应用引擎调用Google API python客户端返回403与@oauth_required [英] App engine call to Google API python client return 403 with @oauth_required

问题描述

我需要从Gae调用Google Calendar API;这是一个简单的工作，但我无法解决。因此我按照Google文档和示例设置了所有内容：

我有一个 /auth.py ：

  CLIENT_SECRETS = os.path.join（os.path.dirname（__ file__），'client_secrets.json'）
 SCOPES = [
'https://www.googleapis.com/auth/calendar'，
] 
 decorator = appengine.OAuth2DecoratorFromClientSecrets（
 filename = CLIENT_SECRETS，
 scope = SCOPES，
 cache = memcache，
 prompt ='consent'，
）
  

由 main.py 函数调用：

  （b $ auth.decorator.oauth_aware 
 def get（self）：
如果auth.decorator.has_credentials（）：
 self.redirect（' / in'）
 else：
 self.response.out.write（'''
 etc. {}'''。format（auth.decorator.authorize_url（）））
 
 class Main（webapp2.RequestHandler）：
 @ auth.decorator.oauth_required 
 def get（self）：
 links = {...} 
 render（self，'base.html'，template_values = links）
 $ b $ class Calendar webapp2.RequestHandler）：
 @ auth.decorator.oauth_required 
 def get（self）：
 service = build（'calendar'，'v3'，http = auth.decorator.http（） ）
 api_request = service.events（）。list（calendarId ='primary'）
 api_response = api_request.execute（）
 self.response.headers ['Content-Type'] ='应用/ JSON; charset = utf-8'
 self.response.out.write（json.dumps（api_response，indent = 4））
 $ b $ class PutEvent（webapp2.RequestHandler）：
 @ auth.decorator.oauth_required 
 def post（self）：
＃... 
＃http = httplib2.Http（memcache）
 service = build（'calendar'，'v3 '）＃，http = http）
 
 api_response = [] 
 for i in json.loads（self.request.get（'events'））：
＃.. 。
 event = {...}＃Google Calendar event 
 api_request = service.events（）。insert（calendarId ='primary'，body = scadenza）
 api_response.append（api_request。执行（http = auth.decorator.http（）））
 
 self.response.headers ['Content-Type'] ='application / json; charset = utf-8'
 self.response.out.write（json.dumps（api_response，indent = 4））
  

正如你所看到的，这是一个非常简单的 post ，由Ajax jQuery调用（ $。post（'{ {putEvent_url}}'，jsonData，function（data）{console.log（data）;}） ...

在开发服务器中，使用 test @ example 用户，并且该应用有权访问我的个人帐户的Google日历。

<对我来说奇怪的是，对Calendar（）的任何调用都按预期工作，但对PutEvent（）的调用以ERROR 500结束。

寻找到控制台回溯的结尾：

 文件/ home / pierpaolo / Devnos /whiterabbit/include/oauth2client/contrib/appengine.py，第644行，check_oauth 
 resp = method（request_handler，* args，** kwargs）
文件/ home / pierpaolo / Devnos / whiterabbit /main.py第211行，在
 api_response.appen文件中d（api_request.execute（http = auth.decorator.http（）））
文件/home/pierpaolo/Devnos/whiterabbit/include/oauth2client/_helpers.py，第133行，位置定位器
返回包装（* args，** kwargs）
文件/home/pierpaolo/Devnos/whiterabbit/include/googleapiclient/http.py，第838行，执行
引发HttpError（resp，content， uri = self.uri）
 HttpError：< HttpError 403在请求https://www.googleapis.com/calendar/v3/calendars/primary/events?alt=json时返回Forbidden> 
 INFO 2017-01-04 15:13:32,385 module.py:788] default：POST / api / put / scadenze HTTP / 1.1500  -  
  

我无法理解

HttpError：https：//www.googleapis.com/日历/ v3 /日历/主要/事件？alt = json返回禁止>

在我看来，我已经授予应用程序访问我的帐户并且Google App Engine装饰器已按照 https://developers.google.com/api-client-library/python/guide/google_app_engine ...

编辑：
我在想，如果我的问题可能与我称之为Google Calendar API的方式有关：

  HTML / JS GAE / Py 
 + ------------------ + 
 | | 
 | <形式> | 
 | ...数据| 
 | < \ JS / Ajax | 
 | $ .post（... data |  - > GAE / main.py 
 | | @ auth.decorator.oauth_required 
 | | def post（self，data）：
 +  - ----------------- + event = elaborate（data）
 service = build（'calendar'，'v3'）
 api_request = service.events（ ）
 .insert（calendarId ='primary'，
 body = event）
 api_response = api_request 
 .execute（auth.decorator 
 .http（））
 self.response（api_response）
  

编辑3：
我看了一下oauth2client.contrib.appengine，并且在这里和那里添加了一些 logger.debug ：我认为问题可能出现在 execute（http = decorator.http（））调用，但它在我的其他处理程序中是一样的！无论是位置，关键字，也没有把authrized Http服务 build 改变了不正当行为......

我也不能看到什么问题可能会造成 _helpers.py，第133行，位于positions_wrapper ...

亲爱的，实际上，我可以插入Acl和/或在同一个RequestHandler中插入一个辅助日历，以引发Forbidden （）。insert（）...！

解决方案

显然，问题是尝试插入全天事件 endTimeUnspecified：True ...

我在google-api- python-client GitHub跟踪器： https://github.com/google/ google-api-python-client / issues / 334 。

也许有人会研究它或发布更准确的答案。
$ b

Tha大家都来。

It should be a trivial job but i cannot get it out.

I need to call the Google Calendar API from Gae; thus I set all up as per Google docs and examples:

I've an /auth.py:

CLIENT_SECRETS = os.path.join(os.path.dirname(__file__), 'client_secrets.json')
SCOPES = [
    'https://www.googleapis.com/auth/calendar',
]
decorator = appengine.OAuth2DecoratorFromClientSecrets(
    filename=CLIENT_SECRETS,
    scope=SCOPES,
    cache=memcache,
    prompt='consent',
)

called by main.py functions:

class Landing(webapp2.RequestHandler):
    @auth.decorator.oauth_aware
    def get(self):
        if auth.decorator.has_credentials():
            self.redirect('/in')
        else:
            self.response.out.write('''
            etc. {}'''.format(auth.decorator.authorize_url()))

class Main(webapp2.RequestHandler):
    @auth.decorator.oauth_required
    def get(self):
        links = { ... }
        render(self, 'base.html', template_values=links)

class Calendar(webapp2.RequestHandler):
    @auth.decorator.oauth_required
    def get(self):
        service = build('calendar', 'v3', http=auth.decorator.http())
        api_request = service.events().list(calendarId='primary')
        api_response = api_request.execute()
        self.response.headers['Content-Type'] = 'application/json; charset=utf-8'
        self.response.out.write(json.dumps(api_response, indent=4))

class PutEvent(webapp2.RequestHandler):
    @auth.decorator.oauth_required
    def post(self):
        # ...
        # http = httplib2.Http(memcache)
        service = build('calendar', 'v3') #, http=http)

        api_response = []
        for i in json.loads(self.request.get('events')):
            # ...
            event = { ... } # Google Calendar event
            api_request = service.events().insert(calendarId='primary', body=scadenza)
            api_response.append(api_request.execute(http=auth.decorator.http()))

        self.response.headers['Content-Type'] = 'application/json; charset=utf-8'
        self.response.out.write(json.dumps(api_response, indent=4))

As you can see this is a fairly simple post requested by an Ajax jQuery call ($.post('{{ putEvent_url }}', jsonData, function( data ){ console.log(data); })...

I'm in the development server, using test@example user, and the app is authorized to access my personal account's Google Calendar.

Strange thing to me is that any call to Calendar() works as expected, but call to PutEvent() end in ERROR 500.

Looking to the end of the traceback in console:

  File "/home/pierpaolo/Devnos/whiterabbit/include/oauth2client/contrib/appengine.py", line 644, in check_oauth
    resp = method(request_handler, *args, **kwargs)
  File "/home/pierpaolo/Devnos/whiterabbit/main.py", line 211, in post
    api_response.append(api_request.execute(http=auth.decorator.http()))
  File "/home/pierpaolo/Devnos/whiterabbit/include/oauth2client/_helpers.py", line 133, in positional_wrapper
    return wrapped(*args, **kwargs)
  File "/home/pierpaolo/Devnos/whiterabbit/include/googleapiclient/http.py", line 838, in execute
    raise HttpError(resp, content, uri=self.uri)
HttpError: <HttpError 403 when requesting https://www.googleapis.com/calendar/v3/calendars/primary/events?alt=json returned "Forbidden">
INFO     2017-01-04 15:13:32,385 module.py:788] default: "POST /api/put/scadenze HTTP/1.1" 500 -

I cannot understand the

HttpError: https://www.googleapis.com/calendar/v3/calendars/primary/events?alt=json returned "Forbidden">

it looks to me I already granted the app access to my account and that Google App Engine decorators have been correctly put in place to make the OAuth2.0 thing as per https://developers.google.com/api-client-library/python/guide/google_app_engine...

EDIT: I was wondering if my trouble can be related to the way i call Google Calendar API:

     HTML/JS            GAE/Py
+------------------+
|                  |
| <form>           |
|   ...data        |
| <\JS/Ajax        |
|   $.post(...data |  -->  GAE/main.py
|                  |         @auth.decorator.oauth_required
|                  |         def post(self, data):
+------------------+           event = elaborate(data)
                               service = build('calendar', 'v3')
                               api_request = service.events()
                                             .insert(calendarId='primary',
                                                     body=event)
                               api_response = api_request
                                              .execute(auth.decorator
                                                           .http())
                               self.response(api_response)

EDIT 3: I looked a bit into oauth2client.contrib.appengine and I added some logger.debug here and there: I think the problem could be in execute(http=decorator.http()) call, but it is the same in my other handlers! Neither positional nor keyword nor put authrized Http in service build changes the misbehaviour...

Nor can I see what problem may pose _helpers.py", line 133, in positional_wrapper...

Dear all, some hint on how to research further?

Actually, I can insert Acl and/or insert a secondary calendar in the same RequestHandler that throws Forbidden exception with events().insert()...!

解决方案

Apparently, the problem is to try to insert an all-day event with endTimeUnspecified: True...

I opened an issue on google-api-python-client GitHub tracker: https://github.com/google/google-api-python-client/issues/334.

Maybe someone will look into it or post a more precise answer.

Thank you all.

这篇关于应用引擎调用Google API python客户端返回403与@oauth_required的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！