Reputation: 174
'ServiceAccountCredentials.from_json_keyfile_name' equivalent for remote json
I'm setting up a program to help the user with their notes for a research paper, and I'm at the point where i need to separate the client_secret.json from the program files to keep it secure online. How do I get the creds from the json without having it as a file with the python program?
scope = ["https://spreadsheets.google.com/feeds","https://www.googleapis.com/auth/drive"]
creds = ServiceAccountCredentials.from_json_keyfile_name('client_secret.json', scope)
gs = gspread.authorize(creds)
In the code above, is there some way I can use the json response rather than the client_secret.json file something more like :
creds = requests.get("json storage").json
Upvotes: 6
Views: 14603
Answers (2)
Reputation: 61
The answer from Philippe is correct, but it didn't quite work for me.
I had to change create_keyfile_dict method, adding .replace("\\n", "\n") to the private_key.
This is my final result:
def create_keyfile_dict():
variables_keys = {
"type": os.environ.get("SHEET_TYPE"),
"project_id": os.environ.get("SHEET_PROJECT_ID"),
"private_key_id": os.environ.get("SHEET_PRIVATE_KEY_ID"),
"private_key": os.environ.get("SHEET_PRIVATE_KEY").replace("\\n", "\n"),
"client_email": os.environ.get("SHEET_CLIENT_EMAIL"),
"client_id": os.environ.get("SHEET_CLIENT_ID"),
"auth_uri": os.environ.get("SHEET_AUTH_URI"),
"token_uri": os.environ.get("SHEET_TOKEN_URI"),
"auth_provider_x509_cert_url": os.environ.get("SHEET_AUTH_PROVIDER_X509_CERT_URL"),
"client_x509_cert_url": os.environ.get("SHEET_CLIENT_X509_CERT_URL"),
}
return variables_keys
# Google Sheet credentials
credentials = ServiceAccountCredentials.from_json_keyfile_dict(
create_keyfile_dict(),
["https://spreadsheets.google.com/feeds", "https://www.googleapis.com/auth/drive"],
)
client = gspread.authorize(credentials)
Upvotes: 4
Reputation: 1098
The best would be to create the keys of your secret JSON as environment variables, and have a function that returns a dict in the same format of the json that you can then use with the auth method from_json_keyfile_dict
This is how I do it, and how I call my environment variables:
def create_keyfile_dict():
variables_keys = {
"type": os.environ.get("SHEET_TYPE"),
"project_id": os.environ.get("SHEET_PROJECT_ID"),
"private_key_id": os.environ.get("SHEET_PRIVATE_KEY_ID"),
"private_key": os.environ.get("SHEET_PRIVATE_KEY"),
"client_email": os.environ.get("SHEET_CLIENT_EMAIL"),
"client_id": os.environ.get("SHEET_CLIENT_ID"),
"auth_uri": os.environ.get("SHEET_AUTH_URI"),
"token_uri": os.environ.get("SHEET_TOKEN_URI"),
"auth_provider_x509_cert_url": os.environ.get("SHEET_AUTH_PROVIDER_X509_CERT_URL"),
"client_x509_cert_url": os.environ.get("SHEET_CLIENT_X509_CERT_URL")
}
return variables_keys
# then the following should work
scope = ["https://spreadsheets.google.com/feeds","https://www.googleapis.com/auth/drive"]
creds = ServiceAccountCredentials.from_json_keyfile_dict(create_keyfile_dict(), scope)
gs = gspread.authorize(creds)
Upvotes: 16
Related Questions
- Pass json keyfile from cloud storage to ServiceAccountCredentials function
- Can I use the service account of a GCP VM ([email protected]) instead of SA json file to make api calls using python?
- Google Service account authentication for API call using python
- GCP Authentication for Python with LOADED JSON , NOT file
- GSpread pass credentials from Python not JSON
- How to read JSON's credentials from code (string)
- How to use service account generated key for authentication using googleapi client
- Google Cloud service account auth without full json file
- How to authenticate with gcloud big query using a json credentials file?
- gspread w/ OAuth2Client Service Account Key