Question

我在Google Apps中有一个项目，我已启用了Calendar API和Gmail API（生成了用于服务器到服务器身份验证的'.p12'密钥）。我已设法使用以下内容读取/写入我的Google日历帐户：

 private CalendarService GetCalendarService()
 {
     var certificate = new X509Certificate2(_googleCredentialsFilePath, "notasecret", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet);
     var serviceEmail = "599172797645-dthli52ji7j0j53gacmqigvs694bu7vs@developer.gserviceaccount.com";
     var credential = new ServiceAccountCredential(new ServiceAccountCredential.Initializer(serviceEmail)
        {
            Scopes = new[] { CalendarService.Scope.Calendar, CalendarService.Scope.CalendarReadonly }
        }.FromCertificate(certificate));

        var applicationName = ConfigurationManager.AppSettings["ApplicationName"];
        var service = new CalendarService(new BaseClientService.Initializer()
        {
            HttpClientInitializer = credential,
            ApplicationName = applicationName,
        });

        return service;
    }

使用服务对象，我可以在我的日历中创建事件，如下所示：

var newEvent = new Event()
{
     Summary = calendarEvent.Summary,
     Description = calendarEvent.Description,
     Start = new EventDateTime()
     {
        DateTime = calendarEvent.StartDateTime,
        TimeZone = _ianaTimezone,
     },
     End = new EventDateTime()
     {
         DateTime = calendarEvent.EndDateTime,
         TimeZone = _ianaTimezone,
     }
};

var request = _calendarService.Events.Insert(newEvent, googleCalendarId);
var result = request.Execute(); // CREATE EVENT SUCCESSFULLY

现在，对于Gmail API客户端，我想使用服务帐户所有者电子邮件发送电子邮件（我用来登录Google开发者控制台 - “mypersonalemail@gmail.com”

private GmailService GetGmailService()
{
    var certificate = new X509Certificate2(_googleCredentialsFilePath, "notasecret", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet);
    var serviceEmail = "599172797645-dthli52ji7j0j53gacmqigvs694bu7vs@developer.gserviceaccount.com";
    var credential = new ServiceAccountCredential(new ServiceAccountCredential.Initializer(serviceEmail)
    {
        Scopes = new[] { GmailService.Scope.MailGoogleCom, GmailService.Scope.GmailCompose, GmailService.Scope.GmailModify, GmailService.Scope.GmailSend },
        User = "mypersonalemail@gmail.com"
    }.FromCertificate(certificate));

    var applicationName = ConfigurationManager.AppSettings["ApplicationName"];
    var service = new GmailService(new BaseClientService.Initializer()
    {
        HttpClientInitializer = credential,
        ApplicationName = applicationName,
     });

     return service;
}

但是，当我尝试测试此客户端请求草稿列表时：

ListDraftsResponse draftsResponse = _gmailService.Users.Drafts.List("mypersonalemail@gmail.com").Execute();

然后我收到错误：

"Error:\"unauthorized_client\", Description:\"Unauthorized client or scope in request.\", Uri:\"\"" string

我已使用mypersonalemail@gmail.com和

登录Google Developers Console

API Manager＆gt;权限＆gt;添加服务帐户所有者添加“mypersonalemail@gmail.com”作为服务电子邮件所有者（可能是冗余的）

我是否需要Google Apps for Work才能通过服务帐户从我自己的Gmail帐户发送/阅读电子邮件？我的应用目前作为网络应用程序托管在Azure中。

Answer 1

检查This

并确保您访问 google.Admin 帐户，以引用您创建的应用的服务帐户客户端ID ，并且时区采用以下格式“的美国/菲尼克斯”。

Google API - Calendar API正常运行，但Gmail API会返回''unauthorized_client'

1 个答案: