问题
Currently in the process of trying to move over to use OAuth2 from of OAuth1 2LO (2 Legged OAuth). At first it looked like we would not be able to make the move as we rely heavily on 2LO and almost all of the product APIs (with the exception of Drive) have this message in their docs:
If your application has certain unusual authorization requirements, such as logging in at the same time as requesting data access (hybrid) or domain-wide delegation of authority (2LO), then you cannot currently use OAuth 2.0 tokens. In such cases, you must instead use OAuth 1.0 tokens and an API key. - https://developers.google.com/google-apps/calendar/auth
Some of the newer APIs (like the Admin SDK APIs) also have the same message.
While looking at the Drive Delegation Document: https://developers.google.com/drive/delegation, it explicitly talks about using domain-wide delegation for calendar:
In the One or More API Scopes field enter the list of scopes that your application should be granted access to (see image below). For example if you need domain-wide access to the Google Drive API and the Google Calendar API enter: https://www.googleapis.com/auth/drive, https://www.googleapis.com/auth/calendar
This seems to directly contradict the calendar auth doc. Does anyone know which other APIs support Domain-Wide Delegation?
回答1:
Access tokens obtained through Google's 2-legged OAuth2 are supported by all Google APIs. For more info on how to provide domain-wide delegation, see Google's 2-legged OAuth2 and Google Drive SDK delegation docs.
The calendar documentation seems out-of-date indeed, we should have it updated soon though.
Hope that helps!
回答2:
I suspect the documentation is out of date and that any Google API that supports OAuth2 will in fact accept a domain delegated access token. When the OAuth2 support was originally released service accounts were not included - which is how domain-wide delegation is now achieved.
I posted an example yesterday on how to do this in Java for Calendar API - the instructions hold the same for other languages/APIs: How to Access Google Calendar REST API v3 with Java
来源:https://stackoverflow.com/questions/20127114/which-google-apis-support-oauth2-domain-wide-delegation