我正在尝试将以下命令从 CLI(有效)转换为 python,但遇到一些问题。
curl -H "Authorization: Bearer $(gcloud auth print-identity-token)" SERVICE_URL
问题是我无法使用应用程序默认本地凭据令牌请求有效的承载来向 Google Cloud Run 发出授权请求。如果我从 CLI 生成 Bearer 令牌gcloud auth print-identity-token
并在 python 请求中使用它,一切正常
request_url = 'https://<my endpoint>'
identity_token = '<>' # response of gcloud auth print-identity-token)
header= {'Authorization': f'Bearer {identity_token}'}
requests.get(url=request_url, headers=receiving_service_headers)
从谷歌身份验证文档中,我了解到 Cloud Run 通信基于支持模拟身份验证的身份令牌,但我无法生成有效的凭据。
from google.auth import impersonated_credentials, default
from google.auth.transport.requests import AuthorizedSession
request_url = 'https://<my endpoint>'
source_credentials, project = default()
creds = impersonated_credentials.IDTokenCredentials(
source_credentials,
target_audience=request_url)
authed_session = AuthorizedSession(creds)
resp = authed_session.get(request_url)
print(resp)
bui 我收到以下错误
google.auth.exceptions.GoogleAuthError: Provided Credential must be impersonated_credentials
谢谢
慕运维8079593
慕尼黑的夜晚无繁华
相关分类