我正在尝试使用不带OAuth的方法来访问Calendar API,从而为服务帐户实现授权。https://developers.google.com/identity/protocols/oauth2/service-account#jwt-授权
With some Google APIs, you can make authorized API calls using a signed JWT directly as a bearer token, rather than an OAuth 2.0 access token.
If the API you want to call has a service definition published in the Google APIs GitHub repository, you can make authorized API calls using a JWT instead of an access token. To do so:
Using any standard JWT library, such as one found at jwt.io, create a JWT with a header and payload like the following example:
{
"alg": "RS256",
"typ": "JWT",
"kid": "abcdef1234567890"
}
.
{
"iss": "123456-compute@developer.gserviceaccount.com",
"sub": "123456-compute@developer.gserviceaccount.com",
"aud": "https://firestore.googleapis.com/",
"iat": 1511900000,
"exp": 1511903600
}
上述文件提到JWTaud字段应以https://SERVICE.googleapis.com/格式给出。由于日历端点不在格式中,是否可以使用此授权机制访问日历API?
日历端点为https://www.googleapis.com/
是。Google提供日历服务API端点作为https://calendar-json.googleapis.com/。https://support.google.com/workspacemigrate/answer/9222865?hl=en