断言AssertionFlowClient,尝试使用ServiceAccountCredential,但它不起作用

时间:2013-10-29 19:11:11

标签: google-drive-api google-api-dotnet-client

我尝试使用代表其他用户的服务帐户创建DriveService。

我已从此处{google文档https://developers.google.com/drive/delegation

复制此代码 
    static DriveService BuildService() {
            X509Certificate2 certificate = new X509Certificate2(SERVICE_ACCOUNT_PKCS12_FILE_PATH, "notasecret", X509KeyStorageFlags.Exportable);
        var provider = new AssertionFlowClient(GoogleAuthenticationServer.Description, certificate)

        {
            ServiceAccountId = SERVICE_ACCOUNT_EMAIL,
            Scope = DriveService.Scopes.Drive.GetStringValue(),
        };
        var auth = new OAuth2Authenticator<AssertionFlowClient>(provider, AssertionFlowClient.GetState);
        return new DriveService(auth);
    }

但是在尝试构建项目时我收到了这个警告:

警告4'Google.Apis.Authentication.OAuth2.DotNetOpenAuth.AssertionFlowClient'已过时:'不再支持AssertionFlowClient,它将在1.7.0-beta中删除。考虑使用新的Google.Apis.Auth NuGet包中的ServiceAccountCredential。'

我也得到了这个错误:

错误11参数1:无法从'Google.Apis.Authentication.OAuth2.OAuth2Authenticator'转换为'Google.Apis.Services.BaseClientService.Initializer'

然后我用Google搜索了ServiceAccountCredential并最终得到了这段代码(源自此页面:https://code.google.com/p/google-api-dotnet-client/wiki/OAuth2#Service_Accounts

static DriveService BuildService() {
            X509Certificate2 certificate = new X509Certificate2(SERVICE_ACCOUNT_PKCS12_FILE_PATH, "notasecret", X509KeyStorageFlags.Exportable);

        ServiceAccountCredential credential = new ServiceAccountCredential(
            new ServiceAccountCredential.Initializer(SERVICE_ACCOUNT_EMAIL)
            {
                User = "someone@mydomain.mygbiz.com", 
                Scopes = new[] { DriveService.Scope.DriveFile }
            }.FromCertificate(certificate));

        var service = new DriveService(new BaseClientService.Initializer()
        {
            HttpClientInitializer = credential,
            ApplicationName = "Drive API Sample",
        });

        return service;
    }

当我尝试构建此代码时,似乎一切正常,但是当我运行它时,我收到以下错误。

mscorlib.dll中出现'System.Security.Cryptography.CryptographicException'类型的第一次机会异常

其他信息:Detgårinteatt hitta detbegärdaobjektet。 (已翻译:找不到请求的对象)

如果存在此异常的处理程序,则可以安全地继续该程序。

此行发生错误:

X509Certificate2 certificate = new X509Certificate2(SERVICE_ACCOUNT_PKCS12_FILE_PATH, "notasecret", X509KeyStorageFlags.Exportable);

有人有什么想法吗?

2013年10月31日更新 我试过这段代码:

{
        Console.WriteLine("Drive API - Service Account");
        Console.WriteLine("==========================");

        String serviceAccountEmail = "<some email>@developer.gserviceaccount.com";

        var certificate = new X509Certificate2(@"key.p12", "notasecret", X509KeyStorageFlags.Exportable);

        ServiceAccountCredential credential = new ServiceAccountCredential(
           new ServiceAccountCredential.Initializer(serviceAccountEmail)
           {
               User = "<someuser>@<mydomain>.mygbiz.com",
               Scopes = new[] { DriveService.Scope.Drive }
           }.FromCertificate(certificate));

        // Create the service.
        var service = new DriveService(new BaseClientService.Initializer()
        {
            HttpClientInitializer = credential,
            ApplicationName = "DrvMgr",
        });

        Console.WriteLine("Executing listing");
        FileList UserFiles = service.Files.List().Execute();

我收到此错误消息:

Google.Apis.dll中发生未处理的“Google.Apis.Auth.OAuth2.Responses.TokenResponseException”类型异常

其他信息:错误:“access_denied”,描述:“”,Uri:“”

1 个答案:

答案 0 :(得分:0)

看起来你的p12文件的路径不正确。有关可行的解决方案,请参阅Plus.ServiceAccount示例。

我认为在此示例中,key.p12作为内容文件添加到项目中,该文件始终复制到输出目录。然后从代码中提到“key.p12”文件路径将导致从输出文件夹中获取此文件。

相关问题
最新问题