我正在使用Google AppsScript将Google电子表格与Salesforce集成。
https://github.com/googleworkspace/apps-script-oauth2
我参考上述内容继续进行OAuth2.0授权,并确认它工作正常。
问题发生在我将Google Apps脚本作为Google Workspace附加组件发布之后。(应用程序可见性是Priavte -仅对您域中的用户可用。)
当多个用户下载加载项并继续进行授权时,所有下载用户的凭据(OAuth2.0访问令牌,OAUth2.0 instance_url)将更改为最后一个进行身份验证的用户的凭据(OAuth2.0访问令牌,OAUth2.0 instance_url)。
例如
名为Olivia的用户下载加载项并登录名为www.example.com的组织A.salesforce.com,然后名为Lucas的用户下载加载项并登录名为www.example.com的组织B.salesforce.com
然后,Olivia的凭据也将被Lucas登录的www.example.com的凭据替换B.salesforce.com。
我不知道为什么会这样。
代码中是否有任何部分需要修改?
function run() {
var service = getService_();
if (service.hasAccess()) {
var url = service.getToken().instance_url +
'/services/data/v24.0/chatter/users/me';
// Make the HTTP request using a wrapper function that handles expired
// sessions.
var response = withRetry(service, function() {
return UrlFetchApp.fetch(url, {
headers: {
Authorization: 'Bearer ' + service.getAccessToken(),
}
});
});
var result = JSON.parse(response.getContentText());
} else {
openUrl()
}
}
function withRetry(service, func) {
var response;
var content;
try {
response = func();
content = response.getContentText();
} catch (e) {
content = e.toString();
}
if (content.indexOf('INVALID_SESSION_ID') !== -1) {
service.refresh();
return func();
}
return response;
}
/**
* Reset the authorization state, so that it can be re-tested.
*/
function reset() {
getService_().reset();
}
/**
* Configures the service.
*/
function getService_() {
return OAuth2.createService('Saleforce')
// Set the endpoint URLs.
.setAuthorizationBaseUrl('https://login.salesforce.com/services/oauth2/authorize')
.setTokenUrl('https://login.salesforce.com/services/oauth2/token')
// Set the client ID and secret.
.setClientId(CLIENT_ID)
.setClientSecret(CLIENT_SECRET)
// Set the name of the callback function that should be invoked to
// complete the OAuth flow.
.setCallbackFunction('authCallback')
// Set the property store where authorized tokens should be persisted.
.setPropertyStore(PropertiesService.getScriptProperties())
// Set the scopes to be requested.
//.setScope('chatter_api refresh_token');
}
/**
* Handles the OAuth callback.
*/
function authCallback(request) {
var service = getService_();
var authorized = service.handleCallback(request);
if (authorized) {
return HtmlService.createHtmlOutput('Success!');
} else {
return HtmlService.createHtmlOutput('Denied.');
}
}
/**
* Open authorizationUrl
*/
function openUrl() {
var service = getService_();
var authorizationUrl = service.getAuthorizationUrl();
var html = HtmlService.createHtmlOutput('<html><script>'
+ 'window.close = function(){window.setTimeout(function().
{google.script.host.close()},9)};'
+ 'var a = document.createElement("a"); a.href="' + authorizationUrl + '";
a.target="_blank";'
+ 'if(document.createEvent){'
+ ' var event=document.createEvent("MouseEvents");'
+ ' if(navigator.userAgent.toLowerCase().indexOf("firefox")>-1).
{window.document.body.append(a)}'
+ ' event.initEvent("click",true,true); a.dispatchEvent(event);'
+ '}else{ a.click() }'
+ 'close();'
+ '</script>'
// Offer URL as clickable link in case above code fails.
+ '<body style="word-break:break-word;font-family:sans-serif;">Failed to open
automatically. <a href="' + authorizationUrl + '" target="_blank"
onclick="window.close()">Click here to proceed</a>.</body>'
+ '<script>google.script.host.setHeight(40);google.script.host.setWidth(410).
</script>'
+ '</html>')
.setWidth(90).setHeight(1);
SpreadsheetApp.getUi().showModalDialog(html, "Open ...");
}
/**
* Logs the redict URI to register.
*/
function logRedirectUri() {
Logger.log(OAuth2.getRedirectUri());
}
1条答案
按热度按时间ctzwtxfj1#
出现此问题的原因是脚本正在使用脚本存储(
PropertiesService.getScriptProperties())存储OAuth授权令牌。可以通过改用用户存储(PropertiesService.getUserProperties())来修复此问题。使用“脚本存储区”存储所有用户的属性
使用“文档存储”可以存储每个文件的属性,而不管哪个用户使用该文件。
使用用户存储来存储每个用户的属性,无论使用的是什么文件