We have been using the Email Settings API to manage our users signatures, and inject proper HTML signatures for Google Apps. It has worked wonderfully until recently. The old code used 'ClientLogin' with an administrator's credentials. I have been trying to make it work with OAuth now that ClientLogin has been completely removed.
import gdata.apps.emailsettings.client,sys
from oauth2client.client import SignedJwtAssertionCredentials
SERVICE_ACCOUNT_EMAIL = 'xx@developer.gserviceaccount.com'
filename = sys.argv[1]
username = sys.argv[2]
f = file('key.pem', 'rb')
key = f.read()
f.close()
credentials = SignedJwtAssertionCredentials(SERVICE_ACCOUNT_EMAIL, key,
scope='https://apps-apis.google.com/a/feeds/emailsettings/2.0/',
sub=username)
auth2token = gdata.gauth.OAuth2TokenFromCredentials(credentials)
emclient = gdata.apps.emailsettings.client.EmailSettingsClient(domain='companyname.com')
auth2token.authorize(emclient)
print filename
print username
f = open(filename, 'r')
data = f.read()
f.close
emclient.UpdateSignature(username=username, signature=data)
When we run it, we get:
oauth2client.client.AccessTokenRefreshError: unauthorized_client: Unauthorized client or scope in request.
I have been through the documentation on Email Settings API, and it makes reference to asking the user for a code from a consent screen, but provides zero documentation on how any of that is supposed to work, and I would rather not have to deal with any user interactions.
I went through the Developers console to activate the API in there, but it simply does not exist. I tried activating the Gmail one (although it's different), and it did not help.
I'm new to OAuth2 and Python, so maybe I'm missing something glaring.
