Making an authenticated call to google storage should be better documented. I filed a ticket with the google samples repo here: https://github.com/GoogleCloudPlatform/golang-samples/issues/1335
Basically, I have some auth info here:
const authInfo = {
"type": "service_account",
"project_id": "cp",
"private_key_id": "219ea05d6xxxxxxxxxxxxxxxxxx15c9d58ae41",
"private_key": "-----BEGIN PRIVATE KEY-----\nMIIEuwIBADANBgkqhkiG9w0BAQEFAASCBKUwggShAgEAAoIBAQCwv8UbpV5+FCYs\nITueZWyrcxxMaos+QBFU0GMBVWxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxD2tK1aaUR6+ovhj70yBnHDRdAu\nAnskcDEi6vTPKU6gNz8dC0gdE94dfaQy7k6tlg9hQq/J+MgrUAR3HOf1FyzhMyLh\n7qlnN5WNgBIz1imM/u9k\n-----END PRIVATE KEY-----\n",
"client_email": "[email protected]",
"client_id": "1071381xxxxx900319",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://oauth2.googleapis.com/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/back-end%40cp.iam.gserviceaccount.com"
}
why can't I find a good example of how to pass the auth info to the google storage initialization here:
const {Storage} = require('@google-cloud/storage');
const storage = new Storage();
const bucketName = 'bucket-name';
async function createBucket() {
await storage.createBucket(bucketName);
}
so if I have the auth info where the f do I stick it and how?
something like this:
const {Storage} = require('@google-cloud/storage');
const storage = new Storage(authInfo); // here maybe?
const bucketName = 'bucket-name';
async function createBucket() {
await storage.createBucket(bucketName, authInfo); // or here maybe?
}
I realize there is probably more than one way to authenticate but with some keys and certs I just want to get it done.
For example, I see this:
const storage = new Storage({keyFilename: "key.json"});
umm so why don't we have an example of just passing a JS object?
const js = require('../key.json'); // we get the file
const storage = new Storage(js); // we pass the object not the filepath
seems like the object version instead of the filepath version is more intuitive and type-checking is also easier?
keyFilename is for passing a path, credentials is used to pass a credentials object. Like so:
const {Storage} = require('@google-cloud/storage');
const storage = new Storage({
credentials: authInfo
});
const bucketName = 'bucket-name';
async function createBucket() {
await storage.createBucket(bucketName);
}
is there a way to use the .json file in the front-end? or does this lib only work with node.js?
Found this helpful https://www.youtube.com/watch?v=pGSzMfKBV9Q
The docs are lack luster
i think it is poorly documented how to use the credentials object. Having to use a json file in some scenarios is overwhelming. Having environment variables that could handle that for you.
Is there anyone that have found the correct way of using credentials?
These are the choices for authentication:
new Storage({ keyFilename: '/path/to/service-account-key.json' })
new Storage({ credentials: require('/path/to/service-account-key.json' })
new Storage() // env var: GOOGLE_APPLICATION_CREDENTIALS=/path/to/service-account-key.json
thanks @stephenplusplus plus
I ended up setting this
javascript
const storage = new Storage({
credentials: {
client_email: process.env.GOOGLE_CLIENT_EMAIL,
private_key: process.env.GOOGLE_PRIVATE_KEY.replace(/\\n/g, '\n')
},
projectId: process.env.GOOGLE_PROJECTID
})
@rafinskipg thank you! This is so much simpler than having to get a file system involved!
Most helpful comment
thanks @stephenplusplus plus
I ended up setting this
javascript const storage = new Storage({ credentials: { client_email: process.env.GOOGLE_CLIENT_EMAIL, private_key: process.env.GOOGLE_PRIVATE_KEY.replace(/\\n/g, '\n') }, projectId: process.env.GOOGLE_PROJECTID })