Goal
Using googleapis with firebase functions. Get a JWT token so firebase functions can use a service account with domain-wide delegation to authorize G Suite APIs like directory and drive.
Question
What goes in path.join();
What is __dirname
What is 'jwt.keys.json'
?
From this example: https://github.com/googleapis/google-api-nodejs-client/blob/master/samples/jwt.js
// Create a new JWT client using the key file downloaded from the Google Developer Console
const auth = new google.auth.GoogleAuth({
keyFile: path.join(__dirname, 'jwt.keys.json'), // <---- WHAT GOES IN path.join()
scopes: 'https://www.googleapis.com/auth/drive.readonly',
});
Error
When I run
const auth = new google.auth.GoogleAuth({
keyFile: path.join(__dirname, "TEST"), // <-- __dirname == /srv/ at runtime
scopes: 'https://www.googleapis.com/auth/drive.readonly',
});
From the GCP Logs I get this error:
Error: ENOENT: no such file or directory, open '/srv/TEST'
Obviously TEST
isn't valid, but is '/srv/
?
What is the keyFile
, a file path? a credential?
Another Example
https://github.com/googleapis/google-api-nodejs-client#service-to-service-authentication
keyFile
is the filename of the service account JSON file you downloaded from the Google Console when you created the service account. You mention JWT token. You want a Google OAuth Access Token created from a service account. Also, read the documentation for G Suite Domain Wide Delegation to understand how to do this. developers.google.com/admin-sdk/directory/v1/guides/delegation Pay attention to the section ondelegation
as you are missing this in your code. - John Hanleygoogle.auth.GoogleAuth
- Chadd