I'm trying to set up Google's push PubSub to my server to receive Gmail push notifications.
I'm getting the following scopes:
- https://mail.google.com/
- https://www.googleapis.com/auth/cloud-platform
- https://www.googleapis.com/auth/pubsub
- https://www.googleapis.com/auth/gmail.modify
- https://www.googleapis.com/auth/gmail.readonly
It works to create a topic, subscribe to that topic, grant access to the Gmail API on that topic but it fails when I'm trying to watch my inbox. I have followed this guide: https://developers.google.com/gmail/api/guides/push and this is the code I'm using to do the steps above:
var rp = require('request-promise');
// Step 1. Create a topic
rp({
url: 'https://pubsub.googleapis.com/v1/projects/projectId/topics/mailSync',
method: 'PUT',
headers: {
Authorization: 'Bearer accessToken'
}
}).then(function(response) {
console.log(response);
res.send(response);
})
.catch(function(error) {
console.log(error.message);
res.send(error.message);
});
// Step 2. Create a subscription:
rp({
url: 'https://pubsub.googleapis.com/v1/projects/projectId/subscriptions/mailSync',
method: 'PUT',
headers: {
Authorization: 'Bearer accessToken'
},
json: {
topic: 'projects/projectId/topics/mailSync',
pushConfig: {
pushEndpoint: 'https://developers.example.com/mailSyncHandler'
}
}
}).then(function(response) {
console.log(response);
res.send(response);
})
.catch(function(err) {
console.error(err);
res.status(err.statusCode).send(err.error.error.message);
});
// Step 3. Grant the Gmail API publish rights on our topic
rp({
url: "https://pubsub.googleapis.com/v1beta2/projects/projectId/topics/mailSync:setIamPolicy",
method: 'POST',
headers: {
Authorization: 'Bearer accessToken'
},
data: {
policy: {
bindings: [{
role: "roles/pubsub.publisher",
members: ["serviceAccount:[email protected]"]
}]
}
},
json: true
}).then(function(response) {
console.log(response);
res.send(response);
})
.catch(function(error) {
console.log(error.message);
res.send(error.message);
});
// Step 4. Watch my Inbox
rp({
url: "https://www.googleapis.com/gmail/v1/users/me/watch",
method: "POST",
headers: {
Authorization: 'Bearer accessToken'
},
json: {
topicName: "projects/projectId/topics/mailSync",
labelIds: ["INBOX"]
}
}).then(function(response) {
console.log(response);
res.send(response);
})
.catch(function(error) {
console.error(error);
res.send(error.message);
});
Error sending test message to Cloud PubSub projects/projectId/topics/mailSync : User not authorized to perform this action.
. Statuscode 403 – jwanglof