从Google Apps脚本访问经过验证的Google Cloud Endpoints API

Question

我试图从使用Google Cloud Endpoints构建的API将一些数据拉入Google表单电子表格。下面是API声明：

@Api(
     name = "myendpoint", 
     namespace = 
      @ApiNamespace 
       (
        ownerDomain = "mydomain.com", 
        ownerName = "mydomain.com", 
        packagePath = "myapp.model" 
       ), 
     scopes = {SCOPES}, 
     clientIds = {ANDROID_CLIENT_ID, WEB_CLIENT_ID, API_EXPLORER_CLIENT_ID}, 
     audiences = {WEB CLIENT_ID} 
) 

我试图访问该方法已通过认证的API声明中的用户参数的方式提供支持：

@ApiMethod(name = "ping", httpMethod = HttpMethod.GET, path = "ping") 
public StringResponse getPing(User user) throws OAuthRequestException { 

    CheckPermissions(user);//throws an exception if the user is null or doesn't have the correct permissions 

    return new StringResponse("pong"); 
} 

这正常使用生成的客户端时图书馆或gapi js图书馆。但是AFAIK我不能在Apps Script中使用这些js库。

我有一个OAuth2流程使用的应用程序，脚本的oauth2库从here工作，和我几乎使用默认设置为创建服务

function getService() { 
    // Create a new service with the given name. The name will be used when 
    // persisting the authorized token, so ensure it is unique within the 
    // scope of the property store. 
    return OAuth2.createService(SERVICE_NAME) 

    // Set the endpoint URLs, which are the same for all Google services. 
    .setAuthorizationBaseUrl('https://accounts.google.com/o/oauth2/auth') 
    .setTokenUrl('https://accounts.google.com/o/oauth2/token') 

    // Set the client ID and secret, from the Google Developers Console. 
    .setClientId(CLIENT_ID) 
    .setClientSecret(CLIENT_SECRET) 

    // Set the name of the callback function in the script referenced 
    // above that should be invoked to complete the OAuth flow. 
    .setCallbackFunction('ruggedAuthCallback') 

    // Set the property store where authorized tokens should be persisted. 
    .setPropertyStore(PropertiesService.getUserProperties()) 

    // Set the scopes to request (space-separated for Google services). 
    .setScope(SCOPES) 

    // Below are Google-specific OAuth2 parameters. 

    // Sets the login hint, which will prevent the account chooser screen 
    // from being shown to users logged in with multiple accounts. 
    .setParam('login_hint', Session.getActiveUser().getEmail()) 

    // Requests offline access. 
    .setParam('access_type', 'offline') 

    // Forces the approval prompt every time. This is useful for testing, 
    // but not desirable in a production application. 
    .setParam('approval_prompt', 'auto') 

    //.setParam('include_granted_scopes', 'true'); 
} 

这些都是我的访问方法这些API

function getDriveDocs() { 
    return executeApiMethod('https://www.googleapis.com/drive/v2/','files?maxResults=10'); 
} 

function pingServer(){ 
    return executeApiMethod('https://myapp.appspot.com/_ah/api/myendpoint/v1/','ping'); 
} 

function executeApiMethod(apiUrl, method) 
{ 
    //var url = ; 
    var url = apiUrl + method; 
    var service = getRuggedService(); 
    return UrlFetchApp.fetch(url, { 
    'muteHttpExceptions': true, 
    'method': 'get', 
    'headers': { 
     Authorization: 'Bearer ' + service.getAccessToken() 
    } 
    }); 
} 

的getDriveDocs（）方法的作品完美，所以我知道我的身份验证流程，工作正常。此外，如果我在我的API中调用未经身份验证的方法，我会得到正确的响应。但是，当我调用已验证的'ping'方法时，'user'参数始终为空。我在获取调用中丢失了什么？目前为止我读过的所有内容似乎都暗示设置

Authorization: 'Bearer ' + service.getAccessToken() 

应该足够了。

任何帮助将不胜感激！

Answer 1

事实证明这是一个简单的错误 - 我在谷歌开发控制台中创建了一个新的oauth2凭据，并没有将新的客户端ID添加到API声明中。以下是工作API声明：

@Api(
     name = "myendpoint", 
     namespace = 
      @ApiNamespace 
       (
        ownerDomain = "mydomain.com", 
        ownerName = "mydomain.com", 
        packagePath = "myapp.model" 
       ), 
     scopes = {SCOPES}, 
     clientIds = {ANDROID_CLIENT_ID, WEB_CLIENT_ID, API_EXPLORER_CLIENT_ID, GAPPS_CLIENT_ID}, 
     audiences = {WEB CLIENT_ID} 
    )