search

google / gdata-python-client

443 stars 227 forks source link

EmailSettings not working with oauth2 ? #30

Open ldng opened 9 years ago

ldng commented 9 years ago 
service_account_mail = 'xxxxxx@developer.gserviceaccount.com'
service_account_client_id = 'xxxxxx.apps.googleusercontent.com'

with open("private_key.p12") as f:
    private_key = f.read()

gapps_scope=[
      'https://www.googleapis.com/auth/drive',
      'https://apps-apis.google.com/a/feeds/emailsettings/2.0/',
]

credentials = SignedJwtAssertionCredentials(service_account_mail, private_key, gapps_scope)

print credentials.access_token
None

credentials.get_access_token()

credentials.access_token
Now I get something useful

headers = {
    'Authorization': 'Bearer ' + credentials.access_token,
    'Content-type': 'application/atom+xml'
}

url_tpl = """https://apps-apis.google.com/a/feeds/emailsettings/2.0/mydomain.com/%s/%s"""

url = url_tpl % (myusername, 'label')
r = requests.get(url, headers=headers)
403 - 'You are not authorized to access this API.'

body_tpl = """<?xml version="1.0" encoding="utf-8"?>
<atom:entry xmlns:atom="http://www.w3.org/2005/Atom" xmlns:apps="http://schemas.google.com/apps/2006">
    <apps:property name="signature" value="%s" />
</atom:entry>"""

url = url_tpl % (myusername, 'signature')

payload = body_tpl % 'Test'
r = requests.put(url, headers=headers, data=payload)
403 - 'You are not authorized to access this API.'

r = requests.get(url, headers=headers)
403 - 'You are not authorized to access this API.'

drive_url = "https://www.googleapis.com/drive/v2/files"
headers = {  'Authorization': 'Bearer ' + credentials.access_token, }
r = requests.get(drive_url, headers=headers)
200 - 'OK'

Also tried : EmailSettingsClient + AuthSubToken, EmailSettingsClient + client.auth_token override, EmailSettingsClient + HttpRequest(headers=additional_headers), EmailSettingsClient + OAuth2TokenFromCredentials(credentials).authorize

Could someone else confirm it works (by actually trying, please) and maybe explain what I'm doing wrong here ?

Many thanks.

ldng commented 9 years ago

I would add that when I use the credential.access_token directly in the OAuth 2.0 Playground in step 2, I do get the same results, it works for Drive but not for EmailSettings.

ghost commented 9 years ago

I have the same problem with email settings. I've tried the code above and other trial-error tests always obtaining an error.

I've been easily using for a lot of months something like this:

import gdata.apps.emailsettings.client

client = gdata.apps.emailsettings.client.EmailSettingsClient(domain='my.domain')
client.ClientLogin(email='myemail', password='mypassword', source='myapp')
client.UpdateSignature(username='myusername', signature='mysignature')

Someone knows the new code needed to replace this old one ? I've been searching around and I think the problem arised with the changes in validation.

Thanks in advance, regards