Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/google-app-engine/4.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Google app engine Google云函数中的JWT认证_Google App Engine_Google Cloud Dataflow_Google Api Nodejs Client - Fatal编程技术网
Fatal编程技术网

Google app engine Google云函数中的JWT认证

google-app-engine google-cloud-dataflow

Google app engine Google云函数中的JWT认证,google-app-engine,google-cloud-dataflow,google-api-nodejs-client,Google App Engine,Google Cloud Dataflow,Google Api Nodejs Client,在使用Google Cloud函数中的模块“googleapis”调用时,我无法排除Google Dataflow API发出403响应的原因 该代码在我的PC上运行时使用的代码与在云函数上运行的代码相同。 正在从存储在Google存储桶中的对象检索JWT.json文件 代码如下所示: ... return getToken(). //Retrieves the JWT Client from Google Storage then(function (jwtToken) {

在使用Google Cloud函数中的模块“googleapis”调用时,我无法排除Google Dataflow API发出403响应的原因

该代码在我的PC上运行时使用的代码与在云函数上运行的代码相同。 正在从存储在Google存储桶中的对象检索JWT.json文件

代码如下所示:

...
return getToken(). //Retrieves the JWT Client from Google Storage
      then(function (jwtToken) {
        console.log("Token: ", JSON.stringify(jwtToken));
        return dataFlowList({
          projectId: adc.projectId,
          auth: jwtToken,
          filter: "TERMINATED"
        }).then(list => filterDataflowJobList(list))
...
这里是
getToken
函数:

...
let storage: CloudStorage.Storage = CloudStorage({
  projectId: adc.projectId
});
var bucket: CloudStorage.Bucket = storage.bucket(bucketName);

var bucketGetFiles = PromiseLab.denodeify(bucket.getFiles);

var stream = bucket.file(jwtJsonFileName).createReadStream();
return toString(stream)
  .then(function (msg) {
    var jsonJwt = JSON.parse(msg);
    var jwtClient = new google.auth.JWT(
      jsonJwt.client_email,
      null,
      jsonJwt.private_key,
      ['https://www.googleapis.com/auth/cloud-platform'], // an array of auth scopes
      null
    );
    return jwtClient;
  }).catch(function (error) {
    console.log("Error while trying to retrieve JWT json");
    throw error;
  })
}
...
我的总部设在欧盟,云功能受美国约束,会是这样吗?
数据流作业也在美国运行

在Google Function上运行时,我使用的身份验证检索方法没有检索projectId,因此未经授权

async function getADC() {
  // Acquire a client and the projectId based on the environment. This method looks
  // for the GCLOUD_PROJECT and GOOGLE_APPLICATION_CREDENTIALS environment variables.
  const res = await auth.getApplicationDefault();
  let client = res.credential;

  // The createScopedRequired method returns true when running on GAE or a local developer
  // machine. In that case, the desired scopes must be passed in manually. When the code is
  // running in GCE or a Managed VM, the scopes are pulled from the GCE metadata server.
  // See https://cloud.google.com/compute/docs/authentication for more information.
  if (client.createScopedRequired && client.createScopedRequired()) {
    // Scopes can be specified either as an array or as a single, space-delimited string.
    const scopes = ['https://www.googleapis.com/auth/cloud-platform'];
    client = client.createScoped(scopes);
  }
  return {
    client: client,
    projectId: res.projectId
  }
}
我通过查看错误日志中的头请求发现了它,它的形式为:url:“”(注意项目和作业之间的双“/”