gcloud auth login and python to upload

0
votes

I have python program which upload and download from GCS bucket using service account. This works as expected.

Due to some business restrictions, bucket owner could not share service account for few other buckets. Those are currently using GSUtil authentication (gcloud auth login) by the common group mail address ([email protected]).

The bucket owner provided needed access to the common group mail address - "[email protected]". Now I was asked to use this mail address to upload and download the file to&from GCS using python program (here I should not use GSUtil) ?

I can use the Google SDK for my python implementation. Is there any way to achieve upload a file without service account in my python program ?

Please show me some light on this.

1
python-3.xgoogle-cloud-storagegsutil

1 Answers

1
votes

One solution is to upload the object by making a request calling the JSON REST API.

You need to provide a OAUTH_TOKEN which you can get by issuing the command gcloud auth print-access-token (docs). If you are logged in as a member of that group which has access to the bucket, then you'll have access with that token.

After you get that token you can make the request inside your Python program, somewhat like this:

import requests
filepath = '/path/to/file'
url = 'https://www.googleapis.com/upload/storage/v1/b/[BUCKET_NAME]/o?uploadType=media&name=[OBJECT_NAME]'

headers = {
    "Authorization": "Bearer [PRINTED_ACCESS_TOKEN]",
    "Content-Type": "text/html",
}

with open(filepath, "rb") as dafile:
    r = requests.post(url, headers=headers, data=dafile)
    print(r.content)

Since that token expires after some time, you can have a script that would print the access token, store it in a variable and run the Python program passing that variable as a parameter.