CODEWITHSUNDEEP
phpgoogle-cloud-platformgoogle-postmaster
Evgen Test
Evgen Test

Reputation: 1

Why does the Google Cloud Postmaster API return an empty array?

I have a service account.

I wrote a PHP script that receives a token:

<?php

require_once 'JWT_1.php';
require_once 'JWT_KEY_1.php';

use Firebase\JWT\JWT;
use Firebase\JWT\Key;

$privateKey = <<<EOD
-----BEGIN PRIVATE KEY-----
someKey
-----END PRIVATE KEY-----
EOD;

$publicKey = <<<EOD
-----BEGIN PUBLIC KEY-----
someKey
-----END PUBLIC KEY-----
EOD;

$payload = array(
  "iss" => "[email protected]",
  "scope" => "https://www.googleapis.com/auth/postmaster.readonly",
  "aud" => "https://oauth2.googleapis.com/token",
  "exp" => (time() + 600),
  "iat" => time()
);

$jwt = JWT::encode($payload, $privateKey, 'RS256');

$urlToken = 'https://oauth2.googleapis.com/token';
$url = 'https://gmailpostmastertools.googleapis.com/v1/domains';

$payloadToken = array(
  "grant_type" => "urn:ietf:params:oauth:grant-type:jwt-bearer",
  "assertion" => $jwt
);

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $urlToken);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $payloadToken);
// Timeout in seconds
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
$tokenAnswer = json_decode(curl_exec($ch), true);
$token = $tokenAnswer['access_token'];
curl_close($ch);

$ch = curl_init();
$headers = array(
  'Authorization: Bearer ' . $token,
  'Accept: application/json'
);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_ENCODING , "");
// Timeout in seconds
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
echo curl_exec($ch);

When trying to get a list of domains, https://gmailpostmastertools.googleapis.com/v1/domains, the response is an empty array.

At the same time, if I do a test check of the method, I get a list: https://i.sstatic.net/kkvcS.png

What may the problem be?

Upvotes: 0

Views: 386

Answers (2)

MartinOrz
MartinOrz

Reputation: 1

Menu

Manage Users -> adduser(+) -> input your service account email

Upvotes: -1

John Hanley
John Hanley

Reputation: 81416

You are using two different identities. Only one of the identities will fetch the list of domains. You are authenticating with a service account. The domains are registered to a user's identity. Since the service account does not have a registered domain, the list is empty.

The solution is to use a user's identity to authorize this API call. That means using Google OAuth 2.0

The Postmaster Tools API states:

All requests to the Postmaster Tools API must be authorized by an authenticated user.

Authorizing requests with OAuth 2.0

Upvotes: 0

Related Questions