On my GCP VM (ubuntu) server, if I run:
gcloud init
in the terminal, and log in as my username (NOT A SERVICE ACCOUNT), e.g. my.name#companyname.com, then I can be authenticated as my user self, and am authenticated for all gcp related python functions.
>>> import google.auth
>>> credentials, project = google.auth.default()
UserWarning: Your application has authenticated using end user credentials from Google Cloud SDK without a quota project. You might receive a "quota exceeded" or "API not enabled" error. We recommend you rerun `gcloud auth application-default login` and make sure a quota project is added. Or you can use service accounts instead. For more information about service accounts, see https://cloud.google.com/docs/authentication/
warnings.warn(_CLOUD_SDK_CREDENTIALS_WARNING)
However, when I follow the same process on my local windows machine, I get this error:
>>> import google.auth
>>> credentials, project = google.auth.default()
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "C:\ProgramData\Anaconda3\lib\site-packages\google\auth\_default.py", line 354, in default
raise exceptions.DefaultCredentialsError(_HELP_MESSAGE)
google.auth.exceptions.DefaultCredentialsError: Could not automatically determine credentials. Please set GOOGLE_APPLICATION_CREDENTIALS or explicitly create credentials and re-run the
application. For more information, please see https://cloud.google.com/docs/authentication/getting-started
I do not want to use a service account. I want to be authenticated using end user credentials (Without using flow).
Solution:
Run
gcloud auth application-default login
in the windows machine, and login as the user you want.
Related
i would like to connect to a user in my gitlab server.
i connect to the gitlab server:
import gitlab
gl = gitlab.Gitlab('http://10.0.0.120')
print(gl.users.list())
the connect to the server not getting me any errors but after adding the line:
print(gl.users.list())
i get this error:
raise error(e.error_message, e.response_code, e.response_body) from e
gitlab.exceptions.GitlabListError: 403: 403 Forbidden - Not authorized to access /api/v4/users
how can i fix this?
thanks.
Usually, we use the terminal to connect to gitlab users. You can follow the following steps:
Call the terminal with "ctrl+~" in vscode
Use command git init
Configure user name and mailbox:
git config --global user.name “user.name"
git config --global user.email "user.email"
When I do
remote = f"https://{username}:{password}#github.com/user/repo"
git.Repo.clone_from(remote, 'repo')
I get to clone the repository with my personal credentials.
But if I try an app credentials
remote = f"https://x-access-token:{token}#github.com/user/repo.git"
git.Repo.clone_from(remote, 'repo')
I get
remote: Invalid username or password. fatal: Authentication failed for
'https://github.com/user/repo'
I have installed the app and added it to the repository integrations. It has content permissions to read and write.
I am using the client secret as the token.
Hi I want to use pygsheets to log events to my google spreadsheet. This will be scheduled thus deployed in a web server particularly Heroku.
I am only using these lines to authenticate:
import pygsheets
gc = pygsheets.authorize()
Running locally, it works fine since I have to copy the authentication link and paste the code afterwards. But what if it's on Heroku.
I get these logs on Heroku:
2018-09-06T03:48:25.234859+00:00 app[web.1]: Your browser has been opened to visit:
2018-09-06T03:48:25.234861+00:00 app[web.1]:
2018-09-06T03:48:25.234870+00:00 app[web.1]: https://accounts.google.com/o/oauth2/auth?client_id=XXXXXXXX-iXXXXXXXXXXXXXX.apps.googleusercontent.com&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2F&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fspreadsheets+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fdrive&access_type=offline&response_type=code
2018-09-06T03:48:25.234872+00:00 app[web.1]:
I tried copying the link, it asked me to login. The endpoint was this link:
http://localhost:8080/?code=4/UgAXXXX6cdAt5Cnuj7yvTeoUgtfWyCvi8e2Rw-cxWiBVhACvom1qVgln0OfE1mOz3zENCXXXXvsOU4daXxI#
I am not sure why it is localhost.
I also research about authenticating Google Cloud Services for Heroku and bumped into this LINK.
I created another Service Account Key.
and wrote on my CLI:
$ heroku config:set GOOGLE_APPLICATION_CREDENTIALS=‘keyFile.json’
But it still doesn't solve the problem.
I still get these logs:
2018-09-06T03:55:59.083071+00:00 app[web.1]: Your browser has been opened to visit:
2018-09-06T03:55:59.083072+00:00 app[web.1]:
2018-09-06T03:55:59.083075+00:00 app[web.1]: https://accounts.google.com/o/oauth2/auth?client_id=XXXXX-isqd84kjnfu7o6XXXX6p79crvco2ms.apps.googleusercontent.com&redirect_uri=http%3A%2F%2Flocalhost%3A8090%2F&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fspreadsheets+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fdrive&access_type=offline&response_type=code
2018-09-06T03:55:59.083076+00:00 app[web.1]:
2018-09-06T03:55:59.083078+00:00 app[web.1]: If your browser is on a different machine then exit and re-run this
2018-09-06T03:55:59.083080+00:00 app[web.1]: application with the command-line parameter
2018-09-06T03:55:59.083082+00:00 app[web.1]:
2018-09-06T03:55:59.083084+00:00 app[web.1]: --noauth_local_webserver
My directory BTW,
- app.py
- client_secret.json
- keyfile.json
- Procfile
- requirements.txt
More:
I also tried using:
gc = pygsheets.authorize(service_account_file='keyfile.json')
But the same output on Heroku.
I think your issue is you are using different version of pygsheets on your local and on Heroku. On your local you are using master version. but on the server you are using 1.1.4, which needs to set a outh_nonlocal param to enable oauthorization in server. also the param for the service_account was changed from service_file.
anyone using django_auth_ldap against an active directory server
I am trying to set up auth through django_auth_ldap and am having an issue.
if i run my auth from the django interactive shell the auth works fine.
example from the shell
>>> from django.contrib.auth import authenticate
>>> authenticate(username='#############',password='*************')
search_s('ou=People, o=hp.com', 2, '(uid=%(user)s)') returned 1 objects: uid=###########,ou=people,o=hp.com
Populating Django ###########
Django user ########## does not have a profile to populate
<User:########## >
but the same code from within a view in the app fails with
Caught LDAPError while authenticating ##########: SERVER_DOWN({'desc': "Can't contact LDAP server"},)
I figured it out. I decided I would set up remote debugging so that I could step through the process and see where it was failing in that process I found that the httpd process was being prevented (by selinux) from making a network connection back to my eclipse IDE fixing this fixed the app. I think selinux was preventing the app from connecting to the ldap server. When I got my debug environment all worked out and stepped through it all worked fine !
the command to allow httpd to make a network connection
as root
setsebool -P httpd_can_network_connect 1
I am trying to run gae app without dev_appserver.py, and have following error
AssertionError: No api proxy found for service "xmpp"
room = webrtc.Room.get_by_key_name(room_key)
I found in the app.yaml inbound_services:
- channel_presence
How to enable channel_presence directly in application.py
Unless otherwise specified, libraries included with the App Engine SDK are expected only to work within the App Engine environment. You cannot just import the XMPP library included with the App Engine SDK and expect it to work in a non-GAE application.