Geek Answers Handbook

Invalid grant when trying to authorize a server application on a server in ruby ​​to access Google Calendar

I'm trying to create an application for myself that connects directly to my calendar ... but I never want to participate in re-authentication. I just want to encode authentication once and do it.

Auth code is as follows:

key = Google::APIClient::PKCS12.load_key(SERVICE_ACCOUNT_PKCS12_FILE_PATH, PASSWORD) asserter = Google::APIClient::JWTAsserter.new( SERVICE_ACCOUNT_EMAIL, 'https://www.googleapis.com/auth/calendar', key) @client = Google::APIClient.new @client.authorization = asserter.authorize#(SERVICE_ACCOUNT_EMAIL) @client

My file is SERVICE_ACCOUNT_...PKCS . is at the root of the directory with my Sinatra app.
I have included the Google Calendar API in my gmail account.

I looked at the authentication method here: https://code.google.com/p/google-api-ruby-client/ (under authorization, which talks about server to server communication)

 $ ruby server.rb Faraday: you may want to install system_timer for reliable timeouts /home/me/.rvm/gems/ruby-1.8.7-p371/gems/faraday-0.8.4/lib/faraday/utils.rb:16: warning: already initialized constant KeyMap /home/me/.rvm/gems/ruby-1.8.7-p371/gems/faraday-0.8.4/lib/faraday/utils.rb:177: warning: already initialized constant DEFAULT_SEP W, [2013-01-15T09:52:11.371122 #28607] WARN -- : Google::APIClient - Please provide :application_name and :application_version when initializing the client /home/me/.rvm/gems/ruby-1.8.7-p371/gems/signet-0.4.4/lib/signet/oauth_2/client.rb:869:in `fetch_access_token': Authorization failed. Server message: (Signet::AuthorizationError) { "error" : "invalid_grant" } from /home/me/.rvm/gems/ruby-1.8.7-p371/gems/signet-0.4.4/lib/signet/oauth_2/client.rb:882:in `fetch_access_token!' from /home/me/.rvm/gems/ruby-1.8.7-p371/gems/google-api-client-0.6.1/lib/google/api_client/auth/jwt_asserter.rb:116:in `authorize' from server.rb:32:in `build_client' from server.rb:38

What could be the problem? Why am I getting this error? - especially since I copied the code from the gem site.

UPDATE:

found this:

invalid_grant is trying to get oAuth token from google

says I have to do this: "Make sure you specify access_type = offline in your request.

How can I do this with a ruby ​​pearl? without fully repeating HTTP requests?

+6
source share
1 answer

Here is a working code that is similar, except for the last line, which should have an email from a user who actually owns the calendar (you). I believe the service email address is not your email address.

 client_asserter = Google::APIClient::JWTAsserter.new( config['client_email'], PLUS_LOGIN_SCOPE, key ) $client.authorization = client_asserter.authorize(config['user_email'])

Also, make sure you keep the service account correctly. I used this guide: https://developers.google.com/+/domains/authentication/delegation , which is for the Domain API, but the first part should be the same.

Also, don't you need another authentication area?

Here is a complete example (ruby) that I should work for me: https://github.com/admitriyev/propellant/blob/master/main.rb

0
source

More articles:


All Articles