AppEngine - Remote API returning 401 and too-many-auth

问题:

I am trying to connect to an AppEngine instance with the remote API with something like this:

os.environ['GOOGLE_APPLICATION_CREDENTIALS'] = ".../path/to/key" remote_api_stub.ConfigureRemoteApiForOAuth(     server.encode('ascii'), path, secure=True ) 

Where the path/to/key points to a JSON file created in the Google Cloud (Beta), API Manager -> Credentials -> Add Credentials -> Service Account. The service account "Can edit" per the Permissions panel.

When I run this I get an error like this on the console, corresponding to a 401 (as reported in the App Engine log viewer):

   File "/usr/local/share/app-engine-python/google/appengine/ext/remote_api/remote_api_stub.py", line 768, in ConfigureRemoteApiForOAuth     rpc_server_factory=rpc_server_factory)   File "/usr/local/share/app-engine-python/google/appengine/ext/remote_api/remote_api_stub.py", line 835, in ConfigureRemoteApi     app_id = GetRemoteAppIdFromServer(server, path, rtok)   File "/usr/local/share/app-engine-python/google/appengine/ext/remote_api/remote_api_stub.py", line 569, in GetRemoteAppIdFromServer     response = server.Send(path, payload=None, **urlargs)   File "/usr/local/share/app-engine-python/google/appengine/tools/appengine_rpc_httplib2.py", line 258, in Send     NeedAuth()   File "/usr/local/share/app-engine-python/google/appengine/tools/appengine_rpc_httplib2.py", line 234, in NeedAuth     RaiseHttpError(url, response_info, response, 'Too many auth attempts.')   File "/usr/local/share/app-engine-python/google/appengine/tools/appengine_rpc_httplib2.py", line 85, in RaiseHttpError     raise urllib2.HTTPError(url, response_info.status, msg, response_info, stream) urllib2.HTTPError: HTTP Error 401: Unauthorized Too many auth attempts. 

I checked and the correct credentials seem to be set in /google/appengine/ext/remote_api/remote_api_stub.py:760 and should be passed to the remote api.

The app.yaml has the basic setting - remote_api: on under builtins.

This setup works for the local dev_appserver.py, so I am led to believe the problem is on the Google server/cloud settings.

I have tried both authentication schemes in App Engine -> Settings -> Application settings (Google Accounts API and Google Apps domain).

I followed the Google Application Default Credentials as fit as I could, but maybe I missed something?

It is probably also worth noting that from the command line:

$ GOOGLE_APPLICATION_CREDENTIALS=~/path-to-key     remote_api_shell.py -s APPID.appspot.com --secure APPID 

also gives the same 401 exception.

回答1:

Ok, so what seemed to be necessary was:

1. Go to the appspot.com admin page.
2. Under Application Settings, enable Cloud Integration
3. Create a new service account in the new cloud console page API Manager (existing service accounts do not seem to work)
4. Switch to remote_api_stub.ConfigureRemoteApiFromServer ― on further inspection, it appears that ConfigureRemoteApiForOAuth works fine.

At least after performing the above access works as expected.

I hope others similarly situated find this helpful.

Edit This may be related to the issue discussed on this thread: https://groups.google.com/forum/?utm_medium=email&utm_source=footer#!msg/google-cloud-insiders/ohnp1XAOdiM/KrQF8_DAAAAJ

回答2:

For people using the remote api from the command line (bulkloader.py, remote_api_shell.py etc.), a 401 error might also happen if your appengine cookies are expired.

Try deleting them and authenticating again:

rm ~/.appcfg* gcloud auth login

This could happen in cases where changes made to a Google account force logging out (e.g: enabling 2 factor authentication).

文章来源: AppEngine - Remote API returning 401 and too-many-auth