I am trying to connect to an AppEngine instance with the remote API with something like this:
os.environ['GOOGLE_APPLICATION_CREDENTIALS'] = ".../path/to/key"
remote_api_stub.ConfigureRemoteApiForOAuth(
server.encode('ascii'), path, secure=True
)
Where the path/to/key
points to a JSON file created in the Google Cloud (Beta), API Manager -> Credentials -> Add Credentials -> Service Account. The service account "Can edit" per the Permissions panel.
When I run this I get an error like this on the console, corresponding to a 401 (as reported in the App Engine log viewer):
File "/usr/local/share/app-engine-python/google/appengine/ext/remote_api/remote_api_stub.py", line 768, in ConfigureRemoteApiForOAuth
rpc_server_factory=rpc_server_factory)
File "/usr/local/share/app-engine-python/google/appengine/ext/remote_api/remote_api_stub.py", line 835, in ConfigureRemoteApi
app_id = GetRemoteAppIdFromServer(server, path, rtok)
File "/usr/local/share/app-engine-python/google/appengine/ext/remote_api/remote_api_stub.py", line 569, in GetRemoteAppIdFromServer
response = server.Send(path, payload=None, **urlargs)
File "/usr/local/share/app-engine-python/google/appengine/tools/appengine_rpc_httplib2.py", line 258, in Send
NeedAuth()
File "/usr/local/share/app-engine-python/google/appengine/tools/appengine_rpc_httplib2.py", line 234, in NeedAuth
RaiseHttpError(url, response_info, response, 'Too many auth attempts.')
File "/usr/local/share/app-engine-python/google/appengine/tools/appengine_rpc_httplib2.py", line 85, in RaiseHttpError
raise urllib2.HTTPError(url, response_info.status, msg, response_info, stream)
urllib2.HTTPError: HTTP Error 401: Unauthorized Too many auth attempts.
I checked and the correct credentials seem to be set in /google/appengine/ext/remote_api/remote_api_stub.py:760
and should be passed to the remote api.
The app.yaml
has the basic setting - remote_api: on
under builtins
.
This setup works for the local dev_appserver.py
, so I am led to believe the problem is on the Google server/cloud settings.
I have tried both authentication schemes in App Engine -> Settings -> Application settings (Google Accounts API and Google Apps domain).
I followed the Google Application Default Credentials as fit as I could, but maybe I missed something?
It is probably also worth noting that from the command line:
$ GOOGLE_APPLICATION_CREDENTIALS=~/path-to-key
remote_api_shell.py -s APPID.appspot.com --secure APPID
also gives the same 401 exception.
See Question&Answers more detail:
os