使用服务帐户和域范围委派的 Google 课堂

大卫·柴德里斯

创建并授予域范围委派的服务帐户是否应该能够访问我的域中的所有课程和作业?我是域管理员并创建了服务帐户。但是,当我执行代码时,它不会返回任何结果。当我直接从参考页面运行相同的请求时,它会返回数据。

    <?php
/*
 * Copyright 2013 Google Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
include_once __DIR__ . '/../vendor/autoload.php';
include_once "templates/base.php";
echo pageHeader("Service Account Access");

//putenv('/GOOGLE_APPLICATION_CREDENTIALS = service-account-credentials.json');

/************************************************
  Make an API request authenticated with a service
  account.
 ************************************************/
$client = new Google_Client();
/************************************************
  ATTENTION: Fill in these values, or make sure you
  have set the GOOGLE_APPLICATION_CREDENTIALS
  environment variable. You can get these credentials
  by creating a new Service Account in the
  API console. Be sure to store the key file
  somewhere you can get to it - though in real
  operations you'd want to make sure it wasn't
  accessible from the webserver!
  Make sure the Books API is enabled on this
  account as well, or the call will fail.
 ************************************************/
putenv('GOOGLE_APPLICATION_CREDENTIALS= ../../../public/service-account-credentials.json');
$client->useApplicationDefaultCredentials();


if ($credentials_file = checkServiceAccountCredentialsFile()) {
  // set the location manually
  $client->setAuthConfig($credentials_file);
} elseif (getenv('GOOGLE_APPLICATION_CREDENTIALS')) {
  // use the application default credentials
  $client->useApplicationDefaultCredentials();
} else {
  echo missingServiceAccountDetailsWarning();
  return;
}
$client->setApplicationName("Google-Classroom");
$client->setScopes(['https://www.googleapis.com/auth/classroom.courses.readonly']);
$service = new Google_Service_Classroom($client);
/************************************************
  We're just going to make the same call as in the
  simple query as an example.
 ************************************************/
$optParams = array('pageSize' => 10,'studentId'=>'[email protected]');
$results = $service->courses->listCourses($optParams);


if (count($results->getCourses()) == 0) {
  print "No courses found.\n";
} else {

echo "<h3>Results Of Call:</h3>";
 foreach ($results as $course){
  echo $course->getName();
  echo"<br />";
 }
}

 pageFooter(__FILE__); 
 ?>
李杰

域范围的委派要求您指定要充当的域用户。它也不适用于应用程序默认凭据(AppEngine 和 Compute Engine 服务中内置的服务帐户),您需要在项目中手动创建 SA。假设您使用的是您创建的 SA(凭据文件),请尝试添加:

$user_to_impersonate = "[email protected]";
$client->setSubject($user_to_impersonate);

本文收集自互联网,转载请注明来源。

如有侵权,请联系 [email protected] 删除。

编辑于
0

我来说两句

0 条评论
登录 后参与评论

相关文章