object sender, EventArgs e)
{
string signatureLocal = "";
string[] dataFields;
string userEmail;
int position = 0;
string stat = "";
string certPath=appPath + "saKey.p12";
var cert = new X509Certificate2(certPath, "notasecret", X509KeyStorageFlags.Exportable);
string[] scopes = new string[] {GmailService.Scope.GmailSettingsBasic, GmailService.Scope.MailGoogleCom};
try
{
SendAs sendAsObj = new SendAs();
foreach (string line in csvData_Arr)
{
if (position == 0)
{
// skip this step, this is the header
position++;
}
else
{
dataFields = line.Split(',');
userEmail = dataFields[0];
updateOutput("Trying to authorize with Google", "I");
ServiceAccountCredential cred = new ServiceAccountCredential(
new ServiceAccountCredential.Initializer("xxx@cool-monolith-153015.iam.gserviceaccount.com")
{
User = userEmail,
Scopes = scopes
}.FromCertificate(cert));
updateOutput("Authorized successfully", "I");
serviceSA = new GmailService(new BaseClientService.Initializer()
{
HttpClientInitializer = cred,
ApplicationName = "Gmail API - Signature Manager",
});
signatureLocal = mapSignatureFields(signatureText, dataFields);
updateOutput("Updating signature for: " + userEmail, "I");
sendAsObj.SendAsEmail = userEmail;
sendAsObj.Signature = signatureLocal;
serviceSA.Users.Settings.SendAs.Patch(sendAsObj, userEmail, userEmail).Execute();
UsersResource.SettingsResource.SendAsResource.GetRequest sendAsRes = serviceSA.Users.Settings.SendAs.Get(userEmail, userEmail);
if (chkGetbackSig.Checked == true)
{
updateOutput(sendAsRes.Execute().Signature.ToString(), "D");
}
updateOutput(stat, "D");
if (chkGetbackSig.Checked == true)
{
updateOutput("Final signature: " + signatureLocal, "I");
}
position++;
}
}
}
catch (Google.GoogleApiException ex)
{
updateOutput(ex.Message, "E");
}
}
这里有一个问题,如果我每次迭代都 re-authenticate 可以吗?我可能每秒钟都会有 1000 个帐户进行身份验证...
谢谢!