是否可以冒充用户阅读他们的联系人?我创建了一个服务帐户,启用了域范围授权并启用了Admin和People API。
我可以通过模拟我的管理员用户来成功读取目录。但是,我无法获得该用户的联系人列表。相反,我收到HTTP 404错误。
我感谢任何帮助。
以下是我的代码:
var google = require('googleapis').google;
var googleKey = require('./key/google-services.json');
var jwtClient = new google.auth.JWT(
googleKey.client_email,
null, googleKey.private_key,
['https://www.googleapis.com/auth/admin.directory.user.readonly', 'https://www.googleapis.com/auth/contacts.readonly'],
'<redacted>.com' // ** the user that I am impersonating
);
jwtClient.authorize(function (err, tokens) {
if (err) {
console.err(err);
return;
}
console.log('Google auth success, access_token', tokens.access_token);
//
// 1. accessing the directory works fine
var directory = google.admin('directory_v1');
directory.users.list({
auth: jwtClient,
customer: 'my_customer',
orderBy: 'givenName',
maxResults: 500,
sortOrder: 'ASCENDING',
viewType: 'domain_public', // admin_view
}, function (err, res) {
if (err) {
console.error(err);
return;
}
console.log(res.data.users);
});
//
// listing contacts through the People API fails with a 404
var people = google.people({version: 'v1'});
people.people.connections.list({
auth: jwtClient,
resourceName: 'people/me',
pageSize: 1000,
sortOrder: 'FIRST_NAME_ASCENDING',
personFields: 'names,emailAddresses,photos,addresses,phoneNumbers',
}, function (err, res) {
if (err) {
console.error(err);
return;
}
console.log(res.data.users);
});
});