Google日历-访问权限 [英] Google Calendar - Permission to Access
问题描述
是否可以创建一个应用程序,该应用程序可以发送请求以访问用户的Google日历,以便我可以在那里查看事件并可以添加,编辑和删除事件?
Is it possible for me to create an application that can send our requests to access to users' Google Calendar so that I can see the events in there and be able to add, edit, and delete events?
我不希望用户登录我的网站以启用此访问权限.相反,我希望能够通过电子邮件发送此请求.
I do not want the users to log into my website to enable this access. Rather, I want to be able to send this request, perhaps via email.
或者,他们也许可以登录Web应用并以某种方式授权自己访问.
Alternatively, perhaps they could log in the web app and authorize access themselves somehow.
推荐答案
一种选择是通过电子邮件向用户发送OAuth 2.0同意屏幕的链接.用户仍然需要在浏览器中打开链接,登录其Google帐户(如果尚未登录),然后单击授权"按钮以授予您的应用程序对其Google日历事件的访问权限.
One option would be to e-mail the user a link to the OAuth 2.0 consent screen. The users would still need to open the link in a browser, sign in to their Google account (if not already signed in), and click the "Authorize" button to grant your application access to their Google calendar events.
首先,您需要在Google开发者控制台中将您的应用程序注册为Web应用程序(就像其他任何应用程序一样)并获得client_id.请务必在"OAuth同意屏幕"部分中填写您的应用程序名称和指向您网站的链接,因为当用户单击授权链接时,这些值将显示给您的用户.
First, you will need to register your application as a Web App in Google's Developer Console (just like for any other application) and obtain a client_id. Be sure to fill in the name of your application and a link to your website in the "OAuth consent screen" section, because these values will be shown to your users when they click the authorization link.
然后,请按照下列步骤操作:
Then, follow these steps:
-
在HTML电子邮件中向用户发送授权链接.链接应根据重定向到Google的OAuth 2.0服务器" ,并注意以下几个方面:
Send the user an authorization link in an HTML e-mail message. The link should be constructed according to the guidelines in "Redirecting to Google's OAuth 2.0 server", and pay attention to the following aspects:
- 确保授权链接中的
redirect_uri参数指向您的应用程序. - 由于您已经知道用户的电子邮件地址,因此请考虑添加
login_hint=<email address>参数以绕过帐户选择屏幕. - 重要提示:在
state参数中提供一个值,以便您可以将此授权请求与用户链接. - 链接应放置在电子邮件正文中的
<a>标记中:<a href="{auth_url}">Allow access to my Google calendar</a>
- Ensure that the
redirect_uriparameter in the authorization link points to your application. - Since you already know the e-mail address of the user, consider including the
login_hint=<email address>parameter to bypass the account selection screen. - Important: provide a value in the
stateparameter so that you can link this authorization request with the user. - The link should be placed in an
<a>tag somewhere in the body of the e-mail:<a href="{auth_url}">Allow access to my Google calendar</a>
当用户单击此链接时,他们的浏览器将打开并显示标准的Google同意屏幕:
When the user clicks on this link, their browser will open and show the standard Google consent screen:
用户做出选择后,他们的浏览器将被重定向到您提供的redirect_uri.
Once the user has made a choice, their browser will be redirected to the redirect_uri which you have provided.
即使用户未登录到应用程序,也请确保redirect_uri将正常运行.捕获Google附加到redirect_uri的state和authorization_code值,然后返回一个确认页面(例如谢谢您允许我们访问您的Google日历" 想法).
Make sure that the redirect_uri will work even if the user isn't signed in to your application. Capture the state and authorization_code values which Google appends to the redirect_uri, and then return a confirmation page (e.g. "Thank you for giving us access to your Google calendar" would be a good idea).
使用state和authorization_code值,遵循标准的OAuth 2.0流程的其余部分,并检索refresh_token,这将使您可以从应用程序访问用户的Google日历.
Using the state and authorization_code values, follow the rest of the standard OAuth 2.0 flow and retrieve a refresh_token which will allow you to access the user's Google calendar from your application.
请记住,日历所有者(单击电子邮件中的链接并授予您的应用程序同意访问日历的用户)甚至可能不是您的应用程序用户.这就是为什么在同意屏幕和确认页面上提供尽可能多的信息很重要的原因.
Keep in mind that the calendar owner (the user who is clicking the link in the e-mail and granting your application consent to access the calendar) may not even be a user of your application. This is why it is important to provide as much information as possible on the consent screen and in the confirmation page.
由于即使用户未同意您的申请,也会加载确认页面 ,因此您可以借此机会向用户提供有关您为什么要求访问其日历的完整说明.并提供将其带回到同意屏幕的链接.这样可以提高您的成功率.
Since your confirmation page will be loaded even if the user does not grant your application consent, you could take the opportunity to give the user a full description of why you are asking for access to their calendar and provide a link that will take them back to the consent screen. This should increase your success rate.
这篇关于Google日历-访问权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
