从另一个Google WebApp的Google WebApp获取JSON对象 [英] Fetch JSON object from Google WebApp from another Google WebApp

问题描述

我有两个Google电子表格，每个电子表格都附加了一些Apps脚本.最终，我希望将两者都部署为WebApp，以便它们可以通过其公共URL相互通信.目前，我仅部署了其中一个，因此可以测试此功能.

I have two Google Spreadsheets, each of which with some Apps Script attached. Eventually I want to deploy both as WebApps so they can communicate with one another through their public URLs. For now, I have only deployed one of them so I can test this functionality.

我们将脚本A称为部署为WebApp的脚本，将脚本B称为尝试向脚本A的URL发送请求的脚本.此处的目标是脚本A将JSON对象返回到脚本B.

We'll call Script A the one that's deployed as a WebApp and Script B the one that is trying to send a request to Script A's URL. The goal here is for Script A to return a JSON object to Script B.

在脚本A中，我有以下代码:

In Script A, I have this code:

function doGet(request) {
  var data = [[1, 2, 3], [4, 5, 6]]; //dummy JSON object

  return ContentService.createTextOutput(JSON.stringify(data))
    .setMimeType(ContentService.MimeType.JSON);
}

在脚本B中，我有以下代码:

In Script B, I have this code:

function pullJSON(URL) {  
  var data = UrlFetchApp.fetch(URL, {"contentType": "application/json"});
Logger.log(data);
}

当我访问脚本A的执行URL时，我得到一个JSON对象.但是，当我在脚本B中运行 pullJSON()(向其提供相同的URL)时，记录器会显示一个长的HTML文件，其中填充了元数据(当我在浏览器中查看该文件时，没有可见的内容).我对为什么会这样感到困惑...我知道有一些重定向返回JSON，但是据我了解， UrlFetchApp.fetch()方法默认为遵循所有方法重定向.

When I access Script A's exec URL, I get a JSON object. However, when I run pullJSON() in Script B (feeding it the same URL), the Logger shows a long HTML file filled with metadata (there's no visible content when I view it in my browser). I'm confused as to why this is the case...I know there are a couple of redirects to return JSON, but it is my understanding that the UrlFetchApp.fetch() method defaults to following all redirects.

这可能是OAuth问题吗?脚本A已发布为以用户访问该应用程序的身份运行，尽管我也尝试过以自己的身份运行它.

Could this be an OAuth issue? Script A is published to run as User Accessing the App, though I also tried running it as me.

有想法吗?

推荐答案

当您将脚本部署为网络应用程序以作为服务运行时，您只能使用.exec url和urlFetch进行调用，因为开发url(一个以.dev结尾的)只能由您访问，该请求不是来自您，而是来自Google.

When you deploy a script as a webapp to run as a service you can only use the .exec url to call it with urlFetch because the development url (the one ending with .dev) is only accessible by you and the request does not come from you but from Google.

我部署了您的示例并使用您的代码对其进行了测试，如下所示:

I deployed your example and tested it with your code as follows :

function pullJSON(URL) {  
  var URL = "https://script.google.com/macros/s/AKfycbzqRgv1XfUUrAimvD31OXx89GdhjeBd45SBODaq1c7bkGVusio/exec"
  var data = UrlFetchApp.fetch(URL, {"contentType": "application/json"});
Logger.log(data);
}

结果符合预期:

由于该应用程序以像我一样运行"的方式部署，并且任何人都可以访问，甚至可以匿名进行.

You can test it yourself since the app is deployed as "run as me" and accessible to anyone even anonymous.

如果要限制其访问，则必须在URL中添加一些参数，并在服务器Web应用程序中处理这些参数以检查请求的来源.

If you want to restrict its access you'll have to add some parameters to the URL and handle these parameters in your server webapp to check the origin of the request.

像这样简单地将参数添加到url中:

Parameters are simply added to the url like this :

 var data = UrlFetchApp.fetch(URL+"?user=serge&secret=secretcode", {"contentType": "application/json"});

然后在服务器脚本中按如下所示进行检查:

then in your server script check it like this :

var user = request.parameter.user;
var secret = request.parameter.secret;

您将获得用户和机密.

:这是带有安全控制的两个脚本的完整示例:

EDIT : here is a complete example of both scripts with a security control :

webapp:

function doGet(e) {
  var data = [[1, 2, 3], [4, 5, 6]]; //dummy JSON object
  if(e.parameter.user=='serge'&&e.parameter.secret=='secretcode'){
    return ContentService.createTextOutput(JSON.stringify(data))
    .setMimeType(ContentService.MimeType.JSON);
  }else{
    return ContentService.createTextOutput('You are not allowed to get this result, user should be '+e.parameter.user+' and code should be '+e.parameter.secret)
    .setMimeType(ContentService.MimeType.TEXT);
  }
}

和测试脚本:

function pullJSONSecure() {  
  var URL = "https://script.google.com/macros/s/AKfycbyzoFbcjTXMCALTOlscwAZP6gY1mWc1mkbWb84LYO-qeQk16xw/exec"
 var data = UrlFetchApp.fetch(URL+"?user=serge&secret=secretcode", {"contentType": "application/json"});
  Logger.log(data);
}

如果您尝试使用此脚本并更改用户名或密码，将会看到发生的情况.

If you try this script and change the user name or the password you will see what happens.

部署参数:

这篇关于从另一个Google WebApp的Google WebApp获取JSON对象的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！