How to set scope for token in Google Play Developer Reporting API

Question

I started to use Google Play Developer Reporting API with using Golang(https://pkg.go.dev/google.golang.org/[email protected]/playdeveloperreporting/v1beta1), and faced with issue related to API scopes:

Code:

package main

import (
    "context"
    "encoding/json"
    "fmt"
    "golang.org/x/oauth2"
    "golang.org/x/oauth2/google"
    "golang.org/x/oauth2/jwt"
    "google.golang.org/api/option"
    "google.golang.org/api/playdeveloperreporting/v1beta1"
    "io/ioutil"
)

const (
    GoogleApplicationCredentials = "path_to_service_account_credentials"
    ProjectID                    = "apps/{project_id}"
)

func main() {
    tokenSource, err := getTokenSource(GoogleApplicationCredentials)
    if err !=nil {
        panic(err)
    }
    if err := getAnomalies(tokenSource, ProjectID); err != nil {
        panic(err)
    }
}

func getAnomalies(tokenSource oauth2.TokenSource, projectID string) error {
    ctx := context.Background()
    service, err := playdeveloperreporting.NewService(ctx, option.WithTokenSource(tokenSource))
    if err != nil {
        return err
    }
    anomaliesCall := service.Anomalies.List(projectID)
    result, err := anomaliesCall.Do()
    if err != nil {
        return err
    }
    fmt.Printf("\nStatus: %d", result.HTTPStatusCode)
    return nil
}

func getTokenSource(credentialFile string) (oauth2.TokenSource, error) {
    ctx := context.Background()
    b, err := ioutil.ReadFile(credentialFile)
    if err != nil {
        return nil, err
    }
    var c = struct {
        Email      string `json:"client_email"`
        PrivateKey string `json:"private_key"`
    }{}
    if err := json.Unmarshal(b, &c); err != nil {
        return nil, err
    }
    fmt.Printf("\nClient email: %s\n", c.Email)
    config := &jwt.Config{
        Email:      c.Email,
        PrivateKey: []byte(c.PrivateKey),
        Scopes:     []string{
            "?????????",
        },
        TokenURL: google.JWTTokenURL,
    }
    return config.TokenSource(ctx), nil
}

My question is what scope I need to use? I didn't find in - https://developers.google.com/identity/protocols/oauth2/scopes

Thanks

Answer 1

When you access an api in this case Google Play Developer Reporting API most of the data is private user data. In order to access private user data your application needs the permissions of the owner of that data or someone with access.

To get that access we use Oauth2, not all methods are created equal depending upon which method within the Google Play Developer Reporting API you are trying to use will dictate which scope of access the user will need to grant you.

The easest way to tell which scope is to check the documentation

Lets look at the anomalies.list method for an example. If we scroll down to the bottom it tells you exactly which scope your user needs to authorize.

After a bit of checking i think there is only one scope for this api it is https://www.googleapis.com/auth/playdeveloperreporting. So if you request that scope then you should have access to the full api.

Answer 2

I had the same problem

scope https://www.googleapis.com/auth/playdeveloperreporting

You are receiving this error either because your input OAuth2 scope name is invalid or it refers to a newer scope that is outside the domain of this legacy API.

This API was built at a time when the scope name format was not yet standardized. This is no longer the case and all valid scope names (both old and new) are catalogued at https://developers.google.com/identity/protocols/oauth2/scopes. Use that webpage to lookup (manually) the scope name associated with the API you are trying to call and use it to craft your OAuth2 request.