无需用户交互的 Google Cloud OAuth 2.0 请求令牌 - Java

Question

I am working on a solution to read log files from the GCP for an internal process. However, i am having a difficult time trying to generate an Auth Token for the request to grab the logs needed. This is more of a flow\\context question rather than a whats wrong with my code one

The key issues i am having is that i do not want to prompt for web-browser authentication. I want to be able to do this all through API request and have no user interaction. Everywhere i have looked and all implementations i have tried, i am prompt for user interaction in some way and that is just not feasible for this solution.

How can this be achieved?

We do not have IAM enabled, so i cannot generate a JWT token. I am trying to do this through using a Service Account created using client id and client secret.

I have tried getting a "code" to pass into a request to generate an authorization token, but that has been prompting me for user authorization in the browser which will not work, even when I add the query parameter 'prompt' or 'approval_prompt' to none or force. I feel like i am missing one crucial piece to be able to achieve this flow and any help/guidance will be greatly appreciated.

Answer 1

There are several ways to authenticate API calls. If you want to do it without user interaction, you will need to use a Service Account (more info here ). The process would be the following:

You use the client ID and one private key to create a signed JWT and construct an access-token request in the appropriate format. Your application then sends the token request to the Google OAuth 2.0 Authorization Server, which returns an access token. The application uses the token to access a Google API. When the token expires, the application repeats the process.

For this, you can use Client Libraries or you can do it manually with HTTP requests directly. In the docs there is a guide to do so.