php - "Access denied" exception is thrown, though the account has access -


i'm using service account delegate domain wide security in order pull user listing our google apps education instance via directory api , php client library.

i'm service account has correct security because it's able pull listing using api reference's "try it" feature.

so, @ point, pointing toward issue code can't seem figure out where:

<?php require 'vendor/autoload.php';  $clientemail = '<>@developer.gserviceaccount.com'; $privatekey = file_get_contents(__dir__ . '/access.p12'); $scopes = array(     'https://www.googleapis.com/auth/admin.directory.user.readonly', );  $credentials = new google_auth_assertioncredentials($clientemail, $scopes, $privatekey); $credentials->sub = 'service.account@my.domain';  $client = new google_client(); $client->setassertioncredentials($credentials);  if ($client->getauth()->isaccesstokenexpired())  {     $client->getauth()->refreshtokenwithassertion(); }  $directory = new google_service_directory($client);  $result = $directory->users->listusers(array('domain' => 'my.domain'));  var_dump($result);

the code above throws following error:

fatal error: uncaught exception 'google_auth_exception' message 'error refreshing oauth2 token, message: ' in c:\wamp\www\quick\vendor\google\apiclient\src\google\auth\oauth2.php on line 358  google_auth_exception: error refreshing oauth2 token, message: '{   "error" : "access_denied",   "error_description" : "requested client not authorized." }' in c:\wamp\www\quick\vendor\google\apiclient\src\google\auth\oauth2.php on line 358  call stack:     0.0010     132792   1. {main}() c:\wamp\www\quick\index.php:0     0.0260    1060248   2. google_auth_oauth2->refreshtokenwithassertion() c:\wamp\www\quick\index.php:18     0.9230    1163560   3. google_auth_oauth2->refreshtokenrequest() c:\wamp\www\quick\vendor\google\apiclient\src\google\auth\oauth2.php:309

the call stack should identify specific line error occurred. note second line in stack seems point line 18 of script, code indeed relates oauth verification:

$client->getauth()->refreshtokenwithassertion();

in other words, when try refreshtokenwithassertion, google says "access_denied because requested client not authorized". if you're trying identify in script hit error, think should answer question.

if want figure out why got error, i'd google searches refreshtokenwithassertion plus error message , see if find other developers working through similar problem. example doing google search found this other page on so may you.

good luck!


Comments

Post a Comment

Popular posts from this blog

android - MPAndroidChart - How to add Annotations or images to the chart -

i working latest mpandroidchart library , looking way add annotations or images clickable. example: once data reaches value event occurs want able display user - there multiple events can occur annotations (not sure if right word) or image added @ point in chart. any pointers welcome. check documentation of yaxis . focus on setspacetop(...) , setaxismaxvalue(...) methods. for background: bar-shadow , disable calling: barchart.setdrawbarshadow(false) or change color: bardataset.setbarshadowcolor(int color)
Read more

javascript - Add class to another page attribute using URL id - Jquery -

i have attached id url. ex: when click link 1 , has #tab-2 id , takes me landing page. in landing page have find element has #tab-2 id have add class .active . i tried no luck. please 1 correct code. thanks js fiddle link html <div class="menu"> <ul> <li><a href="http://jsfiddle.net/gscyoa0j/1/#tab-2">link 1</a></li> <li><a href="http://jsfiddle.net/gscyoa0j/1/#tab-44">link 2</a></li> <li><a href="http://jsfiddle.net/gscyoa0j/1/#tab-74">link 3</a></li> </ul> </div> landing page <div class="tab"> <ul> <li><a id="tab-2" class="active" >link 1 content</a></li> <li><a id="tab-44" >link 2 content</a></li> <li><a id="tab-74" >link 3 content</a></l...
Read more

firefox - Where is 'webgl.osmesalib' parameter? -

i'm trying webgl running on firefox (v37.0.2) via software acceleration mesa. tried following steps have been stated in article: http://www.binarytides.com/enable-webgl-firefox-ubuntu/ however, unable find parameter named ' webgl.osmesalib ' in about:config section? has been removed (or renamed)? if yes, how should instruct firefox use mesa's software acceleration webgl? looks support osmesa removed in favour llvmpipe.
Read more