Using Spreadsheet API OAuth2 with Certificate Authentication

问题

I am trying to use Gdata Spreadsheet API with OAuth2.

Using OAuth2.0 ClientID works with OAuth2WebServerFlow on a domain, But using Service Accounts / Certificate causes a 400 BAD Request

The scopes used are

https://www.googleapis.com/auth/userinfo.email 
https://www.googleapis.com/auth/userinfo.profile 
https://www.googleapis.com/auth/admin.directory.group.readonly 
https://www.googleapis.com/auth/admin.directory.user.readonly 
https://docs.google.com/feeds/ 
https://spreadsheets.google.com/feeds

Here is the code that I am using

SUCCEEDS : OAuth2.0

flow = OAuth2WebServerFlow(client_id=CLIENT_ID,
                           client_secret=CLIENT_SECRET,
                           scope=SCOPE,
                           access_type = "online",
                           redirect_uri=REDIRECT_URI)
credentials = flow.step2_exchange(code)
auth2token = gauth.OAuth2Token(
                            client_id=credentials.client_id,
                            client_secret=credentials.client_secret,
                            scope=SCOPE,
                            access_token=credentials.access_token,
                            refresh_token=credentials.refresh_token,
                            user_agent='spreadsheetclient/1.0',)
client = SpreadsheetsClient(auth_token=auth2token)
auth2token.authorize(client)
q = SpreadsheetQuery(title= "ItemMaster",title_exact=True)
feed = client.get_spreadsheets(query = q)

FAILS Oauth2.0 Certificate

credentials = SignedJwtAssertionCredentials(
                        SERVICE_ACCOUNT_EMAIL,
                        CERTIFICATE,
                        scope = SCOPE,
                        prn = "admin@domain.com"
                        )
http = httplib2.Http()
http = credentials.authorize(http)
auth2token = gauth.OAuth2Token(
                        client_id=credentials.client_id,
                        client_secret=credentials.client_secret,
                        scope=SCOPE,
                        access_token=credentials.access_token,
                        refresh_token=credentials.refresh_token,
                        user_agent='spreadsheetclient/1.0',)
client = SpreadsheetsClient()
auth2token.authorize(client)
q = SpreadsheetQuery(title= "ItemMaster",title_exact=True,)
feed = client.get_spreadsheets(query = q)

So is there a way to get Certificate authentication to work for Gdata API ?

回答1:

I solved it by using OAuth2TokenFromCredentials

    credentials = SignedJwtAssertionCredentials(
                    SERVICE_ACCOUNT_EMAIL,
                    PRIVATE_KEY,
                    scope = SCOPE,
                    sub = "admin@domain.com")
    auth2token = gauth.OAuth2TokenFromCredentials(credentials)
    client = SpreadsheetsClient()
    auth2token.authorize(client)
    q = SpreadsheetQuery(title= "ItemMaster",title_exact=True,)
    feed = client.get_spreadsheets(query = q)
    self.response.write(feed)

来源：https://stackoverflow.com/questions/20209178/using-spreadsheet-api-oauth2-with-certificate-authentication

标签

python

gdata

google-oauth

google-spreadsheet-api

google-apps-marketplace