问题
I'm trying to work with the cloud datatstore - I've created an appengine project, which is viewable at https://cloud.google.com/console#/.
Through the cloud console, I've navigated to APIs, and turned off and back on the datastore API. I've then registered an app (web application, generic) and generated a certificate. I've ensured that the email generated from that is in the 'Teams' list with 'Can Edit' permission.
After all this, any requests I generate are returning 403. Requests to other APIs, such as the prediction API, are working okay. The datastore is returning 403 both from my codebase (using php api) or from the api explorer.
Below is a dump of the HTTP Request generated from the PHP client. Any help would be greatly appreciated!
object(Google_HttpRequest)[15]
private 'batchHeaders' =>
array (size=4)
'Content-Type' => string 'application/http' (length=16)
'Content-Transfer-Encoding' => string 'binary' (length=6)
'MIME-Version' => string '1.0' (length=3)
'Content-Length' => string '' (length=0)
protected 'url' => string 'https://www.googleapis.com/datastore/v1beta1/datasets/madlab-sandbox/lookup' (length=75)
protected 'requestMethod' => string 'POST' (length=4)
protected 'requestHeaders' =>
array (size=3)
'content-type' => string 'application/json; charset=UTF-8' (length=31)
'content-length' => int 62
'authorization' => string 'Bearer ya29.AHES6ZSfJmWHLNIrPwQA7wZ3miGCMgxvmUmYl65mfw9J2_v8KgmLMyJV' (length=68)
protected 'postBody' => string '{"keys":[{"path":[{"id":"5629499534213120","kind":"topic"}]}]}' (length=62)
protected 'userAgent' => string 'test google-api-php-client/0.6.4' (length=32)
protected 'responseHttpCode' => int 403
protected 'responseHeaders' =>
array (size=9)
'content-type' => string 'application/json; charset=UTF-8' (length=31)
'date' => string 'Fri, 26 Jul 2013 15:26:13 GMT' (length=29)
'expires' => string 'Fri, 26 Jul 2013 15:26:13 GMT' (length=29)
'cache-control' => string 'private, max-age=0' (length=18)
'x-content-type-options' => string 'nosniff' (length=7)
'x-frame-options' => string 'SAMEORIGIN' (length=10)
'x-xss-protection' => string '1; mode=block' (length=13)
'server' => string 'GSE' (length=3)
'transfer-encoding' => string 'chunked' (length=7)
protected 'responseBody' => string '{
"error": {
"errors": [
{
"domain": "global",
"reason": "PERMISSION_DENIED",
"message": "Unauthorized."
}
],
"code": 403,
"message": "Unauthorized."
}
}
' (length=182)
public 'accessKey' => null
回答1:
To work around this issue:
- Visit the Google Cloud Console.
- Click on your existing Cloud project.
- Click on "Teams" under the settings menu.
- Find the email address corresponding to your certificate (it will be a ~45 character string followed by @developer.gserviceaccount.com).
- Remove and then re-add this email address as a member of your project.
I've filed this on the Cloud Datastore public issue tracker: https://github.com/GoogleCloudPlatform/google-cloud-datastore/issues/10
Please check there for updates.
来源:https://stackoverflow.com/questions/17885347/all-requests-return-403-unauthorized