We have a simple app in Google App Engine (python 3.6). We are trying to trigger a funciton (url) using Cloud scheduler. Using the console we have trigger that has the following frequency -
1 0 * * * (America/New_York)
The target is
URL : https://project-name.appspot.com/url
When we click "Run Now" on the console we get the following error in the logs -
"status": "UNAUTHENTICATED", "url": "https://project-name.appspot.com/url",
"#type": "type.googleapis.com/google.cloud.scheduler.logging.AttemptFinished",
"jobName": "projects/project-name/locations/us-central1/jobs/url", "targetType": "HTTP"
Please help.
I ensured that the service account service-project-id-number#gcp-sa-cloudscheduler.iam.gserviceaccount.com is added to IAM.
According to the documentation here we need to post the entire URL.
But in reality just post the relative url. That is just do /url_extension
Related
I have an IBM Cloud Function (OpenWhisk) that invokes a Watson Conversation Service.
We are using JAVA
The documentation of the JAVA SDK (https://github.com/watson-developer-cloud/java-sdk ) suggests that the credentials would be picked up from the binding.
When I list the bindig I get this:
>bx wsk action get talksmall parameters
ok: got action talksmall, displaying field parameters
[
{
"key": "__bx_creds",
"value": {
"conversation": {
"credentials": "Credentials-SmallTalk",
"instance": "<INSTANCE>",
"password": "<PASSWORD>",
"url": "https://gateway.watsonplatform.net/conversation/api",
"username": "<USERNAME>"
}
}
}
]
But when I use the SDK like this:
Conversation conversationService = new Conversation(Conversation.VERSION_DATE_2017_05_26);
I get an error
{
"error": "An error has occured while invoking the action (see logs for details): java.lang.IllegalArgumentException: apiKey or username and password were not specified"
}
When I add the line:
conversationService.setUsernameAndPassword(userName, password);
It works.
Maybe the VCAP_Service way of binding does not work with Cloud Functions ?
The Cloud Function runs in the same IBM Cloud organization and space.
I opened an issue against the SDK documentation which talks about "running in Bluemix". IBM Cloud offers infrastructure, OpenWhisk / Cloud Functions, Cloud Foundry and more. Bluemix originated from Cloud Foundry and the automatic binding via VCAP_SERVICE is a Cloud Foundry feature.
From my experience with using IBM Cloud Functions with Python and Node.js you need to call the API functions to set credentials explicitly. With the feature of service binding you can easily make credentials of provisioned services available to the context within IBM Cloud Functions as successfully shown in your code above.
We would like to automatically create a project ID and install our ULAPPH Cloud Desktop application using the App Engine Admin API (REST) and Golang.
https://cloud.google.com/appengine/docs/admin-api/?hl=en_US&_ga=1.265860687.1935695756.1490699302
https://ulapph-public-1.appspot.com/articles?TYPE=ARTICLE&DOC_ID=3&SID=TDSARTL-3
We were able to get a token but when we tried to create a project ID, we get the error below.
[Response OK] Successful connection to Appengine Admin API.
[Token] { "access_token" : "TOKEN_HERE", "expires_in" : 3599, "token_type" : "Bearer" }
[Response Code] 403
[Response Body] { "error": { "code": 403, "message": "Operation not allowed", "status": "PERMISSION_DENIED", "details": [ { "#type": "type.googleapis.com/google.rpc.ResourceInfo", "resourceType": "gae.api", "description": "The \"appengine.applications.create\" permission is required." } ] } }
We are just using the REST API calls. Request for token was successful as you can see above and the scope is ok as well. Now, when we posted the request to create application, we are having the error that says "appengine.application.create" permission required.
How do we specify the permission?
What are the possible reasons why we are getting that error? Do we missed to send a field in JSON or in query?
As per below link, we just need to pass the json containing the id and location. We also just need to pass the token in the Authorization header. The same logic I have used successfully in accessing Youtube, Drive APIs etc so not sure what needs to be done since I have followed the docs available.
I have also posted the same issue in Google Groups and now waiting for their reply.
It seems you've given no details about how you set up the account you're using to authorize the request. You'll need to make sure the appengine.applications.create permission is given to the account you're using, as mentioned in the error text. You can use the Google Identity and Access Management (IAM) API for this.
(by the way, I'd given this answer in the original thread, although you didn't reply or seem to take action on it. check it out! this is likely the solution you need!)
I have tried to integrate Gmail Api in my android app using the follwing tutorial
https://developers.google.com/gmail/api/quickstart/android#step_5_setup_the_sample
I followed every steps , but when i tried to test gmail api
The following error occurred:
403 Forbidden
{
"code" : 403,
"errors" : [ {
"domain" : "usageLimits",
"message" : "Access Not Configured. Gmail API has not been used in project 608941808256 before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/gmail/overview?project=608941808256 then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.",
"reason" : "accessNotConfigured",
"extendedHelp" : "https://console.developers.google.com/apis/api/gmail/overview?project=608941808256"
} ],
"message" : "Access Not Configured. Gmail API has not been used in project 608941808256 before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/gmail/overview?project=608941808256 then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry."
}
I have enabled Gmail Api and Google plus Api too . still the problem exist
Edit : My developer console page
I think i found what mistake i have made ,
The SHA1 KEY I provided in the developer console is the signed version of my app , which is not placed in play store yet
I changed the SHA1 Key to debug version of the app and it worked
I registered the SHA1 key for the androiddebug (debug.keystore) and the key for the signed-release version (your own keystore) creating two OAuth 2.0 client IDs. This allowed me to test my app.
Remember that sometimes the changes take a few hours to be reflected.
Using an oauth accessToken, I am able to retrieve the user's info through:
https://api.pinterest.com/v1/me/?fields=first_name%2Cid%2Clast_name%2Curl%2Cusername%2Cimage&access_token=xxxx
which from a desktop or even ec2 returns:
{
"data": {
"username": "yyyt",
"first_name": "yyyr",
"last_name": "",
"url": "https:\/\/www.pinterest.com\/yyyt\/",
"image": {
"60x60": {
"url": "https:\/\/s-passets-cache-ak0.pinimg.com\/images\/user\/default_60.png",
"width": 60,
"height": 60
}
},
"id": "1234567890"
}
}
However, when the same query is made from appengine, a 403 error is returned with the details:
{
"message": "Forbidden",
"status": 403
}
I can't find any information about why Google AppEngine may be specifically blocked, and since their API has come out of Beta, I'm not sure a reason why it would be.
This earlier question: Pinterest API - returning 403 on EC2 Instance suggested that they were blocking ec2 because the api was still unofficially supported, but ec2 access does in fact seem fine now, so I'm not sure why they would block google.
Can anyone suggest a workaround not involving a proxy, or refer me to a reason why the access might be forbidden?
or refer me to a reason why the access might be forbidden?
Unfortunately I ran into the same issue today when I tried to access the Pinterest web-site (not the API) via App Engine.
Looking at the 403 error page that is returned by Pinterest following a HTTP request from App Engine it seems that the reason is that Pinterest doesn't like bots and intentionally rejects HTTP requests by App Engine or the App Engine dev server.
When trying to access Pinterest via CURL, I noticed that Pinterest rejects all HTTP requests that have the string App Engine in the User-Agent HTTP request header, but Pinterest does happily accept any other (random) User-Agent string.
Because App Engine, as stated in the documentation, automatically appends the string "AppEngine-Google (+http://code.google.com/appengine; appid: APPID)" to the User-Agent HTTP request header, I suspect there is no way of circumventing this.
I wrote a webapp with angularjs frontend, google app engine for storing data, and google cloud endpoints for api access from the frontend client. I tested everything fine locally, but after deploying, accessing the api from the frontend javascript client gives me the following error:
[
{
"error": {
"code": 403,
"message": "Access Not Configured",
"data": [
{
"domain": "usageLimits",
"reason": "accessNotConfigured",
"message": "Access Not Configured"
}
]
},
"id": "gapiRpc"
}
]
I've checked the production api explorer after deployment and it works fine. Also, I tried directly accessing the api by URL which also works fine. Just the frontend client does not work. Any ideas?
Turns out I set the API key in the client with gapi.client.setApiKey(API_KEY); where the API Key is the browser key from the cloud console. I removed this and it works fine. I have no idea what the API key is for.
I'm looking at the problem now on one of my projects. Might be that the ipv6 address must be registered for the project. Take a look at this post Google API returning Access Not Configured
The usual reason for this is that the API, which is being queried is not yet enabled in Google Console by the time of the request. Once it is turned on - error goes away.