无法使用服务帐户查询Google Search Console API [英] Unable to query Google Search Console API using a Service Account

问题描述

我需要使用服务帐户从Google Search Console(网站站长工具)中检索一些数据.

I need to retrieve some data from Google Search Console (Webmaster Tools) using a service account.

到目前为止，我已经能够为服务帐户检索一个access_token，我需要将其附加到请求的url上.问题是我找不到方法，这是我正在使用的代码:

So far I've been able to retrieve an access_token for the service account which I need to append to the url of the request. The problem is that I can't find a way to do so, this is the code i'm using:

function retrieveSearchesByQuery(token)
    {
        gapi.client.webmasters.searchanalytics.query(
        {
            'access_token': token,
            'siteUrl': 'http://www.WEBSITE.com',
            'fields': 'responseAggregationType,rows',
            'resource': {
                'startDate': formatDate(cSDate),
                'endDate': formatDate(cEDate),
                'dimensions': [
                    'date'
                ]
            }
        })
        .then(function(response) {
            console.log(response);
        })
        .then(null, function(err) {
            console.log(err);
        });
    }

这是函数调用的网址:

https://content.googleapis.com/webmasters/v3/sites/http%3A%2F%2Fwww.WEBSITE.com/searchAnalytics/query?fields=responseAggregationType%2Crows&alt=json"

相反，它应该是这样的:

Instead it should be something like this:

https://content.googleapis.com/webmasters/v3/sites/http%3A%2F%2Fwww.WEBSITE.com/searchAnalytics/query?fields=responseAggregationType%2Crows&alt=json&access_token=XXX"

gapi.client.webmasters.searchanalytics.query无法将'access_token'识别为有效键，因此不会将其附加到url，这就是为什么我得到401 Unauthorized作为响应的原因.

The gapi.client.webmasters.searchanalytics.query doesn't recognize 'access_token' as a valid key thus it doesn't append it to the url and that's why I get a 401 Unauthorized as response.

如果我使用'key'而不是'access_token'，该参数将附加到url上，但是'key'用于OAuth2身份验证，因此我传递的服务帐户令牌无效.

If I use 'key' instead of 'access_token' the parameter gets appended to the url but 'key' is used for OAuth2 authentication so the service account token I pass is not valid.

有人对此有解决方案或解决方法吗?

Does anyone have a solution or a workaround for this?

推荐答案

如果您的应用程序请求私有数据，则该请求必须由有权访问该数据的经过身份验证的用户授权.根据Search Console API(您的应用程序)的文档中的规定必须使用OAuth 2.0来授权请求​​.不支持其他授权协议.

If your application requests private data, the request must be authorized by an authenticated user who has access to that data. As specified in the documentation of the Search Console API, your application must use OAuth 2.0 to authorize requests. No other authorization protocols are supported.

如果您的应用是配置正确的，则在使用Google API，经过身份验证的请求看起来与未经身份验证的请求完全相同.如文档中所述，如果应用程序已收到OAuth 2.0令牌，JavaScript客户端库会自动将其包含在请求中.

If you application is correctly configured, when using the Google API, an authenticated request looks exactly like an unauthenticated request. As stated in the documentation, if the application has received an OAuth 2.0 token, the JavaScript client library includes it in the request automatically.

您所提到的是，您已经检索到access_token，如果正确接收到，则API客户端会自动为您发送此令牌，而您不必自己添加它.

You're mentioning that you have retrieved an access_token, if correctly received, the API client will automatically send this token for you, you don't have to append it yourself.

一个非常基本的工作流进行身份验证，一旦身份验证，发送请求将类似于以下代码. Search Console API可以使用以下范围:https://www.googleapis.com/auth/webmasters和https://www.googleapis.com/auth/webmasters.readonly.

A very basic workflow to authenticate and once authenticated, send a request would looks like the following code. The Search Console API can use the following scopes: https://www.googleapis.com/auth/webmasters and https://www.googleapis.com/auth/webmasters.readonly.

var clientId = 'YOUR CLIENT ID';
var apiKey = 'YOUR API KEY';
var scopes = 'https://www.googleapis.com/auth/webmasters';

function auth() {
  // Set the API key.
  gapi.client.setApiKey(apiKey);

  // Start the auth process using our client ID & the required scopes.
  gapi.auth2.init({
      client_id: clientId,
      scope: scopes
  })
  .then(function () {
    // We're authenticated, let's go...
    // Load the webmasters API, then query the API
    gapi.client.load('webmasters', 'v3')
      .then(retrieveSearchesByQuery);
  });
}

// Load the API client and auth library
gapi.load('client:auth2', auth);

这时，您的retrieveSearchesByQuery函数将需要修改，因为它不再需要通过参数来获取令牌才能在查询中传递它. JavaScript客户端库应将其自动包含在请求中.

At this point, your retrieveSearchesByQuery function will need to be modified since it doesn't need to get a token by argument anymore in order to pass it in the query. The JavaScript client library should include it in the request automatically.

您还可以使用 API资源管理器检查特定查询支持哪些参数并检查相关请求.

You can also use the API Explorer to check what parameters are supported for a specific query and check the associated request.

如果您需要使用外部生成的访问令牌(服务帐户就是这种情况)，则需要使用

If you need to use an externally generated access token, which should be the case with a Service Account, you need to use the gapi.auth.setToken method to sets the OAuth 2.0 token object yourself for the application:

gapi.auth.setToken(token_Object);

这篇关于无法使用服务帐户查询Google Search Console API的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！