是否可以使用json密钥而不是p12密钥来获取服务帐户凭据?
我在C#中使用“Google.Apis.Bigquery.v2客户端库”。
我使用“服务帐户”授权Google BigQuery(请参阅http://www.afterlogic.com/mailbee-net/docs/OAuth2GoogleServiceAccounts.html )。 要创建X509证书,请使用Google Developers Console中的p12密钥。 但是,现在json键是默认值。 我可以用它代替p12键吗?
我有以下代码:
string serviceAccountEmail = "xxxx@developer.gserviceaccount.com"; X509Certificate2 certificate; using (Stream stream = new FileStream(@"C:\key.p12", FileMode.Open, FileAccess.Read, FileShare.Read)) { using (MemoryStream ms = new MemoryStream()) { stream.CopyTo(ms); certificate = new X509Certificate2(ms.ToArray(), "notasecret", X509KeyStorageFlags.Exportable); } } // Create credentials ServiceAccountCredential credential = new ServiceAccountCredential( new ServiceAccountCredential.Initializer(serviceAccountEmail) { Scopes = new[] { BigqueryService.Scope.Bigquery, BigqueryService.Scope.CloudPlatform, }, }.FromCertificate(certificate)); // Create the service BaseClientService.Initializer initializer = new BaseClientService.Initializer() { HttpClientInitializer = credential, ApplicationName = "My Application", GZipEnabled = true, }; BigqueryService service = new BigqueryService(initializer); var projects = service.Projects.List().Execute(); 现在可以(我使用v 1.13.1.0的Google API)。
BigQuery的示例:
GoogleCredential credential; using (Stream stream = new FileStream(@"C:\mykey.json", FileMode.Open, FileAccess.Read, FileShare.Read)) { credential = GoogleCredential.FromStream(stream); } string[] scopes = new string[] { BigqueryService.Scope.Bigquery, BigqueryService.Scope.CloudPlatform, }; credential = credential.CreateScoped(scopes); BaseClientService.Initializer initializer = new BaseClientService.Initializer() { HttpClientInitializer = (IConfigurableHttpClientInitializer)credential, ApplicationName = "My Application", GZipEnabled = true, }; BigqueryService service = new BigqueryService(initializer);
Google表格示例:
GoogleCredential credential; using (Stream stream = new FileStream(@"mykey.json", FileMode.Open, FileAccess.Read, FileShare.Read)) { credential = GoogleCredential.FromStream(stream); } credential = credential.CreateScoped(new[] { "https://spreadsheets.google.com/feeds", "https://docs.google.com/feeds" }); string bearer; try { Task task = ((ITokenAccess)credential).GetAccessTokenForRequestAsync(); task.Wait(); bearer = task.Result; } catch (AggregateException ex) { throw ex.InnerException; } GDataRequestFactory requestFactory = new GDataRequestFactory("My Application"); requestFactory.CustomHeaders.Add(string.Format(CultureInfo.InvariantCulture, "Authorization: Bearer {0}", bearer)); SpreadsheetsService service = new SpreadsheetsService("My Application"); service.RequestFactory = requestFactory;
我收到了链接,其中表示使用C#应用程序中的JSON文件的服务帐户身份validation尚未添加到Google BigQuery API中 。
https://github.com/google/google-api-dotnet-client/issues/533
这对我有用:
var scopes = new[] { DriveService.Scope.Drive }; ServiceAccountCredential credential; using (Stream stream = new FileStream(@"C:\path\key.json", FileMode.Open, FileAccess.Read, FileShare.Read)) { credential = GoogleCredential.FromStream(stream).CreateScoped(scopes).UnderlyingCredential as ServiceAccountCredential; }
显然,您可以为scopes变量和密钥文件的路径提供自己的值。 您还需要获取Google.Apis.Auth.OAuth2 Nuget包以及您计划使用凭证的任何其他特定于服务的包(在我的情况下是Google.Apis.Drive.v3 )。