Database Reference
In-Depth Information
else:
print 'creds: %s' % (cred_dict,)
def build_bq_client():
'''Constructs a bigquery client object.'''
return discovery.build('bigquery', 'v2',
http=get_creds().authorize(httplib2.Http()))
def main():
print_creds(get_creds())
if __name__ == "__main__":
main()
The method
get_oauth2_creds()
will create user credentials, while the
method
build_bq_client()
can be used to build an authenticated
BigQuery client. This BigQuery client can be used directly to make requests
to BigQuery with no further authentication or credential manipulation
necessary. If you run this file as a standalone Python script, it will perform
authentication and print out an OAuth2 access token. This mechanism is
used in many of the examples in this chapter in order to be able to make raw
HTTP requests using
curl
. This code is available in the file
auth.py
in the
supplemental materials for this chapter.
Service Account Authorization
An alternative way to perform authorization is to use a service account.
This method requires a little more work to set up, but less code. A service
account has a cryptographic key pair that authenticates requests. If you
know the private key, you can authorize without generating any refresh or
access tokens. There is a caveat, though: You don't connect as yourself; you
connect as a special type of account called a service account. You need to add
the service account to your project team in the Google Developer console in
order to allow the service account to access your project.
In Chapter 3 you set up a service account, generated a key pair, and
downloaded it somewhere safe. The e-mail address of the service account
(for example,
long-random-address@developer.gserviceaccount.com
) and
the private key file (in PKCS#12 format) are all you need to perform
can turn a service account e-mail address PKCS#12 file and a service
