I'm attempting to query data from the Google Analytics API. I've setup my credentials, and I am able to get the following code to run on my Windows local machine. However, when I run from the Ubuntu command line, it forces an SSL browser window to open at the following step:
service = initialize_service()
All code is below:
import httplib2
from apiclient.discovery import build
from oauth2client.client import flow_from_clientsecrets
from oauth2client.file import Storage
from oauth2client.tools import run
import sys
from apiclient.errors import HttpError
from oauth2client.client import AccessTokenRefreshError
CLIENT_SECRETS = 'C:\Users\mds78\Documents\code\google\client_secrets.json'
MISSING_CLIENT_SECRETS_MESSAGE = '%s is missing' % CLIENT_SECRETS
FLOW = flow_from_clientsecrets(CLIENT_SECRETS, scope='https://www.googleapis.com/auth/analytics.readonly', message=MISSING_CLIENT_SECRETS_MESSAGE)
TOKEN_FILE_NAME = 'analytics.dat'
def prepare_credentials():
storage = Storage(TOKEN_FILE_NAME)
credentials = storage.get()
if credentials is None or credentials.invalid:
credentials = run(FLOW, storage)
return credentials
def initialize_service():
http = httplib2.Http()
credentials = prepare_credentials()
http = credentials.authorize(http)
return build('analytics', 'v3', http=http)
service = initialize_service()
Related
I am running airflow in docker. I create an airflow Google Cloud connection through web server GUI on my localhost:8080. In python code, I want to read data in Gsheet to with GoogleBaseHook as:
import json
from googleapiclient.discovery import build
from airflow.providers.google.common.hooks.base_google import GoogleBaseHook
from oauth2client.service_account import ServiceAccountCredentials
gcp_hook = GoogleBaseHook(gcp_conn_id="spx-service-account")
cred_dict = json.loads(gcp_hook._get_field('keyfile_dict'))
SCOPES = ['https://www.googleapis.com/auth/spreadsheets', 'https://www.googleapis.com/auth/drive']
creds = ServiceAccountCredentials.from_json_keyfile_dict(cred_dict, scopes=SCOPES)
service = build('sheets', 'v4', credentials=creds, cache_discovery=False)
sheet = service.spreadsheets()
result = sheet.values().get(spreadsheetId="1yN3atY6NG7PfY8yNcNAiVqURra8WtQJWCKXc-ccymk0", range="Sheet1!A1:B4").execute()['values']
But executing the code above shows Failed to retrieve access token. 405 Not Allowed
Error:
Does anyone know what causes this error and how I can solve it? Thank you.
Oops, it ends up to be something wrong with my keyfile JSON. I have no idea why those token_uri is encoded when I downloaded it from my Gmail (tech team sent it to us via email) and opened it with my windows laptop. If your credential is correct, the code below should work:
import json
from googleapiclient.discovery import build
from airflow.providers.google.common.hooks.base_google import GoogleBaseHook
from oauth2client.service_account import ServiceAccountCredentials
gcp_hook = GoogleBaseHook(gcp_conn_id="spx-service-account")
cred_dict = json.loads(gcp_hook._get_field('keyfile_dict'))
SCOPES = ['https://www.googleapis.com/auth/spreadsheets', 'https://www.googleapis.com/auth/drive']
creds = ServiceAccountCredentials.from_json_keyfile_dict(cred_dict, scopes=SCOPES)
service = build('sheets', 'v4', credentials=creds, cache_discovery=False)
sheet = service.spreadsheets()
result = sheet.values().get(spreadsheetId="1yN3atY6NG7PfY8yNcNAiVqURra8WtQJWCKXc-ccymk0", range="Sheet1!A1:B4").execute()['values']
I'm deleting disks in GKE cluster.I'm using my JSON-key credentials to delete the disk associated with a specific cluster.
Python
from google.cloud import storage
from googleapiclient import discovery
from oauth2client.client import GoogleCredentials
credentials = storage.Client.from_service_account_json("json_key")
service = discovery.build('compute','v1',credentials=credentials)
project = #PROJECT-NAME#
zone = #ZONE-NAME#
disk = [#list of disks]
for i in disk:
request = service.disks().delete(project=project, zone=zone, disk=disk)
response = request.execute()
print(response)
While executing I'm facing an error 'Client' object has no attribute 'authorize'.Where I'm going wrong here?
How to delete the disks for a specific cluster.Is ther any other way to do this.
Thanks.
Instead of storage you can try with ServiceAccountCredentials by following the link and try below sample:
from pprint import pprint
from googleapiclient import discovery
from oauth2client.client import GoogleCredentials
from oauth2client.service_account import ServiceAccountCredentials
credentials = ServiceAccountCredentials.from_json_keyfile_name(
'key.json',
scopes='https://www.googleapis.com/auth/cloud-platform')
service = discovery.build('compute', 'v1', credentials=credentials)
My scenario: I need to call the Google DBM API using google-api-python-client from a Cloud Function using a service account.
Update
Here the sample code I trying to run:
import google.auth
from googleapiclient.discovery import build
from google.auth.transport import requests
API_NAME = 'doubleclickbidmanager'
API_VERSION = 'v1.1'
SCOPES = ['https://www.googleapis.com/auth/doubleclickbidmanager']
credentials, project_id = google.auth.default(scopes=SCOPES)
print(credentials.service_account_email)
# prints "default"
credentials.refresh(requests.Request())
print(credentials.service_account_email)
# prints "[service-account]#[project].iam.gserviceaccount.com"
service = build(API_NAME, API_VERSION, credentials=credentials)
service.queries().listqueries().execute()
# local: return the queries
# in CF: Encountered 403 Forbidden with reason "insufficientPermissions"
When I run locally setting the environment variable GOOGLE_APPLICATION_CREDENTIALS=keyfile.json works fine.
But when running in the Cloud Function I got the 403 error.
The keyfile.json use the same service account [service-account]#[project].iam.gserviceaccount.com setted in the Cloud Function.
You have to force the library to generate a token to force it to fulfill all its fields. For this, simply call a retry, like this
import google.auth
credentials, project_id = google.auth.default(scopes=SCOPES)
from google.auth.transport import requests
credentials.refresh(requests.Request())
print(credentials._service_account_email)
build(API_NAME, API_VERSION, credentials=credentials)
I am using python to upload or download files on Google Drive. This is the most important part of my code:
from httplib2 import Http
from oauth2client import file, client, tools
from apiclient.http import MediaFileUpload
from apiclient import errors
import io
from apiclient.http import MediaIoBaseDownload
from apiclient import errors
import os
import csv
#####################################
try :
import argparse
flags = argparse.ArgumentParser(parents=[tools.argparser]).parse_args()
except ImportError:
flags = None
SCOPES = 'https://www.googleapis.com/auth/drive.file'
store = file.Storage('storage.json')
creds = store.get()
if not creds or creds.invalid:
print("Create new data storage file ...")
flow = client.flow_from_clientsecrets('client_secrets.json', SCOPES)
flow.redirect_uri = client.OOB_CALLBACK_URN
authorize_url = flow.step1_get_authorize_url()
creds = tools.run_flow(flow, store, flags) \
if flags else tools.run(flow, store)
print ("Storage")
DRIVE = build('drive', 'v2', http=creds.authorize(Http()))
The python-script worked fine for 2 month. But since yesterday I get this error if I start my script:
400. That’s an error.
Error: admin_policy_enforced
Company security policies do not allow this app to connect to your Company account data. Please contact your local helpdesk for any support.
Request Details
client_id=XXXYYYZZZ.apps.googleusercontent.com
redirect_uri=urn:ietf:wg:oauth:2.0:oob
scope=https://www.googleapis.com/auth/drive.file
access_type=offline
response_type=code
My admin rights have not been changing till now. Do someone have an idea?
I am trying to write a python program that will access my gmail account through the gmail API using account services. I followed all the steps in the Using OAuth 2.0 for Server to Server Applications
here is my code:
from __future__ import print_function
import httplib2
import os
from apiclient.discovery import build
from httplib2 import Http
from oauth2client import client
from oauth2client import tools
from oauth2client.file import Storage
from oauth2client.service_account import ServiceAccountCredentials
try:
import argparse
flags = argparse.ArgumentParser(parents=[ tools.argparser]).parse_args()
except ImportError:
flags = None
def main():
SCOPES = ['https://www.googleapis.com/auth/gmail.modify']
APPLICATION_NAME = 'Gmail Application'
credentials = ServiceAccountCredentials.from_json_keyfile_name(
'MyKeyFile.json', scopes=SCOPES)
http_auth = credentials.authorize(Http())
service = build('gmail', 'v1', http=http_auth)
results = service.users().labels().list(userId='myemail#gmail.com').execute()
labels = results.get('labels', [])
if not labels:
print('No labels found.')
else:
print('Labels:')
for label in labels:
print(label['name'])
if __name__ == '__main__':
main()
When I run this i get a an error 400 Bad Request.
Anyone encountered this issue. I have been changing things around foro a couple of days now and nothing has worked: I used the service ID instead of my email, I used p12 credentials api, created new projects and new account services with new keys... you name it. I'm hitting a wall. Can anyone help?
Thanks
You should to Enable your API on Dashboard in your API Manager menu here
Then, choose you interested in API
Finally, you'll see something like this