{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 祖国的老花朵 的问题《Authenticating Google API with a service account u》','https://www.manongdao.com/q-599820.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I do not want to use Google APIs Client Library for Python, but still want to access Google API in Python using Oauthlib.
After creating a service account in Google developer console, I downloaded the json file with the information to authenticate then do the following:
>>> import json
>>> from oauthlib.oauth2 import ServiceApplicationClient
>>> from requests_oauthlib import OAuth2Session
>>> json_file = json.load(open("google-project-credentials.json"))
>>> client_id = json_file['client_id']
>>> issuer = json_file['client_email']
>>> audience = 'https://www.googleapis.com/oauth2/v4/token'
>>> scope = 'https://www.googleapis.com/auth/tasks'
>>> private_key_id = json_file['private_key_id']
>>> private_key_pkcs8_pem = json_file['private_key']
>>> client = ServiceApplicationClient(client_id=client_id,issuer=issuer,audience=audience,private_key=private_key_pkcs8_pem)
>>> google = OAuth2Session(client_id, client=client)
>>> google.fetch_token(token_url)
After calling fetch_token, I receive this error:
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/Users/antoinet/.virtualenvs/scraper/lib/python3.4/site-packages/requests_oauthlib/oauth2_session.py", line 244, in fetch_token
self._client.parse_request_body_response(r.text, scope=self.scope)
File "/Users/antoinet/.virtualenvs/scraper/lib/python3.4/site-packages/oauthlib/oauth2/rfc6749/clients/base.py", line 409, in parse_request_body_response
self.token = parse_token_response(body, scope=scope)
File "/Users/antoinet/.virtualenvs/scraper/lib/python3.4/site-packages/oauthlib/oauth2/rfc6749/parameters.py", line 376, in parse_token_response
validate_token_parameters(params)
File "/Users/antoinet/.virtualenvs/scraper/lib/python3.4/site-packages/oauthlib/oauth2/rfc6749/parameters.py", line 383, in validate_token_parameters
raise_from_error(params.get('error'), params)
File "/Users/antoinet/.virtualenvs/scraper/lib/python3.4/site-packages/oauthlib/oauth2/rfc6749/errors.py", line 271, in raise_from_error
raise cls(**kwargs)
oauthlib.oauth2.rfc6749.errors.InvalidGrantError: (invalid_grant) Invalid JWT: Failed audience check. The right audience is https://www.googleapis.com/oauth2/v4/token
However, audience is already equal to https://www.googleapis.com/oauth2/v4/token ...
When I try to generate the jwt:
>>> client.prepare_request_body()
Then run the result from bash with curl: curl -d 'grant_type=urn............' https://www.googleapis.com/oauth2/v4/token
I get the following error:
{
"error": "invalid_grant",
"error_description": "Invalid JWT: Failed audience check. The right audience is https://www.googleapis.com/oauth2/v4/token"
}
What am I missing? Thanks!