-
Notifications
You must be signed in to change notification settings - Fork 141
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Can't create GCSFileSystem with instance of google.oauth2.service_account.Credentials
#151
Comments
I'm hitting similar confusion with a service account, where the class of object seems ambiguous. I can't pass the credentials of a service account as a token (maybe I shouldn't be doing this), e.g.
The type of the credentials object seems to vary:
So I guess the check for a valid Credentials object is being confused by the namespace clash? e.g.
Or maybe this is expected behaviour and the wrong way to roll? Ref: #26 |
I think the issue is that the Google auth libraries implement different concrete types of Looking at the auth library's source code it seems the correct class to check is As far as use-cases go, I'm currently using gcsfs with Dask to run automated reporting on GCE. We're using Airflow to automate the reporting tasks, so we're getting a service account Since it's automated, it doesn't make sense to auth with a user token. In particular, GCE and GKE make use of service accounts to manage authentication from VM instances, so it makes sense to use the built-in service account for this. |
Google have had a history of moving around these definitions, so happy to change the instance check to whatever seems to be the most appropriate right now. Would someone like to put this in a PR? |
I haven't tried changing just the instance check yet, but I can at least say that changing
To
in It looks like
So I gather that would need testing, if the PR went the route of changing the import. I run into downstream errors with I have a similar use-case to @jiajie-chen, using gcsfs with Dask, where I ideally want to use a service account rather than authenticate via a user account or a browser token (or cached |
@martindurant I can put together a quick PR for this, but it might need some further testing to ensure all classes of @leehart the |
Fix for Issue #151 - Google Credentials isinstance check
When trying to create an instance of
GCSFileSystem
by passing in a service accountCredentials
object, an error is thrown in the_connect_token
method.System Details:
Python version 3.6.7 64-bit, on Ubuntu 18.04.1 (WSL)
gcsfs==0.2.2
google-auth==1.6.3
google-auth-oauthlib==0.3.0
Expected Behavior:
For
GCSFileSystem
to successfully connect with provided the service account credentials.Actual Behavior:
ValueError: Token format no understood
Steps to Recreate:
Run this code (fill in the relevant details):
The text was updated successfully, but these errors were encountered: