How to run flow.InstalledAppFlow run_local_server() from a google cloud shell?
I run some CLI python code from the cloud terminal.
The code calls "google_auth_oauthlib" library.
auth_flow = flow.InstalledAppFlow.from_client_secrets_file(client_secrets_file=client_secret_json_file_fath, scopes=scopes)
auth_flow.run_local_server()
I get in the cloud terminal an authentication url to click on. I pass the consent screen and I'm redirected to a localhost in the browser, which obviously cannot be resolved.
How can I get the secrets from google-cloud terminal?
Solution
What you should do is something like this.
def build_service(credentials, scope, user_token):
creds = None
if os.path.exists(user_token):
creds = Credentials.from_authorized_user_file(user_token, scope)
# If there are no (valid) user credentials available, prompt the user to log in.
if not creds or not creds.valid:
if creds and creds.expired and creds.refresh_token:
creds.refresh(Request())
else:
flow = InstalledAppFlow.from_client_secrets_file(
credentials, scope)
creds = flow.run_local_server(port=0)
# Save the credentials for the next run
with open(user_token, 'w') as token:
token.write(creds.to_json())
try:
return build('drive', 'v3', credentials=creds)
except HttpError as error:
# TODO(developer) - any errors returned.
print(f'An error occurred: {error}')
# Get an authorized Google Drive service object.
google_api_service = build_service(APPLICATION_CREDENTIALS, SCOPES, USER_TOKENS)
If you run this code on your machine once. It will store the refresh token in the user_tokens file. then you can upload it to your cloud server and when it runs it will use that token file.
although it would probably be easer to use a service account if you can.
- what is the recommended Cloud Firestore location for Egypt and the middle east countries?
- Permissions For Google Cloud SQL Import Using Service Accounts
- Best Practices for Migrating Docker Images from Google Container Registry (GCR) to Artifact Registry with High Volume of Tags
- GCP Cloud Run: “missing required GoogleAccessID” when generating V4 Signed URL for Cloud Storage
- Flink-BigTable - Any connector?
- Increase gcloud run deploy timeout (NOT request timeout)
- Efficiently storing and getting likes in FireStore / Document DB
- Error 400 invalid JSON Payload Unknown name generationConfig on an AI API Curl command
- Google Cloud Run - Domain Mapping stuck at Certificate Provisioning
- What is the difference between Google Cloud Vision API and Mobile Vision?
- Setting GOOGLE_APPLICATION_CREDENTIALS for BigQuery Python CLI
- BigQuery Transfer Service does not copy rows from S3
- Vertex AI feature store vs BigQuery
- Random Sampling in Google BigQuery
- How to Properly Inject Service Account Credentials in Google Cloud Build for Cloud Run Deployment?
- Read JSON file directly from google storage (using Cloud Functions)
- How to Automatically Renew Let's Encrypt SSL Certificate on All-Inkl DNS and Google Cloud VM (Ubuntu)?
- How to copy a table in Big Query, with primary keys
- How to see "Network Security Address Group" details
- Error: 10: Developer console is not set up correctly (Not Using Firebase) (One Tap sign-up)
- how do I set up cloud run in a shared vpc with direct vpc egress?
- what is the privilege of the Postgres user created by gcp
- Deploy llama on VertexAI
- How to display messages as list in gmail api?
- set log severity on google cloud without using google-cloud-logging library
- Is there a way to check which SA key has been used by a service account for a request?
- Uploading images to Firebase storage returns "Access denied" after some time
- Google Cloud Container Registry/Artifact Registry Permissions
- Generating Cloud Storage Signed URL from Google Cloud Function without using explicit key file
- Fetch columns that match query criteria