Google Logging API v2 身份验证问题

Question

我正在尝试通过 OAuth 令牌进行身份验证，但我没有找到没有 Google 提示和 url 重定向的方法。

我正在使用 php 和 google/apiclient:"^2.7" 库

我试图用它获取令牌，但我没有找到获取它的方法。

如果没有 google 提示就无法执行，我如何向 https://logging.googleapis.com/v2/entries:list 验证我的请求？

预先感谢您的帮助。

我尝试了以下方法

public function init()
{

    putenv('GOOGLE_APPLICATION_CREDENTIALS=' . $this->container->getParameter('service-account-authentification-file'));
    
    $scopes = [
        'https://www.googleapis.com/auth/cloud-platform',
        'https://www.googleapis.com/auth/cloud-platform.read-only',
        'https://www.googleapis.com/auth/logging.admin',
        'https://www.googleapis.com/auth/logging.read',
        'https://www.googleapis.com/auth/logging.write'
    ];

    $middleware = ApplicationDefaultCredentials::getMiddleware($scopes);
    $stack = HandlerStack::create();
    $stack->push($middleware);
    
    $client = new Client([
        'handler'  => $stack,
        'base_uri' => 'https://logging.googleapis.com/',
        'auth'     => 'google_auth'
    ]);

    $httpClient = $client->authorize();

    $data = [
        "resourceNames" => ["xxxx"],
        "filter"        => "xxxxxx",
    ];

    $response = $httpClient->post('https://logging.googleapis.com/v2/entries:list', [
        'body' => json_encode($data)
    ]);

}

我也尝试过 https://github.com/googleapis/google-cloud-php & https://github.com/googleapis/google-cloud-php-logging

提供的其他方法

    $logging = new LoggingClient([
            'keyFilePath' => $this->container->getParameter('service-account-authentification-file')
        ]
    );

    $entries = $logging->entries([
        'filter' => 'logName = projects/****logs/stdout'
    ]);

    foreach ($entries as $entry) {
        echo $entry->info()['textPayload'] . "\n";
    }

响应总是相同的

"error": {
"code": 403,
"message": "The caller does not have permission",
"status": "PERMISSION_DENIED"
}

我尝试使用 Curl

curl --request POST \
  'https://logging.googleapis.com/v2/entries:list?key=[YOUR_API_KEY]' \
  --header 'Authorization: Bearer [YOUR_ACCESS_TOKEN]' \
  --header 'Accept: application/json' \
  --header 'Content-Type: application/json' \
  --data '{}' \
  --compressed

但我也有这样的错误

{
  "error": {
    "code": 400,
    "message": "The API Key and the authentication credential are from different projects.",
    "status": "INVALID_ARGUMENT",
    "details": [
      {
        "@type": "type.googleapis.com/google.rpc.Help",
        "links": [
          {
            "description": "Google developer console API key",
            "url": "https://console.developers.google.com/project/******/apiui/credential"
          }
        ]
      },
      {
        "@type": "type.googleapis.com/google.rpc.ErrorInfo",
        "reason": "CONSUMER_INVALID",
        "domain": "googleapis.com",
        "metadata": {
          "consumer": "projects/******",
          "service": "logging.googleapis.com"
        }
      }
    ]
  }
}