2

I'm trying to fix my script which sets up mail forwarding on Google Apps with the new OAuth2 authentication. I have the directory API working fine, but the forwarding stopped working last week with the username/password authentication.

I've updated my code based on another post here (Enable mail forwarding using a Google Apps Service Account), including what appears to be the same as what's labeled "Final Working Code" there, but cannot figure out what is wrong.

When authenticating, I receive the error below:

Traceback (most recent call last):
  File "./tmp.py", line 26, in <module>
    client.UpdateForwarding(username="chauvetp@hawkmail.newpaltz.edu",  enable=True, forward_to='sysadmin@newpaltz.edu', action='ARCHIVE')
  File "/usr/lib/python2.6/site-packages/gdata/apps/emailsettings/client.py", line 320, in update_forwarding
    return self.update(new_forwarding, **kwargs)
  File "/usr/lib/python2.6/site-packages/gdata/client.py", line 730, in update
    desired_class=entry.__class__, **kwargs)
  File "/usr/lib/python2.6/site-packages/gdata/client.py", line 307, in request
    response, Unauthorized)
gdata.client.Unauthorized: Unauthorized - Server responded with: 401,

My code is as follows:

import gdata.gauth
import gdata.apps.emailsettings.client
from oauth2client.client import SignedJwtAssertionCredentials

service_account = My_Service_Account
adminEmail = My_Admin_Email
scope = 'https://apps-apis.google.com/a/feeds/emailsettings/2.0/'

keyfile = file(My_Key_Location,'rb')
key = keyfile.read()
keyfile.close()

credentials = SignedJwtAssertionCredentials(service_account, key, sub=My_Admin_Email, scope='https://apps-apis.google.com/a/feeds/emailsettings/2.0/')

auth = gdata.gauth.OAuth2Token(      
  credentials.client_id,#serviceEmail
  credentials.client_secret,#private key 
  scope='https://apps-apis.google.com/a/feeds/emailsettings/2.0/',
  access_token=credentials.access_token,
  refresh_token=credentials.refresh_token,
  user_agent=credentials.user_agent)
client = gdata.apps.emailsettings.client.EmailSettingsClient(domain='MyDomain')
auth.authorize(client)

client.UpdateForwarding(username="TestAccount", enable=True, forward_to=DestinationAddress, action='ARCHIVE')

I would have added comments to the previous post referenced above, but my account here is new (and it says I need a 50 reputation to comment). Any assistance on this would be greatly appreciated!

Community
  • 1
  • 1
Paul Chauvet
  • 21
  • 1
  • Are you authorized to make request? if you are using service account, Did you do https://developers.google.com/+/domains/authentication/delegation. check this link http://stackoverflow.com/questions/30519537/having-trouble-trying-to-use-gdata-and-oauth2-in-python – SGC Jun 05 '15 at 17:53
  • I am using a service account. I've granted that service account access to https://apps-apis.google.com/a/feeds/emailsettings/2.0/ (along with https://www.googleapis.com/auth/admin.directory.group & https://www.googleapis.com/auth/admin.directory.user) via the Google Admin panel (within there, Security->Advanced Settings->Manage API Access). – Paul Chauvet Jun 08 '15 at 13:57
  • I haven't done what's listed at https://developers.google.com/+/domains/authentication/delegation for the forwarding function, since I can't seem to find the email settings app in the API library. The API's I have enabled are "Admin SDK" and "Groups Settings API", both of which are working, but don't provide the forwarding functionality. – Paul Chauvet Jun 08 '15 at 13:59

0 Answers0