Login/Register
google-api-ruby-client The current user has insufficient permissions to perform the requested operation
Asked Answered
rubygoogle-apiin-app-purchasegoogle-api-ruby-client
B

0

1

I am using the google-api-ruby-clientgoogle-api-ruby-client for my backend server to validate the android inapppurchase code (see below):

    require 'google/api_client'
    require 'google/api_client/client_secrets'
    require 'google/api_client/auth/installed_app'


    API_VERSION = 'v1.1'

    service_account_email = '[email protected]' # Email of service account
    key_file = 'xxx.p12' # File containing your private key
    key_secret = 'notasecret' # Password to unlock private key
    scope_url = 'https://www.googleapis.com/auth/androidpublisher'

    client = Google::APIClient.new(
      :application_name => 'Ruby Inapppurchases validate',
      :application_version => '1.0.0')


    key = Google::APIClient::KeyUtils.load_from_pkcs12(key_file, key_secret)


    client.authorization = Signet::OAuth2::Client.new(
      :token_credential_uri => 'https://accounts.google.com/o/oauth2/token',
      :audience => 'https://accounts.google.com/o/oauth2/token',
      :scope => scope_url,
      :issuer => service_account_email,
      :signing_key => key)

      client.authorization.fetch_access_token!

    publisher = client.discovered_api('androidpublisher', 'v1.1')

    p client.execute(
              api_method: publisher.inapppurchases.get,
              parameters: {
                  packageName:  'com.examble',
                  productId: 'android.test.purchased',
                  token:  "inapp:com.examble:android.test.purchased"          
                  }).data

I follow the instruction for the api, but my error is as followed:

    #<Google::APIClient::Schema::Androidpublisher::V1_1::InappPurchase:0x3fd021a64240
    DATA:{"error"=>{"errors"=>[{"domain"=>"androidpublisher", "reason"=>"permissionDenied",
    "message"=>"The current user has insufficient permissions to perform the requested operation."}],
    "code"=>401, "message"=>"The current user has insufficient permissions to 
    perform the requested operation."}}>

This troubles me long time. Can anyone help me?

Barsky answered 19/6, 2014 at 12:30 Comment(10)
I'm not familiar with ruby but it looks just like my issue: #24323707Disunity
I've always thought that you need to supply an additional user email in the Client.new call using the ":person" parameter, and that this is the user that is used to check permissions on the subsequent call.Ruffner
@jrq I have use the :person parameter, it did not work too.can you give me some example!!Barsky
This example is not for Androidpublisher, but for Google Apps for Business: client.authorization = Signet::OAuth2::Client.new( :token_credential_uri => 'accounts.google.com/o/oauth2/token', :audience => 'accounts.google.com/o/oauth2/token', :scope => 'googleapis.com/auth/admin.directory.group', :issuer => SERVICE_ACCOUNT_EMAIL, :signing_key => Google::APIClient::KeyUtils.load_from_pkcs12(SERVICE_ACCOUNT_PKCS12_FILE_PATH, 'notasecret'), :person => user_email ) But it looks similar to your callRuffner
@jrq thanks very much! I have solved my problem,because of the error email!!Barsky
Great. So the problem was the missing :person parameter, with a correct user_email?Ruffner
@jrq yeah!! official document did not have an example!!That's the biggest problem!!Barsky
You just saved me from a headache after 2 days of desperate debugging. Adding the "person" parameter solved the permission issueCaution
@Barsky What value did you put for user_email in this, anyone have ruby gist to verify purchase_token ?Nadia
@Ruffner What value did you put for user_email in this, anyone have ruby gist to verify purchase_token , I tried with service_account_emailNormalize

© 2022 - 2024 — McMap. All rights reserved.