堆栈内存溢出
  简体   繁体   English

如何使用 Rails Secrets 存储 Google API 凭据?

[英]How can I store Google API Credentials using Rails Secrets?

 原文  2021-03-30 10:37:41       ruby-on-rails/ google-api-ruby-client

问题描述

This question is similar to How can I authorize a Google Service Account without the default credentials file?此问题类似于如何在没有默认凭据文件的情况下授权 Google 服务帐户? but specifically about how to use Rails' built in secrets/credentials functionality.但特别是关于如何使用 Rails 内置的秘密/凭证功能。

I realise it needs to be JSON but when I store credentials in a private method and pass that method to json_key_io I get a NoMethodError :我意识到它需要是 JSON 但是当我将凭据存储在私有方法中并将该方法传递给json_key_io我得到一个NoMethodError

def call
  auth = Google::Auth::ServiceAccountCredentials.make_creds(
    json_key_io: credentials,
    scope: Google::Apis::ClassroomV1::AUTH_CLASSROOM_ROSTERS
  )
end

private

  def credentials
    @credentials ||= {
      type: "service_account",
      project_id: Rails.application.credentials.google[:project_id],
      private_key_id: Rails.application.credentials.google[:private_key_id],
      private_key: Rails.application.credentials.google[:private_key],
      client_email: Rails.application.credentials.google[:client_email],
      client_id: Rails.application.credentials.google[:client_id],
      auth_uri: "https://accounts.google.com/o/oauth2/auth",
      token_uri: "https://oauth2.googleapis.com/token",
      auth_provider_x509_cert_url: "https://www.googleapis.com/oauth2/v1/certs",
      client_x509_cert_url: Rails.application.credentials.google[:client_x509_cert_url],
    }.to_json
  end

NoMethodError (undefined method ``read' for "{\"type\":\"service_acco...

1 个解决方案

解决方案1
 0  2021-03-30 10:37:41

The key thing I was missing (as pointed out by miggitymac in this answer ) is that the client is expecting an IO object (a file), not a string.我缺少的关键(正如miggitymac此答案中指出的那样)是客户端期望 IO object (文件),而不是字符串。

With the addition of StringIO.new , this now works as expected:添加StringIO.new ,现在可以按预期工作:

def call
  auth = Google::Auth::ServiceAccountCredentials.make_creds(
    json_key_io: StringIO.new(credentials),
    scope: Google::Apis::ClassroomV1::AUTH_CLASSROOM_ROSTERS
  )
end

private

  def credentials
    @credentials ||= {
      type: "service_account",
      project_id: Rails.application.credentials.google[:project_id],
      private_key_id: Rails.application.credentials.google[:private_key_id],
      private_key: Rails.application.credentials.google[:private_key],
      client_email: Rails.application.credentials.google[:client_email],
      client_id: Rails.application.credentials.google[:client_id],
      auth_uri: "https://accounts.google.com/o/oauth2/auth",
      token_uri: "https://oauth2.googleapis.com/token",
      auth_provider_x509_cert_url: "https://www.googleapis.com/oauth2/v1/certs",
      client_x509_cert_url: Rails.application.credentials.google[:client_x509_cert_url],
    }.to_json
  end

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Rails,在哪里存储Google Client API的JSON凭证以及如何访问它? - Rails, where to store JSON credentials of Google Client API and how to access it? Rails将机密转换为凭据 - Rails convert secrets to credentials 如何在 Rails 中使用 Figaro 安全地存储电子邮件凭据 - How to store email credentials securely using Figaro in Rails 如何使用Rails将图像存储在Google存储中? - How to store images in google storage using rails? 如何在Rails中存储第三方服务的凭据 - How to store credentials for third party services in Rails 如何最好地在Rails中存储用户凭证 - How best to store user credentials in Rails 如何在Ruby中保存Google API凭据? - How do I save Google API credentials in Ruby? 我如何`git diff`更改为rails 5.2凭据? - How can I `git diff` changes to rails 5.2 credentials? 如何使用rails安全地存储Google Api密钥并在脚本中使用它们? - How to safely store Google Api keys with rails and use them in scripts? 如何在 Rails 4.1 中为 API_KEYS 使用 secrets.yml? - How to use secrets.yml for API_KEYS in Rails 4.1?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM