Search code examples
pythongoogle-apipycryptogoogle-api-python-clientpkcs#12

How to use a service account with Google's python api and drive?

I try to write python 2.7 script to upload a file into my personal google drive folder.

After several problems I stuck know. This is my current error:

NotImplementedError: PKCS12 format is not supported by the PyCrpto library. Try converting to a "PEM" (openssl pkcs12 -in xxxxx.p12 -nodes -nocerts > privatekey.pem) or using PyOpenSSL if native code is an option.

I already tried to run this commands, as mentiod in this question and answer.

openssl pkcs12 -in privatekey.p12 -nodes -nocerts > privatekey.pem
openssl pkcs8 -nocrypt -in privatekey.pem -passin pass:notasecret -topk8 -out pk.pem

my privatekey.p12 downloaded from the new modern fancy google developers console was original named something-0123eed.json and looked like this1:

{
  "private_key_id": "9ced108fe72345373b75b03d7e967a3f8c0084ca",
  "private_key": "-----BEGIN PRIVATE KEY-----\nxe91Tr6RHs57LKX2HivFmOQwcFoJkUPrbB6Gwy8prE...Pc9jNExo5Krp1kLrkJYxAOmUWxWwPJ4pCx7Lxc6uQQnAlKyRmnfVpdS2I0\n-----END PRIVATE KEY-----\n",
  "client_email": "[email protected]",
  "client_id": "0KsVeSAa91UtEGvY9lil.apps.googleusercontent.com",
  "type": "service_account"
}

My python code looks like this:

#!/bin/env python2.7

from apiclient.discovery import build
from apiclient.http import MediaFileUpload
import httplib2
from oauth2client.client import SignedJwtAssertionCredentials


credentials = SignedJwtAssertionCredentials(
        service_account_name='[email protected]',
        private_key=key,
        scope = [
                'https://www.googleapis.com/auth/drive',
                'https://www.googleapis.com/auth/drive.file',
                'https://www.googleapis.com/auth/drive.appdata',
                'https://www.googleapis.com/auth/drive.apps.readonly'
        ]
)

http = httplib2.Http()
http = credentials.authorize(http)

drive_folder_id = 'jhIKHOG6supMhpjPJFHffZarwxP6'


service = build('drive', 'v2', http=http)


media_body = MediaFileUpload('/path/to/superfile.gpg'), mimetype='application/pgp-encrypted')
body = {
        'title': 'superfile.gpg',
        'description': '',
        'mimeType': 'application/pgp-encrypted',
        'parents': [{'id': drive_folder_id}]
}

file = service.files().insert(
        body=body,
        media_body=media_body).execute()

1: (of course, I changed the values with junk)

Solution

  • I found the answer in this gist:

    openssl pkcs12 -passin pass:notasecret -in privatekey.p12 -nocerts -passout pass:notasecret -out key.pem
openssl pkcs8 -nocrypt -in key.pem -passin pass:notasecret -topk8 -out privatekey.pem
rm key.pem

    But before this, I had to regenerate a new privat key but in P12 format.

    generate new P12 key