我正在尝试从App Engine访问Google Prediction API并按照以下说明操作 - https://developers.google.com/appengine/articles/prediction_service_accounts
在App Engine上部署时效果很好。但是,相同的代码在本地devserver上出现以下错误时失败。
credentials = AppAssertionCredentials(
scope='https://www.googleapis.com/auth/prediction')
http = credentials.authorize(httplib2.Http(memcache))
service = build("prediction", "v1.5", http=http, developerKey=api_key)
ERROR 2012-12-28 03:48:53,084 client.py:461] Failed to retrieve access token: {
"error" : "invalid_grant"
}
ERROR 2012-12-28 03:48:53,115 cgi.py:121] Traceback (most recent call last):
File "/Users/gkedia/git/thirdgaze/main.py", line 83, in <module>
service = build('prediction', 'v1.5', http=http, developerKey=api_key)
File "/Users/gkedia/git/thirdgaze/apiclient/discovery.py", line 175, in build
resp, content = http.request(requested_url)
File "/Users/gkedia/git/thirdgaze/oauth2client/client.py", line 503, in new_request
self._refresh(request_orig)
File "/Users/gkedia/git/thirdgaze/oauth2client/client.py", line 412, in _refresh
self._do_refresh_request(http_request)
File "/Users/gkedia/git/thirdgaze/oauth2client/client.py", line 472, in _do_refresh_request
raise AccessTokenRefreshError(error_msg)
AccessTokenRefreshError: invalid_grant
我注意到的一件事是完全相同的参数,key_name, signature = app_identity.sign_blob(base_str)
在生产和本地机器上返回不同的签名。
我的计算机时间正确同步,而且还没有涉及offline_access参数。
答案 0 :(得分:3)
app_identity
以及更常见的服务帐户无法在dev_appserver
上运行您必须回退常规oauth2 webserver flow才能在测试时获得与常规Google帐户相关联的访问令牌本地。
类似的东西:
flow = OAuth2WebServerFlow(client_id='your_client_id',
client_secret='your_client_secret',
scope='https://www.googleapis.com/auth/prediction',
redirect_uri='http://localhost:8080/oauth2callback')
self.redirect(flow.step1_get_authorize_url())
然后在/oauth2callback
处理程序中:
credentials = flow.step2_exchange(self.request.get('code'))
http = credentials.authorize(httplib2.Http(memcache))
service = build("prediction", "v1.5", http=http, developerKey=api_key)
您可以使用dev_appserver
environment variable轻松检测您是在SERVER_SOFTWARE
还是正在投放。