通过GMail API进行用户模拟的服务器端OAuth

我正在尝试执行服务器端OAuth，因此我可以使用我域中的特定用户帐户通过我的应用程序发送电子邮件(因此使用GMail API).

I am trying to perform server-side OAuth so I can use a specific user account in my domain to send emails (hence using GMail API) via my application.

我的是纯粹的服务器端应用程序，我无法通过用户界面执行用户同意".

Mine is a purely server-side app and I cannot perform "user consent" via a UI.

我已经在Google App Engine中创建了一个项目，并获得了服务帐户凭据(P12密钥).

I have created a project in Google App Engine and have obtained service account credentials (P12 key).

我的代码看起来像这样-

My code looks like this -

new GoogleCredential.Builder()
  .setTransport(httpTransport)
  .setJsonFactory(JSON_FACTORY)
  .setServiceAccountId(googleEmailerServiceAccountId)
  .setServiceAccountPrivateKeyFromP12File(new File(googleEmailerServiceAccountPrivateKeyLocation)).setServiceAccountScopes(Collections.singleton(GmailScopes.GMAIL_COMPOSE))
  .setServiceAccountUser("xxx@xxx.com")
  .build()

我已根据 https://developers.google.com/identity/protocols/OAuth2ServiceAccount .

当我尝试从我的应用程序发送电子邮件时，我仍然收到未经授权的401.

And I still get an Unauthorised 401 when I try to send emails from my app.

由于没有明确的Gmail API文档说允许域范围的委派，因此我猜Gmail不允许.

Since there is no explicit documentation for the Gmail API that says it allows domain wide delegation, I am guessing it is not allowed for Gmail.

有什么方法可以通过编程实现这一目标吗?

Is there any way of achieving this programatically?

任何想法将不胜感激. 谢谢！

Any idea would be much appreciated. Thanks!