E.g. create an app engine standard php72 app and perform a curl request to another app engine app. Note that the header X-Appengine-Inbound-Appid is not sent with the curl request.
The usual answer to this is to use URL fetch service - but I don't see this in php72 docs?
The header is added by the URLFetch service. As long as the service is not following redirects, it will add the X-Appengine-Inbound-Appid header automatically.
You can find more information in this documentation. [1]
[1] App Identity PHP API Overview:
https://cloud.google.com/appengine/docs/standard/php/appidentity/#asserting_identity_to_other_app_engine_apps
Related
I created an API using Python + FastAPI and deployed it to Google App Engine and I would like to measure the cost for each request made.
I saw there is a header "x-appengine-estimated-cpm-us-dollars" that show up when logged in with the owner account on GAE, but I didn't see it when accessed the API using the browser "https://example.uc.r.appspot.com/api"
Any idea how to can I see this header or a way to get an estimated cost for each request made?
Note: the deployed script is an API, not a website with auth like the one mentioned here (Usage of X-AppEngine-Estimated-CPM-US-Dollars in AppEngine)
According to the documentation:
If you access dynamic pages on your site while signed in using an administrator account, App Engine includes per-request statistics in the response headers
And then shows the description for this particular header, therefore, this is not something that is available for APIs hosted in AppEngine.
You could alternatively use the Cloud Billing API to gather some information, although not exactly the same.
Is there a way to port the functionality of
from google.appengine.api import app_identity
from google.appengine.api import urlfetch
in the flexible environment?
I have a service running on the flex environment which needs to make a request to the standard environment and would like to use App Engine's native app identity and X-Appengine-Inbound-Appid header to do so.
It seems that if the origin of the request is from the standard environment, the header is passed on to the flex environment but not the other way around?
Update: It is not possible to use the X-Appengine-Inbound-Appid header in this case because, as you observed, it is removed on the ingress side of the standard env service after being specifically set on the egress side of the flexible env service, following the suggested experiment:
Original post:
From App identity:
When running on the flexible environment, you can use a combination of
environment variables and the Google Compute Engine Metadata
service to obtain information about your application:
Application / project ID
Either the GCLOUD_PROJECT environment variable or
the /project/project-id resource in the metadata server
So you could try to get the app ID in the flex env service as mentioned above and manually set the X-Appengine-Inbound-Appid response header. It might not be removed on the ingress side of the standard env service (it's not explicitly mentioned to be removed in Request headers).
As for the urlfetch porting, from URL Fetch:
The flexible environment has no sandbox restrictions, so you can use
any HTTP library. We recommend using Requests.
So check for the specific method to set the response header for whichever HTTP library you decide to use.
I'm trying to assign custom domain to App Engine module. At the moment I have staging.example.com pointed to app-id.appspot.com and that works correctly but I also want to assign api.staging.example.com to api.app-id.appspot.com. I've created CNAME record from api.staging.example.com to ghs.googlehosted.com, added api.staging.domain.com in developers console/appengine/settings/custom domains and here is my dispatch.yaml:
dispatch:
- url: "staging.example.com/*"
module: default
- url: "api.staging.example.com/*"
module: api
Any ideas what could be wrong? Every request to endpoints on api.staging.example.com shows only 404 error and I can't see this in the logs, it looks like api.staging.example.com is pointed to somewhere else, all request to api-app-id.appspot.com works correctly.
Are you making HTTPS requests? The official docs note that double-wildcard domains are not supported for SSL certificates.
Google recommends using the HTTPS protocol to send requests to your app. Google does not issue SSL certificates for double-wildcard domains hosted at appspot.com. Therefore with HTTPS you must use the string "-dot-" instead of "." to separate subdomains
So you'll need to replace the first . with -dot- to follow this pattern:
https://module-dot-app-id.appspot.com. In your case api-dot-app-id.appspot.com.
OK, I know where is my problem - Google Cloud Endpoints.
Google Cloud Endpoints does not support custom domains.
https://cloud.google.com/appengine/docs/python/endpoints/
https://code.google.com/p/googleappengine/issues/detail?id=9384
When developing for App Engine Endpoints in Java using the official documentation, after running endpoints.cmd with the appropriate parameters and deploying in GAE, the dev server shows the proper endpoints at http://localhost:8888/_ah/api/discovery/v1/apis, but accessing the explorer for the production version on GAE shows old endpoints at https://<my-app>.appspot.com/_ah/api/discovery/v1/apis.
The error was traced to the HTTP 302 (moved temporarily) code found in the Logs of the production app for access to /_ah/spi/BackendService.getApiConfigs. Until that clears (i.e., gives HTTP 200), Google's servers won't be able to serve the endpoint (See this comment).
This error stems in part due to inconsistent documentation. While the official documentation's sample web.xml uses a <security-constraint> block, that of the sample tictactoe app does not.
If you are getting a HTTP 302 status code, check the following two things (from this post):
in your .api file in WEB-INF, change http to https in the bns declaration,
remove the <security-constraint> block from your web.xml.
The above worked for me; not sure what the security constraint bit was about. Maybe a GAE admin can improve this answer?
I'm testing a Google App Engine app on my Windows machine, running locally on localhost:8084. Fiddler2 shows all my activity when I navigate around my app, but when requesting an external url with urlfetch.fetch() it doesn't show up in Fiddler at all, even when using an http, not an https address, and with a successful status code 200 in the response.
What do I need to do to get the urlfetch.fetch() request from Google App Engine to show up in Fiddler2?
My understanding is that Fiddler2 runs as an HTTP proxy; browser requests go through this proxy instead of directly to the internet resource. This allows Fiddler2 to capture information about the request and the response.
According to the Fiddler2 docs, "You can configure any application which accepts a HTTP Proxy to run through Fiddler so you can debug its traffic". So I think you would need to change the URLFetch API call to use a proxy, supplying the Fiddler URL and port. However, the URLFetch documentation doesn't specify exactly how to do this. You might be able to use urllib2 as specified in this question.
Irussell is generally right, but I'd like to make the answer more specific.
As proxies aren’t supported within Google AppEngine production environment, it’s not directly supported by development engine either. It seems that the only way to overcome this limitation is to modify the code of AppEngine development server.
You'll have to modify the urlfetch_stub.py file, by adding the following lines:
connection = connection_class('127.0.0.1', 8888)
and
full_path = protocol + "://" + host + full_path
You may find the detailed explanation in my blog post Use Fiddler to debug urlfetch requests in Google AppEngine