dongyou7739 2018-02-07 18:56
浏览 180
已采纳

在Golang中手动提供Google服务帐户凭据

To remotely connect to a Google-cloud Mysql database via the Go Proxy library, I need to provide service account credentials. This can be done through setting the GOOGLE_APPLICATION_CREDENTIALS environment variable, but since I want the application to be able to run on different machines without having to set the environment variable everywhere, that is not an option.

As a result, I have to provide the service account credentials manually to my Golang application. The code below (without the authentication) gives this error message:

default proxy initialization failed; consider calling proxy.Init explicitly: google: could not find default credentials. See https://developers.google.com/accounts/docs/application-default-credentials for more information.

Google provides elaborate documentation on how to fix the manual authentication for a number of programming languages, but not for Go:

https://cloud.google.com/docs/authentication/production#auth-cloud-explicit-csharp

Could anyone help me out with setting authentication credentials manually in Golang?

Thanks a bunch!

package main

import (
    "database/sql"
    "fmt"
    "github.com/GoogleCloudPlatform/cloudsql-proxy/proxy/dialers/mysql"
)

var db *sql.DB

func main() {

cfg := mysql.Cfg("mysql", "********", "********") //name , username, password
cfg.DBName = "MyDBName"
db := mysql.DialCfg(cfg)
defer db.Close()

}
  • 写回答

1条回答 默认 最新

  • douche3244 2018-02-11 19:05
    关注

    When using the cloudsql-proxy package, you're not directly connecting to your cloud SQL instance, but creating a proxy and connecting to it. It's the proxy connection where you have to provide the credentials.

    In the tests for the cloud-sql package there is an example of how to init the proxy with credentials.

    The proxy initializes by itself if you don't do it manually, but you can call proxy.Init with an http client, and you can create an http client with credentials.

    I've not tested this, but you could try something like proxy.Init(oauth2.NewClient(ctx, oauth2.StaticTokenSource(&oauth2.Token{AccessToken: <YOUR_TOKEN>})), nil, nil) before the DialCfg call.

    A better example, if you provide your credentials file (so it's not hard-coded) would be something like:

    func main()
  credsFile := "path/to/your/credentials.json"
  SQLScope := "https://www.googleapis.com/auth/sqlservice.admin"
  ctx := context.Background()

  creds, err := ioutil.ReadFile(credsFile)
  if err != nil {
    # handle error
  }

  cfg, err := goauth.JWTConfigFromJSON(creds, SQLScope)
  if err != nil {
    # handle error
  }

  client := cfg.Client(ctx)
  proxy.Init(client, nil, nil)

  var db *sql.DB

  cfg := mysql.Cfg("mysql", "********", "********") //name , username, password
  cfg.DBName = "MyDBName"
  db, err := mysql.DialCfg(cfg)
  if err != nil {
    # handle error
  }
  defer db.Close()

  # your calls to cloudSQL

}

    (This is mainly a copy of the tests on that package.)

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 想问一下树莓派接上显示屏后出现如图所示画面,是什么问题导致的
  • ¥100 嵌入式系统基于PIC16F882和热敏电阻的数字温度计
  • ¥15 cmd cl 0x000007b
  • ¥20 BAPI_PR_CHANGE how to add account assignment information for service line
  • ¥500 火焰左右视图、视差(基于双目相机)
  • ¥100 set_link_state
  • ¥15 虚幻5 UE美术毛发渲染
  • ¥15 CVRP 图论 物流运输优化
  • ¥15 Tableau online 嵌入ppt失败
  • ¥100 支付宝网页转账系统不识别账号