I can't find a way to have a working signed url on Google App Engine Standard environment with Python3.7.
I have look at the documentation here : https://cloud.google.com/storage/docs/access-control/signing-urls-manually
Within a Google App Engine application, you can use the App Engine App Identity service to sign your string.
But the App Engine App Identity rely on google.appenginepackage, that is not availalble on python 3.7 env as explain here
Proprietary App Engine APIs are not available in Python 3. This section lists recommended replacements.
The overall goal is that your app should be fully portable and run in any standard Python environment. You write a standard Python app, not an App Engine Python app. As part of this shift, you are no longer required to use proprietary App Engine APIs and services for your app's core functionality. At this time, App Engine APIs are not available in the Python 3.7 runtime.
All the api on sdk rely on google.appengine and raise an exception on python 3.7 env : EnvironmentError('The App Engine APIs are not available.') raise here
that rely on proprietary api :
try:
from google.appengine.api import app_identity
except ImportError:
app_identity = None
I know I can use many solution like ServiceAccountCredentials.from_json_keyfile_dict(service_account_dict) but I have to upload a file with credentials directly on app engine and I can't do it since the project credential will be expose on git or ci.
I really want to rely on default credential from app engine like other Google Cloud api like storage.Client() for example that work out of box.
Any suggestion ?
