使用Go进行Google Cloud Bigtable身份验证

huangapple go评论86阅读模式
英文:

Google Cloud Bigtable authentication with Go

问题

我正在尝试像GoDoc中那样插入一个简单的记录。但是返回了以下错误信息:

rpc error: code = 7 desc = "User can't access project: tidy-groove"

当我搜索grpc错误代码时,它说:

PermissionDenied Code = 7

// Unauthenticated indicates the request does not have valid
// authentication credentials for the operation.

我已经在控制台中启用了Bigtable,并创建了一个集群和一个服务帐号,并收到了JSON文件。我在这里做错了什么?

package main

import (
	"fmt"
	"golang.org/x/net/context"
	"golang.org/x/oauth2/google"
	"google.golang.org/cloud"
	"google.golang.org/cloud/bigtable"
	"io/ioutil"
)

func main() {
	fmt.Println("Start!")
	put()
}

func getClient() *bigtable.Client {
	jsonKey, err := ioutil.ReadFile("TestProject-7854ea9op741.json")
	if err != nil {
		fmt.Println(err.Error())
	}

	config, err := google.JWTConfigFromJSON(
		jsonKey,
		bigtable.Scope,
	) // or bigtable.AdminScope, etc.

	if err != nil {
		fmt.Println(err.Error())
	}

	ctx := context.Background()
	client, err := bigtable.NewClient(ctx, "tidy-groove", "asia-east1-b", "test1-bigtable", cloud.WithTokenSource(config.TokenSource(ctx)))

	if err != nil {
		fmt.Println(err.Error())
	}

	return client
}

func put() {
	ctx := context.Background()
	client := getClient()
	tbl := client.Open("table1")
	mut := bigtable.NewMutation()
	mut.Set("links", "maps.google.com", bigtable.Now(), []byte("1"))
	mut.Set("links", "golang.org", bigtable.Now(), []byte("1"))
	err := tbl.Apply(ctx, "com.google.cloud", mut)
	if err != nil {
		fmt.Println(err.Error())
	}
}
英文:

I'm trying to insert a simple record as in GoDoc. But this returns,

rpc error: code = 7 desc = "User can't access project: tidy-groove"

When I searched for grpc codes, it says..

PermissionDenied Code = 7

// Unauthenticated indicates the request does not have valid
// authentication credentials for the operation.

I've enabled Big table in my console and created a cluster and a service account and recieved the json. What I'm doing wrong here?

package main
import (
"fmt"
"golang.org/x/net/context"
"golang.org/x/oauth2/google"
"google.golang.org/cloud"
"google.golang.org/cloud/bigtable"
"io/ioutil"
)
func main() {
fmt.Println("Start!")
put()
}
func getClient() *bigtable.Client {
jsonKey, err := ioutil.ReadFile("TestProject-7854ea9op741.json")
if err != nil {
fmt.Println(err.Error())
}
config, err := google.JWTConfigFromJSON(
jsonKey,
bigtable.Scope,
) // or bigtable.AdminScope, etc.
if err != nil {
fmt.Println(err.Error())
}
ctx := context.Background()
client, err := bigtable.NewClient(ctx, "tidy-groove", "asia-east1-b", "test1-bigtable", cloud.WithTokenSource(config.TokenSource(ctx)))
if err != nil {
fmt.Println(err.Error())
}
return client
}
func put() {
ctx := context.Background()
client := getClient()
tbl := client.Open("table1")
mut := bigtable.NewMutation()
mut.Set("links", "maps.google.com", bigtable.Now(), []byte("1"))
mut.Set("links", "golang.org", bigtable.Now(), []byte("1"))
err := tbl.Apply(ctx, "com.google.cloud", mut)
if err != nil {
fmt.Println(err.Error())
}
}

答案1

得分: 3

我已经解决了这个问题。问题不在于代码,而是配置文件本身。所以,任何通过谷歌搜索来到这里并想要进行身份验证的人...这段代码是正确的,而且完美地工作。我做错的是以下几点。

首先,我创建了一个服务账号并获取了JSON文件。但是谷歌警告我说我不是项目的所有者,因此它不会将我添加到接受列表中,但是它仍然允许我下载JSON文件。
然后,我从控制台中删除了那个密钥,并请求项目所有者为我创建一个密钥。
他用我给定的相同名称创建了另一个密钥。由于他是所有者,没有显示任何错误/警告消息,并成功下载了JSON文件。

当我尝试使用那个密钥时...我的问题开始了。这就是我发布这个问题的原因。
在那之后,没有找到解决办法。我要求所有者删除那个密钥,并创建一个不同名称的新密钥。

然后它就起作用了!看起来,如果你尝试使用非所有者账号创建一个密钥,然后再次使用相同名称创建(在删除原始密钥之后),没有任何效果。希望这对所有人有所帮助 使用Go进行Google Cloud Bigtable身份验证

英文:

I've solved the problem. It's nothing wrong with the code, but config json itself. So anyone who out there want to authenticate and came here by google search... This code is correct and working perfectly. What I've done wrong is follows.

First I made a service account and got the json. But google warned me that im not an owner of project hence it wont be added to accept list but anyway it let me download the json.
Then I deleted that key from console and requested project owner to create a key for me.
There he has created another key with the same name I given.. And since he's the owner no error/warning msgs displayed and successfully json file was downloaded.

When I tried with that... my question begun. That's when i posted this question.
After that with no solutions. I asked owner to delete that key and create another key but with a different name..

Then it worked! It seems if you try to create a key with non-owner account and then again create with same name ( after deleting original of course ) has no effect. Hope this helps everyone out there 使用Go进行Google Cloud Bigtable身份验证

答案2

得分: 1

请看一下:helloworld.go 或者 search.go,它们使用了 GOOGLE_APPLICATION_CREDENTIALS 环境变量。

对于大多数环境来说,你甚至不需要设置 GOOGLE_APPLICATION_CREDENTIALSGoogle Cloud PlatformManaged VMs 或者 Google App Engine 都已经为你设置好了。如果你使用了 gcloud init 或者它的前身 gcloud auth login,然后再运行 gcloud config set project <projectID>,你的桌面环境也会是正确的。

英文:

Take a look at: helloworld.go or search.go which uses GOOGLE_APPLICATION_CREDENTIALS environment variable.

For most environments, you no longer even need to set GOOGLE_APPLICATION_CREDENTIALS. Google Cloud Platform, Managed VMs or Google App Engine all have the right thing set for you. Your desktop environment will also be correct if you've used gcloud init or it's predecessor gcloud auth login followed by gcloud config set project &lt;projectID&gt;.

huangapple
  • 本文由 发表于 2015年12月14日 17:07:23
  • 转载请务必保留本文链接:https://go.coder-hub.com/34263088.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定