I started to use Google Play Developer Reporting API with using Golang(https://pkg.go.dev/google.golang.org/[email protected]/playdeveloperreporting/v1beta1), and faced with issue related to API scopes:
Code:
package main
import (
"context"
"encoding/json"
"fmt"
"golang.org/x/oauth2"
"golang.org/x/oauth2/google"
"golang.org/x/oauth2/jwt"
"google.golang.org/api/option"
"google.golang.org/api/playdeveloperreporting/v1beta1"
"io/ioutil"
)
const (
GoogleApplicationCredentials = "path_to_service_account_credentials"
ProjectID = "apps/{project_id}"
)
func main() {
tokenSource, err := getTokenSource(GoogleApplicationCredentials)
if err !=nil {
panic(err)
}
if err := getAnomalies(tokenSource, ProjectID); err != nil {
panic(err)
}
}
func getAnomalies(tokenSource oauth2.TokenSource, projectID string) error {
ctx := context.Background()
service, err := playdeveloperreporting.NewService(ctx, option.WithTokenSource(tokenSource))
if err != nil {
return err
}
anomaliesCall := service.Anomalies.List(projectID)
result, err := anomaliesCall.Do()
if err != nil {
return err
}
fmt.Printf("\nStatus: %d", result.HTTPStatusCode)
return nil
}
func getTokenSource(credentialFile string) (oauth2.TokenSource, error) {
ctx := context.Background()
b, err := ioutil.ReadFile(credentialFile)
if err != nil {
return nil, err
}
var c = struct {
Email string `json:"client_email"`
PrivateKey string `json:"private_key"`
}{}
if err := json.Unmarshal(b, &c); err != nil {
return nil, err
}
fmt.Printf("\nClient email: %s\n", c.Email)
config := &jwt.Config{
Email: c.Email,
PrivateKey: []byte(c.PrivateKey),
Scopes: []string{
"?????????",
},
TokenURL: google.JWTTokenURL,
}
return config.TokenSource(ctx), nil
}
My question is what scope I need to use? I didn't find in - https://developers.google.com/identity/protocols/oauth2/scopes
Thanks
When you access an api in this case Google Play Developer Reporting API most of the data is private user data. In order to access private user data your application needs the permissions of the owner of that data or someone with access.
To get that access we use Oauth2, not all methods are created equal depending upon which method within the Google Play Developer Reporting API you are trying to use will dictate which scope of access the user will need to grant you.
The easest way to tell which scope is to check the documentation
Lets look at the anomalies.list method for an example. If we scroll down to the bottom it tells you exactly which scope your user needs to authorize.
After a bit of checking i think there is only one scope for this api it is
https://www.googleapis.com/auth/playdeveloperreporting
. So if you request that scope then you should have access to the full api.