Google cloud platform 403尝试使用RISC API注册接收器端点时禁止
在尝试注册我的接收器端点以开始从google接收RISC指示时,我不断得到相同的回复: 403客户端错误:url禁止: 我已经使用编辑器角色创建了服务,并使用了根据《集成指南》的要求创建的json键 这是我用来实现这一目标的配置代码:Google cloud platform 403尝试使用RISC API注册接收器端点时禁止,google-cloud-platform,secevents,Google Cloud Platform,Secevents,在尝试注册我的接收器端点以开始从google接收RISC指示时,我不断得到相同的回复: 403客户端错误:url禁止: 我已经使用编辑器角色创建了服务,并使用了根据《集成指南》的要求创建的json键 这是我用来实现这一目标的配置代码: import json import time import jwt # pip install pyjwt import requests def make_bearer_token(credentials_file): with open(cr
import json
import time
import jwt # pip install pyjwt
import requests
def make_bearer_token(credentials_file):
with open(credentials_file) as service_json:
service_account = json.load(service_json)
issuer = service_account['client_email']
subject = service_account['client_email']
private_key_id = service_account['private_key_id']
private_key = service_account['private_key']
issued_at = int(time.time())
expires_at = issued_at + 3600
payload = {'iss': issuer,
'sub': subject,
'aud': 'https://risc.googleapis.com/google.identity.risc.v1beta.RiscManagementService',
'iat': issued_at,
'exp': expires_at}
encoded = jwt.encode(payload, private_key, algorithm='RS256',
headers={'kid': private_key_id})
return encoded
def configure_event_stream(auth_token, receiver_endpoint, events_requested):
stream_update_endpoint = 'https://risc.googleapis.com/v1beta/stream:update'
headers = {'Authorization': 'Bearer {}'.format(auth_token)}
stream_cfg = {'delivery': {'delivery_method': 'https://schemas.openid.net/secevent/risc/delivery-method/push',
'url': receiver_endpoint},
'events_requested': events_requested}
response = requests.post(stream_update_endpoint, json=stream_cfg, headers=headers)
response.raise_for_status() # Raise exception for unsuccessful requests
def main():
auth_token = make_bearer_token('service_creds.json')
configure_event_stream(auth_token, 'https://MY-ENDPOINT.io',
['https://schemas.openid.net/secevent/risc/event-type/sessions-revoked',
'https://schemas.openid.net/secevent/oauth/event-type/tokens-revoked',
'https://schemas.openid.net/secevent/risc/event-type/account-disabled',
'https://schemas.openid.net/secevent/risc/event-type/account-enabled',
'https://schemas.openid.net/secevent/risc/event-type/account-purged',
'https://schemas.openid.net/secevent/risc/event-type/account-credential-change-required'])
if __name__ == "__main__":
main()
还测试了我的auth令牌,似乎如集成指南所示。
在错误代码参考表中找不到403 forbidden。您可以检查响应正文中的错误描述,并将其与列出的可能原因进行匹配