Menu
I am learning Google Cloud Storage, the JSON api, simple upload:
https://cloud.google.com/storage/docs/json_api/v1/how-tos/simple-upload
The example says to send a post looking like this:
POST https://www.googleapis.com/upload/storage/v1/b/myBucket/o?uploadType=media&name=myObject HTTP/1.1
Content-Type: image/jpeg
Content-Length: [NUMBER_OF_BYTES_IN_FILE]
Authorization: Bearer [YOUR_AUTH_TOKEN]
[JPEG_DATA]
And then I created a "Service accounts" API.
But how do I figure out the [YOUR_AUTH_TOKEN] to use from my newly created Service account?
636
API authenticationIn the OAuth 2.0 Playground, click Cloud Storage API v1, and then select an access level for your application ( full_control , read_only , or read_write ). Click Authorize APIs. Sign in to your Google account when prompted. In the dialogue that appears, click Allow.
With a user account, you can authenticate to Google APIs and services in the following ways: Use the gcloud CLI to set up Application Default Credentials (ADC). Use the gcloud CLI to generate access tokens. Use your user credentials to impersonate a service account.
Obtain an access token manually You will need to create a JSON Web Token (JWT) and sign it with the private key, then construct an access token request in the appropriate format. After that, your application sends the token request to the Google OAuth 2.0 Authorization Server and an access token gets returned.
Google Cloud uses OAuth 2.0 to handle authentication. There are a variety of techniques for generating a token depending on your needs. If you're writing a program using one of Google's client libraries, the details are mostly taken care of for you. Google has a lengthy guide on the nitty-gritty: https://developers.google.com/identity/protocols/OAuth2
You are looking to authenticate as a service account. Service accounts generally authenticate by creating a token request document called a JWT, signing it with a private key associated with the service account, then exchanging the JWT with Google for a token. This process is described over here: https://developers.google.com/identity/protocols/OAuth2#serviceaccount
From your desktop, if you want to auth as a service account, one easy way is to use gcloud to authenticate as a service account and then ask it for a token:
$> gcloud auth activate-service-account [email protected] --key-file=creds.json
$> gcloud auth print-access-token
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
