我正在尝试从Google App Engine Go 1.11 Standard Environment上运行的应用程序通过API访问Google电子表格。 不幸的是,应用程序无法读取this spreadsheet。
我在Spreadsheets.Values.Get通话中遇到下一个错误:
googleapi: Error 403: Request had insufficient authentication scopes., forbidden
示例代码
// Sample app showing issue with GAE -> google spreadsheets
package main
import (
"context"
"fmt"
"log"
"net/http"
"os"
"cloud.google.com/go/compute/metadata"
"golang.org/x/oauth2/google"
"google.golang.org/api/sheets/v4"
)
func main() {
http.HandleFunc("/", indexHandler)
// [START setting_port]
port := os.Getenv("PORT")
if port == "" {
port = "8080"
log.Printf("Defaulting to port %s\n", port)
}
// let's check app engine instance scopes
scopes, _ := metadata.Get("instance/service-accounts/default/scopes")
log.Printf("[DEBUG] metadata scopes: %s.\n", scopes)
log.Printf("Listening on port %s", port)
log.Fatal(http.ListenAndServe(fmt.Sprintf(":%s", port), nil))
// [END setting_port]
}
// indexHandler responds to requests with our greeting.
func indexHandler(w http.ResponseWriter, r *http.Request) {
ctx := context.Background()
client, _ := google.DefaultClient(ctx, "https://www.googleapis.com/auth/spreadsheets.readonly")
srv, err := sheets.New(client)
// Prints the names and majors of students in a sample spreadsheet:
// https://docs.google.com/spreadsheets/d/1BxiMVs0XRA5nFMdKvBdBZjgmUUqptlbs74OgvE2upms/edit
spreadsheetId := "1BxiMVs0XRA5nFMdKvBdBZjgmUUqptlbs74OgvE2upms"
readRange := "Class Data!A2:E"
resp, err := srv.Spreadsheets.Values.Get(spreadsheetId, readRange).Do()
if err != nil {
log.Fatalf("Unable to retrieve data from sheet: %v\n", err)
}
if len(resp.Values) == 0 {
fmt.Fprintf(w, "No data found.\n")
} else {
fmt.Fprintf(w, "Name, Major:\n")
for _, row := range resp.Values {
// Print columns A and E, which correspond to indices 0 and 4.
fmt.Fprintf(w, "%s, %s\n", row[0], row[4])
}
}
}
复制步骤:
1)部署应用:gcloud app deploy
2)在浏览器中打开(您会得到502):gcloud app browse
3)检查日志:gcloud app logs read
2018-12-11 21:44:56 default[20181211t134352] "GET / HTTP/1.1" 502
2018-12-11 21:44:57 default[20181211t134352] 2018/12/11 21:44:57 [DEBUG] metadata scopes: https://www.googleapis.com/auth/appengine.apis
2018-12-11 21:44:57 default[20181211t134352] https://www.googleapis.com/auth/cloud-platform
2018-12-11 21:44:57 default[20181211t134352] https://www.googleapis.com/auth/cloud_debugger
2018-12-11 21:44:57 default[20181211t134352] https://www.googleapis.com/auth/devstorage.full_control
2018-12-11 21:44:57 default[20181211t134352] https://www.googleapis.com/auth/logging.write
2018-12-11 21:44:57 default[20181211t134352] https://www.googleapis.com/auth/monitoring.write
2018-12-11 21:44:57 default[20181211t134352] https://www.googleapis.com/auth/trace.append
2018-12-11 21:44:57 default[20181211t134352] https://www.googleapis.com/auth/userinfo.email
2018-12-11 21:44:57 default[20181211t134352] .
2018-12-11 21:44:57 default[20181211t134352] 2018/12/11 21:44:57 Listening on port 8081
2018-12-11 21:44:58 default[20181211t134352] 2018/12/11 21:44:58 Unable to retrieve data from sheet: googleapi: Error 403: Request had insufficient authentication scopes., forbidden
有人可以帮忙了解如何解决此问题吗?
答案 0 :(得分:1)
我之前也曾将App Engine与G Suite集成。您需要使用服务帐户密钥。默认值不足以满足要求(我相信是因为它没有私钥,但这可能是错误的)。
基本上,您将需要使用代码上传密钥,并使用该密钥来获取Client(而不是使用默认密钥):
func getOauthClient(serviceAccountKeyPath string) *http.Client {
ctx := context.Background()
data, err := ioutil.ReadFile(serviceAccountKeyPath)
if err != nil {
log.Fatal(err)
}
creds, err := google.CredentialsFromJSON(ctx, data, "https://www.googleapis.com/auth/spreadsheets.readonly")
if err != nil {
log.Fatal(err)
}
return oauth2.NewClient(ctx, creds.TokenSource)
}