I have tried the code below and it is working fine. However, it would be ideal if I could get the Signed URL with just using the OAuth 2.0 access token and the bucket name.
I tried a lot of things and still no where to go.
function getSignedURL($file, $expiryMinutes = 30)
{
$privateKeyFileContent = '{
// service account generated key
}';
$storage = new StorageClient([
'keyFile' => json_decode($privateKeyFileContent, true)
]);
$bucket = $storage->bucket("as-portal");
$object = $bucket->object($file);
$url = $object->signedUrl(
# This URL is valid for 15 minutes
new \DateTime("$expiryMinutes min"),
[
'version' => 'v4',
]
);
}
Any help would be appreciated!
Currently all methods available for signing a URL require the private key of a Service Account, as described in the Options for generating a signed URL. Therefore it is not possible to sign a URL locally without having the private key of a service account.
You can, however, sign it remotely like explained in this example. I would suggest having an App Engine service sign the urls for you, like explained in the Signing strings with Google Cloud tools section of the documentation.