创建服务帐户并授予域范围授权是否应该能够访问我的doamin中的所有课程和作业?我是域管理员并创建了服务帐户。但是,当我执行代码时,它不会返回任何结果。当我直接从“参考”页面运行相同的请求时,它会返回数据。
<?php
/*
* Copyright 2013 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
include_once __DIR__ . '/../vendor/autoload.php';
include_once "templates/base.php";
echo pageHeader("Service Account Access");
//putenv('/GOOGLE_APPLICATION_CREDENTIALS = service-account-credentials.json');
/************************************************
Make an API request authenticated with a service
account.
************************************************/
$client = new Google_Client();
/************************************************
ATTENTION: Fill in these values, or make sure you
have set the GOOGLE_APPLICATION_CREDENTIALS
environment variable. You can get these credentials
by creating a new Service Account in the
API console. Be sure to store the key file
somewhere you can get to it - though in real
operations you'd want to make sure it wasn't
accessible from the webserver!
Make sure the Books API is enabled on this
account as well, or the call will fail.
************************************************/
putenv('GOOGLE_APPLICATION_CREDENTIALS= ../../../public/service-account-credentials.json');
$client->useApplicationDefaultCredentials();
if ($credentials_file = checkServiceAccountCredentialsFile()) {
// set the location manually
$client->setAuthConfig($credentials_file);
} elseif (getenv('GOOGLE_APPLICATION_CREDENTIALS')) {
// use the application default credentials
$client->useApplicationDefaultCredentials();
} else {
echo missingServiceAccountDetailsWarning();
return;
}
$client->setApplicationName("Google-Classroom");
$client->setScopes(['https://www.googleapis.com/auth/classroom.courses.readonly']);
$service = new Google_Service_Classroom($client);
/************************************************
We're just going to make the same call as in the
simple query as an example.
************************************************/
$optParams = array('pageSize' => 10,'studentId'=>'childressda@lcsedu.net');
$results = $service->courses->listCourses($optParams);
if (count($results->getCourses()) == 0) {
print "No courses found.\n";
} else {
echo "<h3>Results Of Call:</h3>";
foreach ($results as $course){
echo $course->getName();
echo"<br />";
}
}
pageFooter(__FILE__);
?>
答案 0 :(得分:0)
域范围委派要求您指定您希望代理的域用户。它也不适用于应用程序默认凭据(内置于AppEngine和Compute Engine服务的服务帐户),您需要在项目中手动创建SA。假设您正在使用您创建的SA(凭证文件),请尝试添加:
$user_to_impersonate = "admin@yourdomain.com";
$client->setSubject($user_to_impersonate);