Error 403 Google.Net API Email Settings
I am really immersed in the problem that keeps me sleeping.
Basically, we had an application that received an HTML email signature on GMail ("domaincompany.com") for each company user and set the updated personal information to a new HTML signature.
This is how it is implemented:
public static string getGMailFirma(string mail) {
GoogleMailSettingsService service = null;
string[] domainUserGMail;
string result;
try {
/* Recuperamos los datos del usuario de GMail: *
* - Pos 0: usuario *
* - Pos 1: dominio */
domainUserGMail = Util.getUserDomainGMail(mail);
/* Iniciamos el servicio de GApps */
service = new GoogleMailSettingsService(domainUserGMail[1], "company.FirmaCorporativa");
service.setUserCredentials(PropertiesManager.getUserGApps(), PropertiesManager.getPassGApps());
result = service.RetrieveSignature(domainUserGMail[0]).getPropertyValueByName("signature").ToString();
return result;
} catch (Exception ex) {
throw ex;
}
}
So, a few weeks ago this doesn't work anymore, showing the error: "Executing an authentication request returned unexpected result: 404" after executing:
result = service.RetrieveSignature (domainUserGMail [0]). getPropertyValueByName ("signature"). ToString ();
Searching in web documents and various resources, we realized that it should implement OAuth2, so we tried this code modification:
public static string getGMailFirma(string mail) {
GoogleMailSettingsService service = null;
string[] domainUserGMail;
string result;
try {
const string ServiceAccountEmail = "xxxxxxxxxxxxxxxxxxxxxxx@developer.gserviceaccount.com";
var certificate = new X509Certificate2("Key_admin.p12", "notasecret", X509KeyStorageFlags.Exportable);
ServiceAccountCredential credential = new ServiceAccountCredential(
new ServiceAccountCredential.Initializer(ServiceAccountEmail) {
Scopes = new[] { "https://apps-apis.google.com/a/feeds/emailsettings/2.0/" }
}.FromCertificate(certificate));
if (!credential.RequestAccessTokenAsync(System.Threading.CancellationToken.None).Result)
throw new InvalidOperationException("Access token request failed.");
var requestFactory = new GDataRequestFactory(null);
requestFactory.CustomHeaders.Add("Authorization: Bearer " + credential.Token.AccessToken);
/* Recuperamos los datos del usuario de GMail: *
* - Pos 0: usuario *
* - Pos 1: dominio */
domainUserGMail = Util.getUserDomainGMail(mail);
/* Iniciamos el servicio de GApps */
service = new GoogleMailSettingsService(domainUserGMail[1], "CompanyFirmaCorporativa");
service.RequestFactory = requestFactory;
service.setUserCredentials(PropertiesManager.getUserGApps(), PropertiesManager.getPassGApps());
result = service.RetrieveSignature(domainUserGMail[0]).getPropertyValueByName("signature").ToString();
return result;
} catch (Exception ex) {
throw ex;
}
}
But it still gets another error, 403 (Forbidden) after the same line execution.
For the last testing, I took the following steps:
- Create a Client ID as a Service Account on Console Developers
- Provide correct access to Client ID for https://apps-apis.google.com/a/feeds/emailsettings/2.0/ in Google Admin
Please, I would really appreciate it if anyone could help me if I am wrong.
Thanks in advance.
Hooray!
source to share
Today I am going crazy about the same problem, but for "RetrieveSendAs" which comes with the same API scope, and only this minute solved it!
The "Initializer" parameter requires the "User" parameter with the main email address of the site administrator:
ServiceAccountCredential credential = new ServiceAccountCredential(
new ServiceAccountCredential.Initializer(Globals.GaServiceEmail)
{
User = "gapps-admin-login@example.org",
Scopes = new[] { "https://apps-apis.google.com/a/feeds/emailsettings/2.0/" }
}.FromCertificate(gaCertificate));
You also need to remove the old 'service.setUserCredentials' line from your code.
source to share