google-cloud-platformoauth-2.0google-oauthgoogle-cloud-shell
How to run flow.InstalledAppFlow run_local_server() from a google cloud shell?
I run some CLI python code from the cloud terminal.
The code calls "google_auth_oauthlib" library.
auth_flow = flow.InstalledAppFlow.from_client_secrets_file(client_secrets_file=client_secret_json_file_fath, scopes=scopes)
auth_flow.run_local_server()
I get in the cloud terminal an authentication url to click on. I pass the consent screen and I'm redirected to a localhost in the browser, which obviously cannot be resolved.
How can I get the secrets from google-cloud terminal?
Solution
What you should do is something like this.
def build_service(credentials, scope, user_token):
creds = None
if os.path.exists(user_token):
creds = Credentials.from_authorized_user_file(user_token, scope)
# If there are no (valid) user credentials available, prompt the user to log in.
if not creds or not creds.valid:
if creds and creds.expired and creds.refresh_token:
creds.refresh(Request())
else:
flow = InstalledAppFlow.from_client_secrets_file(
credentials, scope)
creds = flow.run_local_server(port=0)
# Save the credentials for the next run
with open(user_token, 'w') as token:
token.write(creds.to_json())
try:
return build('drive', 'v3', credentials=creds)
except HttpError as error:
# TODO(developer) - any errors returned.
print(f'An error occurred: {error}')
# Get an authorized Google Drive service object.
google_api_service = build_service(APPLICATION_CREDENTIALS, SCOPES, USER_TOKENS)
If you run this code on your machine once. It will store the refresh token in the user_tokens file. then you can upload it to your cloud server and when it runs it will use that token file.
although it would probably be easer to use a service account if you can.
- Getting random "User not found in file /etc/passwd" error on Cloud Run Job
- Deploying to Cloud Run with a custom service account failed with iam.serviceaccounts.actAs error
- Deploying a pelican site to Google Cloud Run with Dockerfile not working
- Is there a good explanation of resource labels versus metric labels?
- Why do I set the resource type when writing the metric but not when creating a descriptor?
- google-github-actions/get-gke-credentials failed with: required "container.clusters.get" permission(s)
- GA4 Data Not Retained for More Than 60 Days Despite BigQuery Table Expiration Set to 'Never
- How to list all enabled API services for Google Cloud Platform project
- Google Cloud calendar API connection error
- Downloading a folder from cloud storage in GitHub action and move it inside a docker container is not working
- How to fix CloudRun error 'The request was aborted because there was no available instance'
- Google Cloud Build with Dockerfile and copy files
- Firebase CLI console: Cannot find module @google-cloud/tasks
- Does Cloud SQL have a query console or is CLI the only option?
- How to use Google Cloud Shell with the new Windows Terminal
- Why does GKE kubernetes cluster need a version?
- Unable to Read Mounted GCSFuse Directory After Adding --implicit-dirs Option
- Error: 10: Developer console is not set up correctly (Not Using Firebase) (One Tap sign-up)
- Connection between Private GKE and Cloud SQL
- Kubernetes cluster architecture
- Validating PubSub message against AVRO JSON schema with multiple union types
- Can i run cloud run jobs locally
- How to log SSL/TLS Handshake details on Google Cloud Load Balancer
- Utilizing Gemini: Through Vertex AI or through Google/generative-ai?
- How to use Puppeteer in 2nd gen Cloud Functions?
- GCP Logging: who created a Project?
- Connection broken: IncompleteRead in Google Cloud Run
- How do I query firestore data that is inside collections in said document?
- Why would Mysql return "error Column cannot be null"?
- Permissions error when deploying to Google App Engine using flexible environment and Dockerfile