Reputation: 417
Google Calendar API service account authorization not working
I am trying to authorize my app with google's API for google calendar using a service account. Now I have encountered a problem where, for some reason, the credentials are not being loaded.
This is my authorization code:
scopes = 'https://www.googleapis.com/auth/calendar'
authorization = Google::Auth.get_application_default(scopes)
cal = Google::Apis::CalendarV3::CalendarService.new
cal.authorization = authorization
cal.authorization.fetch_access_token!
Here is the error message that I'm getting:
I have the client_secrets.json file in my ENV variables as described in google's docs. I also have each element from that file as an ENV variable as it is specified in the google auth source code.
Can anyone offer any insight on getting the authorization working?
Upvotes: 0
Views: 1109
Answers (2)
Reputation: 11
Ran into a similar problem. Did you authorize the service account's email address on your calendar? Just go to the google calendar, hover over the name and then under sharing, add the email address of the service account with the appropriate permissions. That solved the problem for me.
Upvotes: 1
Reputation: 8112
It is strongly encouraged in Using OAuth 2.0 for Server to Server Applications that you use libraries, such as the Google APIs client libraries.
As discussed in Creating a service account,
If your application doesn't run on Google App Engine or Google Compute Engine, you must obtain these credentials in the Google API Console. To generate service-account credentials, or to view the public credentials that you've already generated, do the following:
- Open the Service accounts page. If prompted, select a project.
- Click Create service account.
- In the Create service account window, type a name for the service account, and select Furnish a new private key. If you want to grant G Suite domain-wide authority to the service account, also select Enable G Suite Domain-wide Delegation. Then click Create.
Your new public/private key pair is generated and downloaded to your machine; it serves as the only copy of this key. You are responsible for storing it securely.
Furthermore, I also suggest that you please visit Google Application Default Credentials for a more detailed information regarding default credentials.
For Ruby, default credentials are provided by the Google APIs Client Library for Ruby, versions 0.1.0 and newer. In calling the application default credentials in application code, import the googleauth gem, then pass the scopes you need to access to Google::Auth.get_application_default:
require 'googleauth'
scopes = ['https://www.googleapis.com/auth/cloud-platform', 'https://www.googleapis.com/auth/devstorage.read_only']
authorization = Google::Auth.get_application_default(scopes)
Then, use the credentials to access an API service as follows:
require "google/apis/storage_v1"
storage = Google::Apis::StorageV1::StorageService.new
storage.authorization = authorization
Hope that helps!
Upvotes: 0
Related Questions
- How do I authorize a service account for Google Calendar API in Ruby?
- Google calendar v3 returns 403 Insufficient Permission
- Access Google Calendar API after setting up omniauth in rails
- Trying to get a service account to work with google calendar API, ruby, calendar.insert_event error
- Can't impersonate on a service-to-service oauth request to google calendar api in ruby
- Invalid json error when trying to query google calendar api with access token from Ruby on Rails application
- Google Calendar Service Account API leads to invalid grant
- "Missing authorization code" error when trying to use Google Calendar API
- Google Calendar Data API Integration
- Google Calendar Ruby API