Google 云 API PHP 使用服务帐户的客户端身份验证
Google Cloud API PHP Client Authentication using Service Account
我正在使用 PHP 处理一个项目,需要使用 PHP 客户端库实施 Google 云 API,但身份验证似乎对我不起作用。
我已经创建了一个服务帐户并授予项目所有者权限,我不想使用 GOOGLE_DEFAULT_CREDENTIALS 环境变量进行身份验证,我想使用服务帐户身份验证。
这是我尝试过的方法:
require 'vendor/autoload.php';
use Google\Cloud\Core\ServiceBuilder;
use Google\Cloud\Storage\StorageClient;
// Authentication with Google Cloud Platform
$client = new ServiceBuilder([
'keyFilePath' => 'api-project-374381085870-eaf930d9ffd7.json'
]);
$client = new StorageClient();
$bucket = $client->bucket('storage_client');
// Upload a file to the bucket.
$bucket->upload(
fopen('file.txt', 'r')
);
但它 returns 错误为:
Warning: file_get_contents(/Users/abdul/.config/gcloud/application_default_credentials.json): failed to open stream: Permission denied in /Applications/XAMPP/xamppfiles/htdocs/storage/vendor/google/auth/src/CredentialsLoader.php on line 102
Warning:
file_get_contents(/Users/abdul/.config/gcloud/application_default_credentials.json):
failed to open stream: Permission denied in
/Applications/XAMPP/xamppfiles/htdocs/storage/vendor/google/auth/src/CredentialsLoader.php
on line 102
Fatal error: Uncaught exception
'Google\Cloud\Core\Exception\ServiceException' with message '{
"error": { "errors": [ { "domain": "global", "reason": "authError",
"message": "Invalid Credentials", "locationType": "header",
"location": "Authorization" } ], "code": 401, "message": "Invalid
Credentials" } } ' in
/Applications/XAMPP/xamppfiles/htdocs/storage/vendor/google/cloud-core/src/RequestWrapper.php:263
Stack trace: #0
/Applications/XAMPP/xamppfiles/htdocs/storage/vendor/google/cloud-core/src/RequestWrapper.php(168):
Google\Cloud\Core\RequestWrapper->convertToGoogleException(Object(GuzzleHttp\Exception\ClientException))
1 /Applications/XAMPP/xamppfiles/htdocs/storage/vendor/google/cloud-core/src/Upload/MultipartUploader.php(65):
Google\Cloud\Core\RequestWrapper->send(Object(GuzzleHttp\Psr7\Request),
Array) #2
/Applications/XAMPP/xamppfiles/htdocs/storage/vendor/google/cloud-storage/src/Bucket.php(283):
Google\Cloud\Core\Upload\MultipartUploader->upload() #3
/Applications/XAMPP/xamppf in
/Applications/XAMPP/xamppfiles/htdocs/storage/vendor/google/cloud-core/src/RequestWrapper.php
on line 263
请帮帮我!
提前致谢!
密钥文件配置必须提供给被调用的客户端。 ServiceBuilder 通常很方便,因为它允许您使用您的配置创建单个实例,并将该配置传递给每个新客户端。
在您的示例中,您创建了一个带有密钥文件的 ServiceBuilder 实例,但您并未使用该实例调用 Storage。
两个选项:
use Google\Cloud\Core\ServiceBuilder;
$cloud = new ServiceBuilder([
'keyFilePath' => 'my-keyfile.json'
]);
$storage = $cloud->storage();
或
use Google\Cloud\Storage\StorageClient;
$storage = new StorageClient([
'keyFilePath' => 'my-keyfile.json'
]);
在这两个示例中,$storage 应该经过身份验证并可以使用!
此问题是由于您创建 StorageClient 对象和指定私钥文件参数的方式造成的。
您可以在 Google Cloud Platform 站点上找到以下 Pass the path to the service account key in code 示例,这对您的问题非常有用:
namespace Google\Cloud\Samples\Auth;
// Imports the Google Cloud Storage client library.
use Google\Cloud\Storage\StorageClient;
function auth_cloud_explicit($projectId, $serviceAccountPath)
{
# Explicitly use service account credentials by specifying the private key
# file.
$config = [
'keyFilePath' => $serviceAccountPath,
'projectId' => $projectId,
];
$storage = new StorageClient($config);
# Make an authenticated API request (listing storage buckets)
foreach ($storage->buckets() as $bucket) {
printf('Bucket: %s' . PHP_EOL, $bucket->name());
}
}
我正在使用 PHP 处理一个项目,需要使用 PHP 客户端库实施 Google 云 API,但身份验证似乎对我不起作用。 我已经创建了一个服务帐户并授予项目所有者权限,我不想使用 GOOGLE_DEFAULT_CREDENTIALS 环境变量进行身份验证,我想使用服务帐户身份验证。
这是我尝试过的方法:
require 'vendor/autoload.php';
use Google\Cloud\Core\ServiceBuilder;
use Google\Cloud\Storage\StorageClient;
// Authentication with Google Cloud Platform
$client = new ServiceBuilder([
'keyFilePath' => 'api-project-374381085870-eaf930d9ffd7.json'
]);
$client = new StorageClient();
$bucket = $client->bucket('storage_client');
// Upload a file to the bucket.
$bucket->upload(
fopen('file.txt', 'r')
);
但它 returns 错误为:
Warning: file_get_contents(/Users/abdul/.config/gcloud/application_default_credentials.json): failed to open stream: Permission denied in /Applications/XAMPP/xamppfiles/htdocs/storage/vendor/google/auth/src/CredentialsLoader.php on line 102
Warning: file_get_contents(/Users/abdul/.config/gcloud/application_default_credentials.json): failed to open stream: Permission denied in /Applications/XAMPP/xamppfiles/htdocs/storage/vendor/google/auth/src/CredentialsLoader.php on line 102
Fatal error: Uncaught exception 'Google\Cloud\Core\Exception\ServiceException' with message '{ "error": { "errors": [ { "domain": "global", "reason": "authError", "message": "Invalid Credentials", "locationType": "header", "location": "Authorization" } ], "code": 401, "message": "Invalid Credentials" } } ' in /Applications/XAMPP/xamppfiles/htdocs/storage/vendor/google/cloud-core/src/RequestWrapper.php:263 Stack trace: #0 /Applications/XAMPP/xamppfiles/htdocs/storage/vendor/google/cloud-core/src/RequestWrapper.php(168): Google\Cloud\Core\RequestWrapper->convertToGoogleException(Object(GuzzleHttp\Exception\ClientException))
1 /Applications/XAMPP/xamppfiles/htdocs/storage/vendor/google/cloud-core/src/Upload/MultipartUploader.php(65):
Google\Cloud\Core\RequestWrapper->send(Object(GuzzleHttp\Psr7\Request), Array) #2 /Applications/XAMPP/xamppfiles/htdocs/storage/vendor/google/cloud-storage/src/Bucket.php(283): Google\Cloud\Core\Upload\MultipartUploader->upload() #3 /Applications/XAMPP/xamppf in /Applications/XAMPP/xamppfiles/htdocs/storage/vendor/google/cloud-core/src/RequestWrapper.php on line 263
请帮帮我!
提前致谢!
密钥文件配置必须提供给被调用的客户端。 ServiceBuilder 通常很方便,因为它允许您使用您的配置创建单个实例,并将该配置传递给每个新客户端。
在您的示例中,您创建了一个带有密钥文件的 ServiceBuilder 实例,但您并未使用该实例调用 Storage。
两个选项:
use Google\Cloud\Core\ServiceBuilder;
$cloud = new ServiceBuilder([
'keyFilePath' => 'my-keyfile.json'
]);
$storage = $cloud->storage();
或
use Google\Cloud\Storage\StorageClient;
$storage = new StorageClient([
'keyFilePath' => 'my-keyfile.json'
]);
在这两个示例中,$storage 应该经过身份验证并可以使用!
此问题是由于您创建 StorageClient 对象和指定私钥文件参数的方式造成的。
您可以在 Google Cloud Platform 站点上找到以下 Pass the path to the service account key in code 示例,这对您的问题非常有用:
namespace Google\Cloud\Samples\Auth;
// Imports the Google Cloud Storage client library.
use Google\Cloud\Storage\StorageClient;
function auth_cloud_explicit($projectId, $serviceAccountPath)
{
# Explicitly use service account credentials by specifying the private key
# file.
$config = [
'keyFilePath' => $serviceAccountPath,
'projectId' => $projectId,
];
$storage = new StorageClient($config);
# Make an authenticated API request (listing storage buckets)
foreach ($storage->buckets() as $bucket) {
printf('Bucket: %s' . PHP_EOL, $bucket->name());
}
}