Google API - 日历 API 正在运行,但 Gmail API 返回“unauthorized_client”

本文关键字:API 返回 unauthorized client Gmail 日历 Google 运行 | 更新日期: 2023-09-27 18:35:46

我在Google Apps中有一个项目,我为其启用了日历API和Gmail API(生成了一个".p12"密钥用于服务器到服务器身份验证)。我已经设法使用以下方法读取/写入我的Google日历帐户:

 private CalendarService GetCalendarService()
 {
     var certificate = new X509Certificate2(_googleCredentialsFilePath, "notasecret", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet);
     var serviceEmail = "599172797645-dthli52ji7j0j53gacmqigvs694bu7vs@developer.gserviceaccount.com";
     var credential = new ServiceAccountCredential(new ServiceAccountCredential.Initializer(serviceEmail)
        {
            Scopes = new[] { CalendarService.Scope.Calendar, CalendarService.Scope.CalendarReadonly }
        }.FromCertificate(certificate));
        var applicationName = ConfigurationManager.AppSettings["ApplicationName"];
        var service = new CalendarService(new BaseClientService.Initializer()
        {
            HttpClientInitializer = credential,
            ApplicationName = applicationName,
        });
        return service;
    }

使用服务对象,我可以在日历中创建事件,如下所示:

var newEvent = new Event()
{
     Summary = calendarEvent.Summary,
     Description = calendarEvent.Description,
     Start = new EventDateTime()
     {
        DateTime = calendarEvent.StartDateTime,
        TimeZone = _ianaTimezone,
     },
     End = new EventDateTime()
     {
         DateTime = calendarEvent.EndDateTime,
         TimeZone = _ianaTimezone,
     }
};
var request = _calendarService.Events.Insert(newEvent, googleCalendarId);
var result = request.Execute(); // CREATE EVENT SUCCESSFULLY

现在,对于Gmail API客户端,我想使用服务帐户所有者电子邮件发送电子邮件(与我登录Google开发控制台相同的电子邮件 - "mypersonalemail@gmail.com"

private GmailService GetGmailService()
{
    var certificate = new X509Certificate2(_googleCredentialsFilePath, "notasecret", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet);
    var serviceEmail = "599172797645-dthli52ji7j0j53gacmqigvs694bu7vs@developer.gserviceaccount.com";
    var credential = new ServiceAccountCredential(new ServiceAccountCredential.Initializer(serviceEmail)
    {
        Scopes = new[] { GmailService.Scope.MailGoogleCom, GmailService.Scope.GmailCompose, GmailService.Scope.GmailModify, GmailService.Scope.GmailSend },
        User = "mypersonalemail@gmail.com"
    }.FromCertificate(certificate));
    var applicationName = ConfigurationManager.AppSettings["ApplicationName"];
    var service = new GmailService(new BaseClientService.Initializer()
    {
        HttpClientInitializer = credential,
        ApplicationName = applicationName,
     });
     return service;
}

但是当我尝试测试这个请求草稿列表的客户端时:

ListDraftsResponse draftsResponse = _gmailService.Users.Drafts.List("mypersonalemail@gmail.com").Execute();

然后我得到错误:

"Error:'"unauthorized_client'", Description:'"Unauthorized client or scope in request.'", Uri:'"'"" string

我已经用 mypersonalemail@gmail.com 登录了 Google 开发者控制台

API 管理器> 权限>添加服务帐户所有者 添加"mypersonalemail@gmail.com"作为服务电子邮件所有者(可能是多余的)

我是否需要 Google Apps for Work 才能通过服务帐号从我自己的 Gmail 帐户发送/阅读电子邮件?我的应用当前作为 Web 应用程序托管在 Azure 中。

Google API - 日历 API 正在运行,但 Gmail API 返回“unauthorized_client”

检查这个

并确保您访问谷歌。用于引用服务帐户的管理员帐户 您创建的应用的客户端 ID,时区采用以下格式"美国/凤凰城"。

相关文章: