Database Reference
In-Depth Information
valid credentials (which it will not the first time you run
storage.get()
),
you can run the flow to fetch new credentials:
>>>
from oauth2client.tools import run
>>>
creds = run(flow, storage)
Your browser has been opened to visit:
https://accounts.google.com/o/oauth2/
auth?scope=https%3A%2F%2Fwww.go
+
ogleapis.com%2Fauth%2Fbigquery&redirect_uri=http%3A%2F%2Flocalhost
+
%3A8080%2F&response_type=code&client_id=857243983440.apps
+ .googleusercontent.com&access
+ _type=offline
If your browser is on a different machine then exit
and re-run this
application with the command-line parameter
--noauth_local_webserver
Authentication successful.
This opens your browser window, prompts you to log in (if you're not
already logged in), and prompts you to allow the application access to your
BigQuery data. When you accept, the flow automatically completes.
This step may seem like black magic; you went to a web page and somehow
your Python client knew about it. What is actually happening here? A
request gets sent to the Authorization Server (the
auth_uri
from your
client_secrets.json
). This request doesn't actually know anything
about you and doesn't include your username or password. It does send
some identifying information about your project (the
client_secret
and
the
client_id
from
client_secrets.json
).
As a response, the Authorization Server returns an access URL. The access
URL must be visited in a web browser. This is a security precaution; because
you may need to enter your password, you want to make sure that no one
captures your password and sends it to their servers in North Korea. When
you visit the access URL in the browser, it asks you whether you want to
grant access to the scopes that were requested by the flow (in this case, just
BigQuery).
