转销商 API - 权限不足
Re-seller API - insufficient permissions
我正在尝试创建一个新客户并将 G-Suite 订阅附加到该客户,但似乎无法执行此操作。
我现在在哪里:
- 可以创建一个 google 客户端对象
- 可以检查该域是否已存在客户
- 可以创建客户对象
指南:
- https://developers.google.com/admin-sdk/reseller/v1/codelab/end-to-end
- https://developers.google.com/admin-sdk/reseller/v1/quickstart/php
错误代码:
Uncaught Google_Service_Exception:
{"error":{"errors":[{"domain":"global","reason":"insufficientPermissions","message":"Insufficient
Permission"}]
我怀疑它与许可范围有关(是的,我刚刚说过)。问题是我正在遵循 google 的指南,所以我不确定问题出在哪里。
当前范围:
function get_client()
{
$OAUTH2_SCOPES = [
Google_Service_Reseller::APPS_ORDER,
Google_Service_SiteVerification::SITEVERIFICATION,
Google_Service_Directory::ADMIN_DIRECTORY_USER,
];
$client = new Google_Client();
$client->setApplicationName('test');
$client->setScopes($OAUTH2_SCOPES);
$client->setAuthConfig(__DIR__ . '/credentials.json');
$client->setAccessType('offline');
$client->setPrompt('select_account consent');
// Load previously authorized token from a file, if it exists.
// The file token.json stores the user's access and refresh tokens, and is
// created automatically when the authorization flow completes for the first
// time.
$tokenPath = 'token.json';
if(file_exists($tokenPath))
{
$accessToken = json_decode(file_get_contents($tokenPath), true);
$client->setAccessToken($accessToken);
}
// If there is no previous token or it's expired.
if($client->isAccessTokenExpired())
{
// Refresh the token if possible, else fetch a new one.
if ($client->getRefreshToken())
{
$client->fetchAccessTokenWithRefreshToken($client->getRefreshToken());
}
else
{
// Request authorization from the user.
$authUrl = $client->createAuthUrl();
printf("Open the following link in your browser:\n%s\n", $authUrl);
print 'Enter verification code: ';
$authCode = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
// Exchange authorization code for an access token.
$accessToken = $client->fetchAccessTokenWithAuthCode($authCode);
$client->setAccessToken($accessToken);
// Check to see if there was an error.
if(array_key_exists('error', $accessToken))
{
throw new Exception(join(', ', $accessToken));
}
}
// Save the token to a file.
if (!file_exists(dirname($tokenPath)))
{
mkdir(dirname($tokenPath), 0700, true);
}
file_put_contents($tokenPath, json_encode($client->getAccessToken()));
}
return $client;
}
我自己想出了解决办法。
问题:
权限不足
解决方法:
令牌文件未更新,具有新添加的权限 - 因此删除并重新创建 cred.json 文件 - 解决了问题:)
我正在尝试创建一个新客户并将 G-Suite 订阅附加到该客户,但似乎无法执行此操作。
我现在在哪里:
- 可以创建一个 google 客户端对象
- 可以检查该域是否已存在客户
- 可以创建客户对象
指南:
- https://developers.google.com/admin-sdk/reseller/v1/codelab/end-to-end
- https://developers.google.com/admin-sdk/reseller/v1/quickstart/php
错误代码:
Uncaught Google_Service_Exception: {"error":{"errors":[{"domain":"global","reason":"insufficientPermissions","message":"Insufficient Permission"}]
我怀疑它与许可范围有关(是的,我刚刚说过)。问题是我正在遵循 google 的指南,所以我不确定问题出在哪里。
当前范围:
function get_client()
{
$OAUTH2_SCOPES = [
Google_Service_Reseller::APPS_ORDER,
Google_Service_SiteVerification::SITEVERIFICATION,
Google_Service_Directory::ADMIN_DIRECTORY_USER,
];
$client = new Google_Client();
$client->setApplicationName('test');
$client->setScopes($OAUTH2_SCOPES);
$client->setAuthConfig(__DIR__ . '/credentials.json');
$client->setAccessType('offline');
$client->setPrompt('select_account consent');
// Load previously authorized token from a file, if it exists.
// The file token.json stores the user's access and refresh tokens, and is
// created automatically when the authorization flow completes for the first
// time.
$tokenPath = 'token.json';
if(file_exists($tokenPath))
{
$accessToken = json_decode(file_get_contents($tokenPath), true);
$client->setAccessToken($accessToken);
}
// If there is no previous token or it's expired.
if($client->isAccessTokenExpired())
{
// Refresh the token if possible, else fetch a new one.
if ($client->getRefreshToken())
{
$client->fetchAccessTokenWithRefreshToken($client->getRefreshToken());
}
else
{
// Request authorization from the user.
$authUrl = $client->createAuthUrl();
printf("Open the following link in your browser:\n%s\n", $authUrl);
print 'Enter verification code: ';
$authCode = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
// Exchange authorization code for an access token.
$accessToken = $client->fetchAccessTokenWithAuthCode($authCode);
$client->setAccessToken($accessToken);
// Check to see if there was an error.
if(array_key_exists('error', $accessToken))
{
throw new Exception(join(', ', $accessToken));
}
}
// Save the token to a file.
if (!file_exists(dirname($tokenPath)))
{
mkdir(dirname($tokenPath), 0700, true);
}
file_put_contents($tokenPath, json_encode($client->getAccessToken()));
}
return $client;
}
我自己想出了解决办法。
问题:
权限不足
解决方法:
令牌文件未更新,具有新添加的权限 - 因此删除并重新创建 cred.json 文件 - 解决了问题:)