I'd like to use Google Drive to work as a quasi-CMS for a website I'm making so that the content owners can edit their content using Google Drive. I'd like to use a specific user account that has access to Google Drive (as of writing this post, service accounts DO NOT have direct access to Google Drive) and is able to share documents with the content owners.
After reading through the API and tutorials, I have found the answer in delegation: https://developers.google.com/drive/delegation
My main issue with this process is that the website is not managed by Google Apps and therefore the steps outlined in 'Delegate domain-wide authority to your service account' confuse me - it seems like it should be possible to handle this delegation without using Google Apps, but after searching through the settings in Google Drive for my specific user account, I can't seem to find the ability to authorize impersonation.
A snippet of the code I'm using:
static public function getService() {
$key = file_get_contents(GOOGLEAPI_KEYFILE);
$auth = new Google_AssertionCredentials(GOOGLEAPI_SERVICE_EMAIL, array(GOOGLEAPI_SCOPE), $key);
$auth->setPrn(GOOGLEAPI_IMPERSONATION);
self::$apiClient = new Google_Client();
self::$apiClient->setUseObjects(true);
self::$apiClient->setAssertionCredentials($auth);
return new Google_DriveService(self::$apiClient);
}
GOOGLEAPI_IMPERSONATION is the specific user account and when I run this code, the exception states:
Error refreshing the OAuth2 token, message: '{ "error" : "access_denied" }
Anyone offer any assistance? Am I misunderstanding a fundamental concept of how oAuth works in terms of delegation?
