Unauthorized interaction with google calendar API v3

Question

I'm in the same situation as this guy (only that my problem is with python): I'm trying to retrieve data using a service account (using this example and after reading this blog entry since my application is a google app) but I get hit with a login required error and I cannot understand why.

Let me represent it with a whole example:

In [1]: import httplib2                                                          
In [2]: from apiclient.discovery import build                                   
In [3]: from oauth2client.client import SignedJwtAssertionCredentials            
In [4]: f = open('abd45679ffg32343-privatekey.p12', 'rb')
In [5]: key = f.read()                                                          
In [6]: f.close()                                                               
In [7]: credentials = SignedJwtAssertionCredentials(                            
        '[email protected]', key,                     
        scope=['https://www.googleapis.com/auth/calendar',                      
               'https://www.googleapis.com/auth/calendar.readonly'])            
In [8]: http = httplib2.Http()                                                  
In [9]: http = credentials.authorize(http)                                      
In [10]: service = build(serviceName='calendar', version='v3', http=http,       
   ....:         developerKey='XcddfRgtyt676grggtT')        
2012-05-14 18:24:35,170 INFO  [root][MainThread] URL being requested: https://www.googleapis.com/discovery/v1/apis/calendar/v3/rest                                                              
2012-05-14 18:24:35,170 INFO  [oauth2client.client][MainThread] Attempting refresh to obtain initial access_token
2012-05-14 18:24:35,179 INFO  [oauth2client.client][MainThread] Refresing access_token
In [11]: service.calendarList().list().execute()                                
2012-05-14 18:25:00,418 INFO  [root][MainThread] URL being requested https://www.googleapis.com/calendar/v3/users/me/calendarList?alt=json&key=XcddfRgtyt676grggtT          
---------------------------------------------------------------------------     
HttpError                                 Traceback (most recent call last)     
/home/mariano/Code/Kalendar/rest/kalendar/<ipython-input-12-0cb769615d74> in <module>()
----> 1 service.calendarList().list().execute()                                 
/home/mariano/Code/Kalendar/rest/env/local/lib/python2.7/site-packages/google_api_python_client-1.0beta8-py2.7.egg/apiclient/http.pyc in execute(self, http)                                     
387                                                                         
388       if resp.status >= 300:                                            
--> 389         raise HttpError(resp, content, self.uri)                        
390     return self.postproc(resp, content)                                 
391                                                                         
HttpError: <HttpError 403 when requesting https://www.googleapis.com/calendar/v3/users/me/calendarList?alt=json&key=XcddfRgtyt676grggtT returned "The user must be signed up for Google Calendar.">

Any pointers about why is this happening and how to solve it would be greatly appreciate.

Maybe you should not include all credentials, this is a public facing website after all... — ChristopheD, May 14 '12 at 23:00

score 1 · Answer 1 · edited May 21 '12 at 03:12

1

Service Accounts are available and work with Calendar API for me.

You need to change your following statement:

credentials = SignedJwtAssertionCredentials('[email protected]', key, scope=['https://www.googleapis.com/auth/calendar', 'https://www.googleapis.com/auth/calendar.readonly'])

to

credentials = SignedJwtAssertionCredentials('[email protected]', key, scope=['https://www.googleapis.com/auth/calendar', 'https://www.googleapis.com/auth/calendar.readonly'], prn='[email protected]')

edited May 21 '12 at 03:12

bstpierre

30,042
15
70
103

answered May 20 '12 at 07:28

user1260486

315
3
6

1

Hi, I'm trying to do the same thing. If the email address of the calendar owner is "[email protected]", is that what I would enter in the "prn" field? Do you know if the calendar has to be configured in any way (like making it public)? I keep getting an "access denied" error that says "Error refreshing the OAuth2 token" (I'm using the PHP library). My calendar is set to public. Thanks. – Michael Jun 20 '12 at 00:38

score 1 · Answer 2 · edited Sep 23 '12 at 15:31

The service accounts do work with the Calendar API. You have to also grant access on your domain management as well.

Do as user1260486 and btspierre said, and add the "[email protected]" to the constructor for SignedJWTAssertionCredentials.

Then go to your domain management and add your client_id access to the API.

Here's a walkthrough about it. For the scope specify "https://www.googleapis.com/auth/calendar, https://www.googleapis.com/auth/calendar.readonly"

score 0 · Accepted Answer · answered May 14 '12 at 23:10

0

I don't think service accounts are available for Calendar API. The service account has no calendar of its own.

answered May 14 '12 at 23:10

Ali Afshar

40,967
12
95
109

That could explain it. Let me ask in the issue tracker – Mariano May 15 '12 at 14:19
You were right: http://googledevelopers.blogspot.com.ar/2012/03/service-accounts-have-arrived.html – Mariano May 16 '12 at 14:41
I have successfully gotten it to work previously. Schillingt has shown this answer to be false. – wilbbe01 Jan 03 '14 at 23:10
1

This is old information. Service accounts are indeed available for the Calendar API (tested with v3 at least). – Jude Osborn Jun 25 '14 at 22:50

Unauthorized interaction with google calendar API v3

3 Answers3

Linked