400 Bad Request on Gmail API with php

问题

I want my server to access a gmail account with php code. And the following is what I created with the examples I can find online.

<?php

session_start();

require_once dirname(dirname(__FILE__)) . '/utility/google-api-php-client/src/Google/autoload.php';

$json_file_location = 'Gmail-YQXB-7c754a18211a.json';

$client = new Google_Client();
$service = new Google_Service_Books($client);
$sgmail = new Google_Service_Gmail($client);

$scopes = array('https://www.googleapis.com/auth/books', 'https://mail.google.com');

if (isset($_SESSION['service_token'])) {
    $client->setAccessToken($_SESSION['service_token']);
}

$cred = $client->loadServiceAccountJson($json_file_location, $scopes);
$client->setAssertionCredentials($cred);
if ($client->getAuth()->isAccessTokenExpired()) {
    $client->getAuth()->refreshTokenWithAssertion($cred);
}

$_SESSION['service_token'] = $client->getAccessToken();

$optParams = array('filter' => 'free-ebooks');
$results = $service->volumes->listVolumes('Henry David Thoreau', $optParams);
echo "<h3>Results Of Call:</h3>";
foreach ($results as $item) {
    echo $item['volumeInfo']['title'], "<br /> \r\n";
}

$msg = $sgmail->users_messages->listUsersMessages('me');
var_dump($msg); 

?>

The code works except the last request, which will throw something like:

PHP Fatal error: Uncaught exception 'Google_Service_Exception' with message 'Error calling GET https://www.googleapis.com/gmail/v1/users/me/messages: (400) Bad Request' in C:\inetpub\wwwroot\utility\google-api-php-client\src\Google\Http\REST.php:110

$msg = $sgmail->users_messages->listUsersMessages('me');

This account is a Service Account. I could make it working if I use a Web application type Client ID. Just don't know what is wrong here.

回答1:

You should not be using a service account if you just want to access one account (your own). Service accounts are their own account and they're not Gmail accounts. They work well for APIs that don't need a user (e.g. maps, search) or when you are using a Google Apps for Work domain and want delegation enabled for all users in the domain (by domain admin, so you don't need individual user authorization).

You want to use standard oauth2 web auth flow. If you want to make sure it's usable offline (e.g. by some script/service/cron job) then make sure you add the offline flag on your oauth2 authorization web flow request and that'll make sure you get a permanent refresh token (can be used to request an access token). If you don't set offline, then it's an access token which is only good for an hour. See https://developers.google.com/gmail/api/auth/web-server for more details.

来源：https://stackoverflow.com/questions/29760949/400-bad-request-on-gmail-api-with-php