Google Workspace Add-ons for Gmail allow access the currently-open email in the API on contextualTrigger with the scope:
https://www.googleapis.com/auth/gmail.addons.current.message.readonly
An access token must be passed using GmailApp.setCurrentMessageAccessToken(accessToken) in order to grant access to this currently opened email:
var accessToken = e.gmail.accessToken;
var messageId = e.gmail.messageId;
// The following function enables short-lived access to the current
// message in Gmail. Access to other Gmail messages or data isn't
// permitted.
GmailApp.setCurrentMessageAccessToken(accessToken);
var mailMessage = GmailApp.getMessageById(messageId);
From the above documentation:
setCurrentMessageAccessToken(accessToken)Sets the current message access token that enables the script to access the current
GmailMessageproperties.Only Gmail add-on projects using Gmail current message scopes require this method.
Unfortunately, the link to the pages on access tokens and current message scopes are at current both broken and result in 404 pages, so I can't find out more information from here.
How can one achieve the same funcitonality using the Gmail API directly instead of GmailApp?
The documentation for Gmail: users.messages.get states that https://www.googleapis.com/auth/gmail.addons.current.message.readonly is a valid scope to call this method, however, there does not seem to be an equivalent of GmailApp.setCurrentMessageAccessToken(accessToken) for the Gmail API.
ScriptApp.getOAuthToken() - as per this documentation, "The access token than enables Gmail scopes is not the same as the access token returned by ScriptApp.getOAuthToken(). You must use the token provided in the action event object."Authorization: Bearer header also throws a 403 error.The saught functionality would akin to:
var accessToken = e.gmail.accessToken
var messageId = e.gmail.messageId
Gmail.setCurrentMessageAccessToken(accessToken) // made up method
var mailMessage = Gmail.Users.Messages.get("me", messageId)
I think that in that case, in order to include the access token, how about directly requesting to the endpoint of the Gmail API using UrlFetchApp? When your script is converted, it becomes as follows. In this case, the scope can be selected from Authorization Scopes.
var accessToken = "###";
var messageId = "###";
var userId = "me";
var url = `https://gmail.googleapis.com/gmail/v1/users/${userId}/messages/${messageId}`;
var res = UrlFetchApp.fetch(url, {headers: {authorization: `Bearer ${accessToken}`}});
console.log(res.getContentText())
Your goal is as follows.
You want to use the method of "users.messages.get" of Gmail API using the scope of
gmail.addons.current.message.readonly.
From our discussions in the comment, I summarized the current situation as follows.
When I checked the including scopes from the access token retrieved by ScriptApp.getOAuthToken() for the GAS project which set the manifest file, I could confirm that the scopes of gmail.addons.current.message.readonly and script.external_request.
When I saw the official document, in order to use the method of "users.messages.get", gmail.addons.current.message.readonly is shown as Requires one of the following OAuth scopes:.
But, when the scope of gmail.addons.current.message.readonly is used for the method of "users.messages.get", such error like Missing access token for authorization. occurs.
When the scope of gmail.readonly is included, the error could be removed.
From above situation, how about reporting this to the Google issue tracker? Ref