我正在尝试为目录API制作一个自动化脚本,以创建应用程序用户。我想我已经接近了,因为下面的代码在某种程度上运行:我可以输入"密码"参数,但在与其他参数一起发送后,它会崩溃,并出现以下错误:
引发HttpError(resp,content,uri=self.uri)apiclient.errors.HttpError:https://www.googleapis.com/admin/directory/v1/users?alt=json返回"未授权访问此资源/api">
这是脚本:
import httplib2
import pprint
import sys
import json
import urllib
import urllib2
from apiclient import errors
from apiclient.discovery import build
from oauth2client.client import SignedJwtAssertionCredentials
def main(argv):
# Load the key in PKCS 12 format that you downloaded from the Google API
# Console when you created your Service account.
f = file('key.p12', 'rb')
key = f.read()
f.close()
# Create an httplib2.Http object to handle our HTTP requests and authorize it
# with the Credentials. Note that the first parameter, service_account_name,
# is the Email address created for the Service account. It must be the email
# address associated with the key that was created.
credentials = SignedJwtAssertionCredentials('CLIENT_EMAIL',
key, scope='https://www.googleapis.com/auth/admin.directory.user')
http = httplib2.Http()
http = credentials.authorize(http)
#Parameters for new user
params = {'name':{'givenName':'John', 'familyName':'Smith'},
'password':raw_input("Enter password "), 'primaryEmail':'jsfake@bn.co'}
service = build("admin", "directory_v1", http=http)
insertedUser = service.users().insert(body=params).execute()
if __name__ == '__main__':
main(sys.argv)
似乎这个问题与这里的主题有关:收到错误"未被授权访问该资源/api";当尝试使用Google目录API和服务帐户身份验证时
您需要将具有管理员权限的帐户电子邮件传递到如下凭据中:
credentials = SignedJwtAssertionCredentials('CLIENT_EMAIL',
key, scope='https://www.googleapis.com/auth/admin.directory.user', sub='superadmin@domain.com')