权限被拒绝使用 API 密钥从 GAE 使用 Go 访问 Bigquery
[英]Permission denied accessing Bigquery with Go from GAE using the API key
问题描述
I am trying to access data stored in Bigquery through an app I am developing on Google App Engine.
我正在尝试通过我在 Google App Engine 上开发的应用程序访问存储在 Bigquery 中的数据。 However each time I make a request I receive the error "permission denied".但是每次我发出请求时,我都会收到错误“权限被拒绝”。
I have added the application as a member of the API team for the project (I added the address @appspot.gserviceaccount.com) and I am accessing bigquery through the package code.google.com/p/google-api-go-client/bigquery/v2我已将该应用程序添加为该项目的 API 团队成员(我添加了地址@appspot.gserviceaccount.com)并且我正在通过包 code.google.com/p/google-api-go-client 访问 bigquery /大查询/v2
The following code is how I append the API key to each query:以下代码是我将 API 密钥附加到每个查询的方式:
transport := KeyedTransport{Key: <api key>, Transport: http.DefaultTransport}
client := &http.Client{Transport: transport}
err := errors.New("reached")
b, err := bigquery.New(client)
...
query := &bigquery.QueryRequest{
DefaultDataset: <perviously defined daset>
Query: <query that looks in a single table for a single result by a unique id>,
Kind: "json",
MaxResults: 1,
...
b.Jobs.Query(ProjectID, query).Do()
and the following is defined for KeyedTransport以下是为 KeyedTransport 定义的
func (t KeyedTransport) RoundTrip(req *http.Request) (*http.Response, error){
u := *req.URL
args := u.Query()
args.Set("key", t.Key)
u.RawQuery = args.Encode()
r, err := http.NewRequest(req.Method, u.String(), newBody)
resp, err := t.Transport.RoundTrip(r)
if err != nil{
return nil, errors.New("error: "+err.Error())
}
return nil, errors.New("resp: "+toJson(resp))
}
I have also ensured that the API key matches the one generated in Google API console.我还确保 API 密钥与 Google API 控制台中生成的密钥相匹配。 It was generated by another member of the team and is labeled as "Key for browser apps (with referers)" if that helps.它是由团队的另一名成员生成的,如果有帮助,它被标记为“浏览器应用程序的密钥(带引用)”。
Seeing as this is giving me so much trouble, I would make the move to Oauth2 since that seems to be much better documented for Go, but I am looking at working with some organizations that will not want to require users to have a Google login.看到这给我带来了很多麻烦,我会转向 Oauth2,因为它似乎有更好的 Go 文档记录,但我正在考虑与一些不想要求用户登录 Google 的组织合作。
1 个解决方案
解决方案1
0 已采纳 2012-07-23 01:55:06
I am not a Go expert, but it looks like you will also need to authorize your application to have access to the BigQuery API via an OAuth 2.0 flow that uses service accounts.我不是 Go 专家,但看起来您还需要授权您的应用程序通过使用服务帐户的 OAuth 2.0 流程访问 BigQuery API。 The Python and Java runtimes for App Engine support "App Engine Service Accounts" using the AppAssertionCredentials class. App Engine 的 Python 和 Java 运行时支持使用AppAssertionCredentials类的“App Engine 服务帐户”。
However, it is also possible to enable server-to-server using JWT files generated through the Google developer console .但是,也可以使用通过 Google 开发人员控制台生成的 JWT 文件启用服务器到服务器。
It may be possible to authorize access to BigQuery from the GAE Go runtime using server to server OAuth via a go-lang library that can handle JWT files ( like this , perhaps).可以通过可以处理 JWT 文件的 go-lang 库使用服务器到服务器 OAuth 从 GAE Go 运行时授权对 BigQuery 的访问(可能像这样)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.