我已经设置了一个新项目来访问我的GSuite帐户用户。当我运行代码时,它会显示401-“需要登录”。
我已授予具有所需范围的帐户“域内授权”。
我正在使用的代码是:
def authorize
authorizer = Google::Auth::ServiceAccountCredentials.make_creds(
json_key_io: File.open('path-to-file.json'),
scope: "https://www.googleapis.com/auth/admin.directory.user.readonly")
authorizer.sub = 'GSuite admin email'
authorizer.fetch_access_token!
end
service = Google::Apis::AdminDirectoryV1::DirectoryService.new
service.authorization = authorize
response = service.list_users
该项目已在我的个人Google开发人员帐户中设置。
有什么想法为什么会发生以及如何解决?
答案 0 :(得分:0)
我在method list中没有看到list_users,只有'list'
那这样的代码呢?
require 'google/apis/admin_directory_v1'
authorizer = Google::Auth::ServiceAccountCredentials.make_creds(
json_key_io: File.open(key_file_location),
scope: 'https://www.googleapis.com/auth/admin.directory.user.readonly'
)
authorizer.sub = acting_admin_email
authorizer.fetch_access_token!
directory_service = Google::Apis::AdminDirectoryV1::DirectoryService.new
directory_service.authorization = authorizer
user_list = directory_service.list
所做的更改是directory_service.authorization = authorizer并使用list而不是user_list。
答案 1 :(得分:0)
您在Windows上运行吗?你有Ruby 2吗?我认为您使用的是旧代码。
# Copyright 2018 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# [START admin_sdk_directory_quickstart]
require "google/apis/admin_directory_v1"
require "googleauth"
require "googleauth/stores/file_token_store"
require "fileutils"
OOB_URI = "urn:ietf:wg:oauth:2.0:oob".freeze
APPLICATION_NAME = "Directory API Ruby Quickstart".freeze
CREDENTIALS_PATH = "credentials.json".freeze
# The file token.yaml stores the user's access and refresh tokens, and is
# created automatically when the authorization flow completes for the first
# time.
TOKEN_PATH = "token.yaml".freeze
SCOPE = Google::Apis::AdminDirectoryV1::AUTH_ADMIN_DIRECTORY_USER_READONLY
##
# Ensure valid credentials, either by restoring from the saved credentials
# files or intitiating an OAuth2 authorization. If authorization is required,
# the user's default browser will be launched to approve the request.
#
# @return [Google::Auth::UserRefreshCredentials] OAuth2 credentials
def authorize
client_id = Google::Auth::ClientId.from_file CREDENTIALS_PATH
token_store = Google::Auth::Stores::FileTokenStore.new file: TOKEN_PATH
authorizer = Google::Auth::UserAuthorizer.new client_id, SCOPE, token_store
user_id = "default"
credentials = authorizer.get_credentials user_id
if credentials.nil?
url = authorizer.get_authorization_url base_url: OOB_URI
puts "Open the following URL in the browser and enter the " \
"resulting code after authorization:\n" + url
code = gets
credentials = authorizer.get_and_store_credentials_from_code(
user_id: user_id, code: code, base_url: OOB_URI
)
end
credentials
end
# Initialize the API
service = Google::Apis::AdminDirectoryV1::DirectoryService.new
service.client_options.application_name = APPLICATION_NAME
service.authorization = authorize
# List the first 10 users in the domain
response = service.list_users(customer: "my_customer",
max_results: 10,
order_by: "email")
puts "Users:"
puts "No users found" if response.users.empty?
response.users.each { |user| puts "- #{user.primary_email} (#{user.name.full_name})" }
# [END admin_sdk_directory_quickstart]