App Engine OAuth2.0授权的cron作业分析Google表格 [英] App Engine OAuth2.0 authorized cron job to analyze Google Sheet
问题描述
我创建了一个Google App Engine项目,每5分钟自动触发一个函数来分析Google工作表。
OAuth授权
待分析工作表是一个G Suite工作表,仅供公司成员公开。所以我需要OAuth2来授权访问。我想我需要一个服务帐户客户端ID,因为这将在服务器中自动运行,所以不能有OAuth2流,对?如果函数在服务器中运行,谁将点击按钮?
我需要一些指示。
感谢
https://开发人员.google.com / identity / protocols / OAuth2ServiceAccount
最后我解决了这个问题:
- 设置一个新的App Engine服务帐户(我不知道是否真的有新的帐户)
- 记下这个新的服务帐户电子邮件
- 与该服务帐户邮件共享工作表(我尚未经过此步骤测试)
- 将其服务机密作为JSON下载。 使用此代码(启发于(1)和(2))
class analysisHandler(Handler):
def get(self):
credentials = ServiceAccountCredentials.from_json_keyfile_name('service-secrets.js on',
[https://www.googleapis.com/auth/spreadsheets])
http = httplib2.Http()
#if如果不是credentials.invalid:
logging.info(Valid credentials,enter main function)
http = credentials.authorize(http)
main(http )
其他:
credentials.refresh(http)
main(http)
然后在main()中:
sheetService = discovery。 build('sheets','v4',http = authorized_http)
logging.info(阅读Google表格)
result = sheetService.spreadsheets()。values()。get(spreadsheetId = spreadsheet_id,
urlfetch.set_default_fetch_deadline(45)
logging.info(在Google表格中打印)
sheetService.spreadsheets()。 values()。append(spreadsheetId = spreadsheet_id,range =Log ,body = body,valueInputOption =USER_ENTERED)。execute(http = authorized_http)
authorized_http 参数是之前使用credentials.authorize()构建的参数。
然而,我认为这可以得到改进。 / p>
I'm creating a Google App Engine project which is going to automatically trigger a function each 5 minutes to analyze a Google sheet.
OAuth authorization
The to-be-analyzed sheet is a G Suite sheet, public to only company members. So I need OAuth2 to authorize the access. How do I do this?
I think I need a Service Account client ID, because as this is going to run automatically in the server, there cannot be a OAuth2 flow, right? Who is going to click the buttons if the function is ran in the server?
I need some directions.
Thanks
https://developers.google.com/identity/protocols/OAuth2ServiceAccount
Finally I solved it this way:
- Setup a new App Engine service account (I don't know if a "new" one was neccesary really)
- Take note of that new service account email
- Share the Sheet with that service account mail (I've not yet tested it without this step)
- Download its service secrets as a JSON.
Use this code(inspired in (1) and (2))
class analysisHandler(Handler): def get(self): credentials = ServiceAccountCredentials.from_json_keyfile_name('service-secrets.json', ["https://www.googleapis.com/auth/spreadsheets"]) http = httplib2.Http() #if credentials are still valid if not credentials.invalid: logging.info("Valid credentials, entering main function") http = credentials.authorize(http) main(http) else: credentials.refresh(http) main(http)
Then in main():
sheetService = discovery.build('sheets', 'v4', http=authorized_http)
logging.info("Reading Google Sheet")
result = sheetService.spreadsheets().values().get(spreadsheetId=spreadsheet_id, range=range_name).execute(http=authorized_http)
urlfetch.set_default_fetch_deadline(45)
logging.info("Printing in Google Sheet")
sheetService.spreadsheets().values().append(spreadsheetId=spreadsheet_id, range="Log", body=body, valueInputOption="USER_ENTERED").execute(http=authorized_http)
Where the authorized_http parameter is the one built before with credentials.authorize()
I think this can be improved however.
(1) How to use "Service account" authorization (rather than user based access refresh tokens)
(2) Creating and sharing Google Sheet spreadsheets using Python
这篇关于App Engine OAuth2.0授权的cron作业分析Google表格的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
