堆栈内存溢出
  简体   繁体   English

如何通过GAE标准从Google Cloud Endpoints在Python库中进行身份验证检查

[英]How to do authentication check in Python library from Google Cloud Endpoints on GAE standard

 原文  2017-08-12 07:20:08       python/ google-app-engine/ google-oauth/ google-cloud-endpoints/ google-cloud-endpoints-v2

问题描述

I'm trying to implement service-to-service authentication to Google Cloud Endpoints API using Google Service account, but get the following error. 我正在尝试使用Google Service帐户对Google Cloud Endpoints API实施服务到服务的身份验证,但是出现以下错误。 

Cannot decode and verify the auth token. The backend will not be able to retrieve user info (.../lib/endpoints_management/control/wsgi.py:596)
Traceback (most recent call last):
  File ".../lib/endpoints_management/control/wsgi.py", line 593, in __call__
    service_name)
  File ".../lib/endpoints_management/auth/tokens.py", line 81, in authenticate
    error)
UnauthenticatedException: (u'Cannot decode the auth token', UnicodeDecodeError('ascii', '\xc9\xad\xbd', 0, 1, 'ordinal not in range(128)'))

Value of auth_token variable passed to self.get_jwt_claims(auth_token) is : 传递给self.get_jwt_claims(auth_token)的auth_token变量的值为: 

ya29.ElmlBB1mwIfrsnURUIQg0Nv6v5UPzFR02miD4w_VywMSlWGDstpmmc5vPsmUqt5rCcho797B1HeEOgT0UBQiVfv9dlsfxSMLRf67SGwX0ceK5uTujj4_tSUXog

Looks like endpoints library is trying to decode auth_token as jwt, but auth_token is not jwt. 看起来端点库正在尝试将auth_token解码为jwt,但是auth_token不是jwt。 But maybe I'm wrong. 但是也许我错了。 Same problem occurs when I'm trying to test API using API Explorer. 当我尝试使用API​​ Explorer测试API时,会发生相同的问题。 This happens with the latest endpoints and also with older version. 最新的端点和较旧的版本都会发生这种情况。

Here is my API class: 这是我的API类: 

@endpoints.api(
    name='myapi',
    version='v1',
    api_key_required=True,
    auth_level=endpoints.AUTH_LEVEL.REQUIRED,
    scopes=(
        endpoints.EMAIL_SCOPE,
    ),
)
class MyApi(remote.Service):
    ...

And this is how i I'm accessing the API: 这就是我访问API的方式: 

credentials = ServiceAccountCredentials.from_json_keyfile_dict(
    json.loads(json_keyfile_data),
    scopes='https://www.googleapis.com/auth/userinfo.email',
)
service = build(
    name, version,
    http=credentials.authorize(Http()),
    discoveryServiceUrl=discovery_url)
...

Am I doing something from or is there a bug in Python endpoints library? 我是从Python端点库中做某事还是有bug?

1 个解决方案

解决方案1
 0  2017-08-14 08:58:13

Google Cloud Endpoints expects JWT id_token, that's the reason why self.get_jwt_claims(auth_token) fails. Google Cloud Endpoints期望使用JWT id_token,这就是self.get_jwt_claims(auth_token)失败的原因。 Here is in-depth explanation of service-to-service authentication: https://cloud.google.com/endpoints/docs/service-to-service-auth . 这是服务到服务身份验证的深入说明: https : //cloud.google.com/endpoints/docs/service-to-service-auth

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何将python的google cloud终结点与现有GAE项目集成? - How do I integrate google cloud endpoints for python with an existing GAE project? 如何在Python中将Google帐户身份验证添加到Google Cloud Endpoints - How do I add Google Account authentication to Google Cloud Endpoints in Python Google Cloud端点的自定义身份验证 - Custom Authentication for Google Cloud Endpoints GAE将图像上传到云端点[Python] - GAE upload image to cloud endpoints [Python] 通过pip安装Google Cloud Storage客户端库-Python GAE - Install Google Cloud Storage Client Library with pip — Python GAE Python:如何检查导入的模块/包/类是否来自标准库 - Python: How to check if an imported module/package/class is from standard library 如何在Google Cloud Endpoints中使用Google Python客户端? - How to use Google Python client in Google Cloud Endpoints? Google Cloud Endpoints:身份验证问题(错误403) - Google Cloud Endpoints: Authentication issues (error 403) 如何在python3标准应用引擎项目中访问谷歌云库? - How to access Google cloud library in python3 standard app engine project? 从Python项目生成Google Cloud Endpoints Android客户端类 - Generating Google Cloud Endpoints Android client classes from Python project
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM