错误403“未配置访问”使用JSON API写入存储桶

时间:2013-02-06 21:08:09

标签: java google-cloud-storage

我正在尝试使用以下代码使用REST API写入云存储:

  public static void insertData() {
                try {
                    StorageObject st = new StorageObject();
    //create the media object
                    Media m = new Media();
   String content = "hi! this is a test";
                    m.setData(Base64.encodeBase64String(content.getBytes()));
                    m.setContentType("text/html");
                    st.setMedia(m);
    //this gets me the credential, works for other APIs but not cloud storage
                    Storage storage = RequestBuilder.buildStorage();
                    //Create the insert and execute
                    Insert insert = storage.objects().insert("mybucket", st);
                    insert.execute();
                } catch (IOException e) {
                    log.severe(e.getMessage());
                }
            }

根据REST API,这是我的ACL条目:

 "kind": "storage#bucketAccessControls",
 "items": [
  {
   "kind": "storage#bucketAccessControl",
   "id": "gammeprediction/allUsers",
   "selfLink": "https://www.googleapis.com/storage/v1beta1/b/gammeprediction/acl/allUsers",
   "bucket": "mybucket",
   "entity": "allUsers",
   "role": "OWNER"
  }]

这就是我获取凭证的方式:

private static Credential authorize() {
        GoogleCredential credential = null;
        //load properties
        Properties appProperties = new Properties();
            appProperties.load(RequestBuilder.class
                    .getResourceAsStream("/app.properties"));

        // creates an authorization with the key and service account given
        InputStream is = RequestBuilder.class.getResourceAsStream("/"
                + appProperties.getProperty("app.keyFileName"));
        PrivateKey pk;
        try {
            pk = PrivateKeys.loadFromKeyStore(KeyStore.getInstance("PKCS12"),
                    is, "notasecret", "privatekey", "notasecret");
            credential = new GoogleCredential.Builder()
                    .setTransport(HTTP_TRANSPORT)
                    .setJsonFactory(JSON_FACTORY)
                    .setServiceAccountId(
                            appProperties
                                    .getProperty("app.serviceAccount"))
                    .setServiceAccountPrivateKey(pk)
                    .setServiceAccountScopes(PredictionScopes.PREDICTION,
                            DriveScopes.DRIVE, StorageScopes.DEVSTORAGE_FULL_CONTROL).build();


        return credential;
    }

对于所有用户,存储桶上的权限是OWNER,但我仍然收到403 Forbidden“Access not configured”错误。什么可能是错的?

1 个答案:

答案 0 :(得分:1)

一旦JSON API通常可用,这个逻辑就可以工作。

但是,目前,JSON API处于限制预览中。由于未知用户不被视为有限预览的成员,因此目前无法通过REST API进行完全匿名查询。相反,您必须在连接时至少提供一个列入白名单的API密钥。如果您不提供其他身份信息,您将被视为匿名用户。或者,更进一步,您可以使用OAuth2凭据来将其视为注册用户。有关更多信息,请参阅:https://developers.google.com/storage/docs/json_api/

这是一个GWT RequestBuilder吗?不幸的是,我并不完全熟悉它的使用。如果有帮助,以下是使用Google API Java客户端设置与API密钥的连接的示例:https://code.google.com/p/google-api-java-client/wiki/OAuth2#Unauthenticated_access

此外,看起来你对setData()的调用正在传递一个非base64'd字符串,这将失败。

相关问题
最新问题