使用Google API服务帐户获取所有域用户的日历列表

时间:2014-11-12 08:34:10

标签: python access-token google-api-client service-accounts

我创建了一个服务帐户并委托了域范围的权限。我正在尝试获取每个用户都可以访问的日历列表。某些用户的电子邮件可以进行呼叫,有些则不能并且返回无效的请求错误。任何人都可以帮忙吗?

import httplib2

from apiclient import errors
from apiclient.discovery import build
from oauth2client.client import SignedJwtAssertionCredentials

"""Email of the Service Account"""
SERVICE_ACCOUNT_EMAIL = 'xxxxx@developer.gserviceaccount.com'

"""Path to the Service Account's Private Key file"""
SERVICE_ACCOUNT_PKCS12_FILE_PATH = 'key.p12'

def createCalendarService(user_email):
  """Build and returns a service object authorized with the service accounts
  that act on behalf of the given user.

  Args:
    user_email: The email of the user.
  Returns:
    Calendar service object.
  """
  print "--------- current email %s -----------" % user_email
  f = file(SERVICE_ACCOUNT_PKCS12_FILE_PATH, 'rb')
  key = f.read()
  f.close()

  http = httplib2.Http()
  storage = Storage('calendar.dat')
  credentials = storage.get()

  if credentials is None or credentials.invalid or credentials.access_token_expired:
    credentials = SignedJwtAssertionCredentials(SERVICE_ACCOUNT_EMAIL, key,
      scope='https://www.googleapis.com/auth/calendar', sub=user_email)
    http = credentials.authorize(http)
    http.request.credentials.refresh(http)
    storage.put(credentials)
  else:
    http = credentials.authorize(http)
  return build('calendar', 'v3', http=http)

all_email_list = [###a list of emails]

for email in all_email_list:
  calendar_service = createCalendarService(email)
  page_token = None
  while True:
    calendar_list = calendar_service.calendarList().list(pageToken=page_token).execute()
    for calendar_list_entry in calendar_list['items']:
      print calendar_list_entry['summary']
      print calendar_list_entry['accessRole']
    page_token = calendar_list.get('nextPageToken')
    if not page_token:
      break

Traceback (most recent call last):
  File "google_calendar_api.py", line 52, in <module>
    calendar_service = createCalendarService(email)
  File "google_calendar_api.py", line 40, in createCalendarService
    http.request.credentials.refresh(http)
  File "build/bdist.macosx-10.9-x86_64/egg/oauth2client/client.py", line 559, in refresh
  File "build/bdist.macosx-10.9-x86_64/egg/oauth2client/client.py", line 728, in _refresh
  File "build/bdist.macosx-10.9-x86_64/egg/oauth2client/client.py", line 757, in _do_refresh_request
  File "build/bdist.macosx-10.9-x86_64/egg/oauth2client/util.py", line 129, in positional_wrapper
  File "build/bdist.macosx-10.9-x86_64/egg/oauth2client/client.py", line 516, in new_request
  File "build/bdist.macosx-10.9-x86_64/egg/oauth2client/client.py", line 728, in _refresh
  File "build/bdist.macosx-10.9-x86_64/egg/oauth2client/client.py", line 790, in _do_refresh_request
oauth2client.client.AccessTokenRefreshError: invalid_request

1 个答案:

答案 0 :(得分:1)

仅使用此:

&#13;
&#13;
f = open('PK12_File', 'rb')
key = f.read()
f.close()
    
credentials = SignedJwtAssertionCredentials(service_account_name=client_email,private_key=key, scope=Calendar_SCOPE,sub="admin_account")

http = httplib2.Http()
http = credentials.authorize(http)

return build('calendar', 'v3', http=http)
&#13;
&#13;
&#13;