私のサービスアカウントのスコープは次のとおりです:https : //apps-apis.google.com/a/feeds/user/およびDriveScope.DRIVE
サービスアカウントIDのドメイン設定の[サードパーティのOAuthクライアントアクセスの管理]でこれと同じスコープを承認しました。
プロビジョニングAPIのJavaクライアントを使用しています。
私はグーグルoauthクライアントでクレデンシャルを構築しますGoogleCredential.Builder
:
credBuilder.setTransport(HTTP_TRANSPORT)
.setJsonFactory(JSON_FACTORY)
.setServiceAccountId(config.serviceAccountId)
.setServiceAccountPrivateKeyFromP12File(new File(config.keyFilePath))
.setServiceAccountScopes(SCOPES);
.setServiceAccountUser("admin.of.my@domain.com")
プロビジョニングAPIへのリクエストを承認しようとしています
userService = new UserService(config.repositoryId);
userService.setOAuth2Credentials(oAuthCredentials);
oAuthCredentials
以前に作成したサービス資格情報はどこにありますか。
その構成で、ドメインの任意のユーザーのGoogleドライブからファイルとコレクションにアクセスできます。しかし、私のドメインのユーザーのリストにそれらの資格情報でアクセスすることはできません。
サービスアカウントのユーザーを指定しないと、どちらも機能しません
これが私が得るスタックトレースです:
com.google.gdata.util.ServiceForbiddenException: You are not authorized to access this API.
<HTML>
<HEAD>
<TITLE>You are not authorized to access this API.</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>You are not authorized to access this API.</H1>
<H2>Error 403</H2>
</BODY>
</HTML>
at com.google.gdata.client.http.HttpGDataRequest.handleErrorResponse(HttpGDataRequest.java:605)
at com.google.gdata.client.http.GoogleGDataRequest.handleErrorResponse(GoogleGDataRequest.java:564)
at com.google.gdata.client.http.HttpGDataRequest.checkResponse(HttpGDataRequest.java:560)
at com.google.gdata.client.http.HttpGDataRequest.execute(HttpGDataRequest.java:538)
at com.google.gdata.client.http.GoogleGDataRequest.execute(GoogleGDataRequest.java:536)
at com.google.gdata.client.Service.getFeed(Service.java:1135)
at com.google.gdata.client.Service.getFeed(Service.java:998)
at com.google.gdata.client.GoogleService.getFeed(GoogleService.java:645)
at com.google.gdata.client.Service.getFeed(Service.java:1017)
at com.google.gdata.client.appsforyourdomain.AppsForYourDomainService.getFeed(AppsForYourDomainService.java:137)
at foo.bar.baz.eci.gdrive.service.BaseService$1.doTry(BaseService.java:125)
at foo.bar.baz.eci.gdrive.service.BaseService$1.doTry(BaseService.java:1)
at foo.bar.baz.eci.gdrive.service.backoff.BackoffRequest.execute(BackoffRequest.java:50)
at foo.bar.baz.eci.gdrive.service.BaseService.getFeedWithBackoff(BaseService.java:129)
at foo.bar.baz.eci.gdrive.service.BaseService.retrieveAllEntries(BaseService.java:90)
at foo.bar.baz.eci.gdrive.service.GappsUserService.getAllUserFeed(GappsUserService.java:57)
at foo.bar.baz.eci.gdrive.GdriveContentProviderFactory.doDiscover(GdriveContentProviderFactory.java:67)
... 19 more
そして、クライアントライブラリからのロギング:
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest setPrivateHeader
PLUS FIN: Authorization: <Not Logged>
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest setPrivateHeader
PLUS FIN: Authorization: <Not Logged>
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest setPrivateHeader
PLUS FIN: Authorization: <Not Logged>
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest setHeader
PLUS FIN: User-Agent: gdocsRepo GData-Java/1.47.1(gzip)
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest setHeader
PLUS FIN: User-Agent: gdocsRepo GData-Java/1.47.1(gzip)
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest setHeader
PLUS FIN: User-Agent: gdocsRepo GData-Java/1.47.1(gzip)
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest setHeader
PLUS FIN: Accept-Encoding: gzip
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest setHeader
PLUS FIN: Accept-Encoding: gzip
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest setHeader
PLUS FIN: Accept-Encoding: gzip
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest setHeader
PLUS FIN: GData-Version: 1.0
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest setHeader
PLUS FIN: GData-Version: 1.0
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest setHeader
PLUS FIN: GData-Version: 1.0
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
FIN: 403 You are not authorized to access this API.
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
FIN: 403 You are not authorized to access this API.
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
FIN: 403 You are not authorized to access this API.
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: Content-Encoding: gzip
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: Content-Encoding: gzip
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: Content-Encoding: gzip
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: Content-Length: 151
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: Content-Length: 151
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: Content-Length: 151
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: null: HTTP/1.1 403 You are not authorized to access this API.
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: null: HTTP/1.1 403 You are not authorized to access this API.
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: null: HTTP/1.1 403 You are not authorized to access this API.
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: Expires: Wed, 21 Nov 2012 14:17:37 GMT
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: Expires: Wed, 21 Nov 2012 14:17:37 GMT
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: Expires: Wed, 21 Nov 2012 14:17:37 GMT
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: X-XSS-Protection: 1; mode=block
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: X-XSS-Protection: 1; mode=block
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: X-XSS-Protection: 1; mode=block
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: X-Frame-Options: SAMEORIGIN
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: X-Frame-Options: SAMEORIGIN
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: X-Frame-Options: SAMEORIGIN
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: Date: Wed, 21 Nov 2012 14:17:37 GMT
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: Date: Wed, 21 Nov 2012 14:17:37 GMT
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: Date: Wed, 21 Nov 2012 14:17:37 GMT
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: Content-Type: text/html; charset=UTF-8
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: Content-Type: text/html; charset=UTF-8
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: Content-Type: text/html; charset=UTF-8
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: Server: GSE
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: Server: GSE
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: Server: GSE
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: X-Content-Type-Options: nosniff
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: X-Content-Type-Options: nosniff
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: X-Content-Type-Options: nosniff
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: Cache-Control: private, max-age=0
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: Cache-Control: private, max-age=0
21 nov. 2012 15:17:37 com.google.gdata.client.http.HttpGDataRequest execute
PLUS FIN: Cache-Control: private, max-age=0