Google Cloud Storage访问客户端API [英] Google Cloud Storage access Client API

问题描述

我很难让Application Default Credientials/OAuth2.0在我的程序中起作用...

I am having a really hard time getting Application Default Credientials /OAuth2.0 thing to work in my program...

背景:

我有一个收集图像的传感器设备，我想将这些图像存储在Google Cloud存储桶中.理想情况下，只需按一下按钮即可运行代码，因此在程序运行时需要进行授权.

I have a sensor device that collects images, and I want to store these images on google cloud storage in a bucket. Ideally the code will just run at a push of a button, so the authorization would need to occur when the program runs.

通过阅读和重新阅读文档，到目前为止，这就是我要做的事情:

From reading and re-reading the docs, this is what I have going so far:

from oauth2client.client import GoogleCredentials
from google.cloud import storage
import google.auth
import os

# Establish cloud credientials with a locally
# stored service account key
home_path = os.path.expanduser('~') + "/Project/"
auth_file = "<service account access key file>.json"
auth_file_path = home_path + auth_file

# I'm trying two different ways to verify my credentials..
os.environ['GOOGLE_APPLICATION_CREDENTIALS'] = auth_file_path
credentials, project_id = google.auth.default()

# Get storage bucket for image files
storage = storage.Client(project_id)
bucket = storage.lookup_bucket('bucket0000')

结果是，我收到了一个追溯错误:

Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "<string>", line 110, in <module>
  File "/Users/joshua/anaconda/lib/python3.5/site-packages/google/cloud/storage/client.py", line 193, in lookup_bucket
    return self.get_bucket(bucket_name)
  File "/Users/joshua/anaconda/lib/python3.5/site-packages/google/cloud/storage/client.py", line 173, in get_bucket
    bucket.reload(client=self)
  File "/Users/joshua/anaconda/lib/python3.5/site-packages/google/cloud/storage/_helpers.py", line 99, in reload
    _target_object=self)
  File "/Users/joshua/anaconda/lib/python3.5/site-packages/google/cloud/_http.py", line 303, in api_request
    error_info=method + ' ' + url)
google.cloud.exceptions.Forbidden: 403 Caller does not have storage.buckets.get access to bucket bucket0000. (GET https://www.googleapis.com/storage/v1/b/bucket0000?projection=noAcl)

在我看来仍然被认为是匿名用户(通过回溯中的googleapis.com链接)

where it seems I'm still considered an anonymous user (per the googleapis.com link in the traceback)

{
 "error": {
  "errors": [
   {
    "domain": "global",
    "reason": "required",
    "message": "Anonymous users does not have storage.buckets.get access to bucket bucket0000.",
    "locationType": "header",
    "location": "Authorization"
   }
  ],
  "code": 401,
  "message": "Anonymous users does not have storage.buckets.get access to bucket bucket0000."
 }
}

再次尝试，这次使用google.auth，我创建了一个凭据变量，并观察了看起来有效的打印内容:<oauth2client.service_account._JWTAccessCredentials object at 0x107df0358>

trying again, this time with google.auth, I created a credential variable, and observing what prints it seems valid:<oauth2client.service_account._JWTAccessCredentials object at 0x107df0358>

我尝试将此凭据变量放入storage.Client()，但这似乎不起作用.

I tried putting this credentials variable into storage.Client(), but that doesn't seem to work.

# Get storage bucket for image files
storage = storage.Client(project_id, credentials=credentials)
bucket = storage.lookup_bucket('bucket0000')

>>> Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "<string>", line 6, in <module>
  File "/Users/joshua/anaconda/lib/python3.5/site-packages/google/cloud/storage/client.py", line 59, in __init__
    _http=_http)
  File "/Users/joshua/anaconda/lib/python3.5/site-packages/google/cloud/client.py", line 212, in __init__
    Client.__init__(self, credentials=credentials, _http=_http)
  File "/Users/joshua/anaconda/lib/python3.5/site-packages/google/cloud/client.py", line 126, in __init__
    raise ValueError(_GOOGLE_AUTH_CREDENTIALS_HELP)
ValueError: This library only supports credentials from google-auth-library-python. See https://google-cloud-python.readthedocs.io/en/latest/google-cloud-auth.html for help on authentication with this library

当然，此回溯将我定向到google-cloud-python.readthedocs.io页面……该页面不存在...

Of course, this traceback directs me to the page google-cloud-python.readthedocs.io ... which doesn't exist ...

是否可以在不使用控制台/网络登录的情况下使对Cloud Storage的API调用正常工作?

Any way to get API calls to the Cloud Storage to work without using the console/web log in?

非常感谢！

推荐答案

似乎您没有给凭据授予管理存储的权限.您可以在IAM或每个存储区下轻松地应用它.

It seems you didn't give your credential the authority for managing Storage. You can easily apply to it in IAM or under each bucket.

这篇关于Google Cloud Storage访问客户端API的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！