gpt4 book ai didi

google-apps-script - 如果我的代码没有对 Google+ 的可见引用,Google+ OAuth 关闭是否会影响我?

转载 作者:行者123 更新时间:2023-12-03 04:35:02 25 4
gpt4 key购买 nike

我收到了一封来自 Google 的电子邮件,警告我,我的 Google 应用脚本项目将受到即将到来(2019 年 1 月 28 日至 2019 年 3 月 7 日)的 Google+ API 关闭的影响。

Hello Google+ Developer,

The email below contains your most recent usage of Google+ APIs. Note: It includes Google+ OAuth scope requests, which are also affected by the Google+ shutdown. A prior email sent to active API callers did not include information about OAuth requests. One final reminder email will be sent in February to users who still have active API or OAuth request activity.

What do I need to know? On March 7, 2019, all Google+ APIs and Google+ Sign-in will be shut down completely. This will be a progressive shutdown, with API calls starting to intermittently fail as early as January 28, 2019, and OAuth requests for Google+ scopes starting to intermittently fail as early as February 15, 2019.

What do I need to do? Please update your projects listed below by March 7, 2019 and ensure they are no longer using Google+ APIs, or requesting Google+ OAuth scopes. The data below shows which Google+ API methods your projects have recently called, as well as Google+ OAuth scopes it has requested. Note: If you see calls to people.get, these can be the result of using the Google+ Sign-In feature in your application, which is now fully deprecated and is being shut down. Developers should migrate from the Google+ Sign-In feature to the more comprehensive Google Sign-in authentication system.

该电子邮件明确指出了我的项目中的错误,并提供了以下位置详细信息:

Project...............:My_GAS_Project_Name  
Google+ API Name......:OAuth
Version...............:N/A
Method or OAuth Scope.:plus.me

但我认为这是误报。

我正在使用 OAuth API,但没有使用 Google+ API。我搜索了以下字符串;我的代码中的“plus”和“+”,在任何地方都没有找到引用*。

*是的,到处都有“+”,但它们都被视为字符串连接操作。

这是项目中的OAuth函数:

function _getAuthenticationToken_() {
// Check we have access to the service
var service = getService();
if (!service.hasAccess()) {
var authorizationUrl = service.getAuthorizationUrl();
_log_('INFO', 'Open the following URL and re-run the script: ' + authorizationUrl);
return;
}

Logger.log('Passed Authentication');

//Get the Access Token
return service.getAccessToken();

function getService() {
// Create a new service with the given name. The name will be used when
// persisting the authorized token, so ensure it is unique within the
// scope of the property store.
return OAuth2.createService('jlr-edw-dev-service')

// Set the endpoint URLs, which are the same for all Google services.
.setAuthorizationBaseUrl('https://accounts.google.com/o/oauth2/auth')
.setTokenUrl('https://accounts.google.com/o/oauth2/token')

// Set the client ID and secret, from the Google Developers Console.
.setClientId(CLIENT_ID)
.setClientSecret(CLIENT_SECRET)

// Set the name of the callback function in the script referenced
// above that should be invoked to complete the OAuth flow.
.setCallbackFunction('authCallback')

// Set the property store where authorized tokens should be persisted.
.setPropertyStore(PropertiesService.getUserProperties())

// Set the scopes to request (space-separated for Google services).
// this is admin access for the sqlservice and access to the cloud-platform:
.setScope(
'https://www.googleapis.com/auth/sqlservice.admin ' +
'https://www.googleapis.com/auth/cloud-platform')

//Removed because this Should be covered by cloud-platform
//'https://www.googleapis.com/auth/devstorage.read_write '

// Below are Google-specific OAuth2 parameters.

// Sets the login hint, which will prevent the account chooser screen
// from being shown to users logged in with multiple accounts.
.setParam('login_hint', Session.getActiveUser().getEmail())

// Requests offline access.
.setParam('access_type', 'offline')

// Forces the approval prompt every time. This is useful for testing,
// but not desirable in a production application.
.setParam('approval_prompt', 'force');
}

function authCallback(request) {
var cloudSQLService = getService();
var isAuthorized = cloudSQLService.handleCallback(request);

if (isAuthorized) {
_log_('INFO', 'Access Approved');
return HtmlService.createHtmlOutput('Success! You can close this tab.');
} else {
_log_('INFO', 'Access Denied');
return HtmlService.createHtmlOutput('Denied. You can close this tab');
}
}
}

我应该忽略 Google 的警告吗?还是可以检查其他内容来确认这些项目没有风险?

我应该补充一点,这些项目是通过 Google App Script Execution API 公开的,并且它们的函数是通过 Java program based on the the Google example 执行的。 。仅标记以这种方式访问​​的项目。

更多详细信息是为了回应 DaImTo 的评论而添加的。

项目资源中唯一打开的库是 OAuth: enter image description here

Google+ API 和 People API 均已关闭: enter image description here

该项目的 API 信息中心也不包含 Google+: enter image description here

更新

我想我可能知道现在发生了什么。下图说明了各个组件。 enter image description here

1) 这些是从用于执行 Google App 脚本的 Java 程序中提取的范围。它们包括范围“https://www.googleapis.com/auth/userinfo.email ”。

2) 这是 Google OAuth2 API, v2范围文档。

3) 这些是授予 Google App Script 项目的范围。根据描述性名称,它看起来像是包含了“plus.me”,即“知道你在 Google 上是谁 = https://www.googleapis.com/auth/plus.me ”。

因此,由于某种原因,在请求访问“https://www.googleapis.com/auth/userinfo.email ”时,请求被扩展为包含“https://www.googleapis.com/auth/plus.me ”。我认为发生这种情况可能是因为“serinfo.email”已被弃用,described here

enter image description here

已解决

Google 的进一步沟通已澄清这确实是误报,无需更改代码。

Dear Developer,

Earlier this week we sent you an email related to your projects that will be impacted by the Google+ API shutdown, which also affects requests for Google+ OAuth scopes.

The email listed that one or more of your projects are requesting the “plus.me” scope, and would thus be affected. We would like to clarify that only projects directly requesting the “plus.me” scope are affected. This scope may have been listed in some emails, even if not directly requested by your project. We apologize for any confusion caused.

If you are directly requesting the “plus.me” scope, any other Google+ OAuth scopes, or making any Google+ API calls, please ensure that you remove these requests from your project before March 7, 2019.

To see if your project is directly requesting the “plus.me” or any other Google+ OAuth scopes:

• If your project is written in Google Apps Script, you can view which scopes your project is requesting by reviewing your project properties in App Script Editor.

• If your project is not written in Google Apps Script, please check your code for references to “plus.me” in OAuth scope requests. We recommend that you review projects using any 3rd-party libraries that support sign-in or social functionality, as these may also be affected by the shutdown.

Thanks for being a valued Google+ Developer.

Sincerely, The Google+ API team

最佳答案

我认为您应该检查 Google 开发者控制台。确保您尚未在项目中启用 google+ api。这可能导致误报。

enter image description here

这是我唯一能想到的。即使这是一个代码问题,谷歌也无法真正访问开发人员代码,他们也不会扫描每个脚本来发出警告。

关于google-apps-script - 如果我的代码没有对 Google+ 的可见引用,Google+ OAuth 关闭是否会影响我?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/54437660/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com