1

I'm trying to execute a Google Cloud Function through PHP, but failing to authenticate when all I have is the service_account json file.

I'm using GuzzleHttp as the function returns a Promise.

What I did so far:

use Google\Auth\Credentials\ServiceAccountCredentials; use Google\Auth\Middleware\AuthTokenMiddleware; use GuzzleHttp\Client; use GuzzleHttp\Exception\RequestException; use GuzzleHttp\HandlerStack; use Psr\Http\Message\ResponseInterface; $scopes = [ 'https://www.googleapis.com/auth/cloud-platform', ]; $credentials = new ServiceAccountCredentials($scopes, [ 'client_email' => "<email>", 'client_id' => "<client_id">, 'private_key' => "<private_key>", ]); $googleAuthTokenMiddleware = new AuthTokenMiddleware($credentials); $stack = HandlerStack::create(); $stack->push($googleAuthTokenMiddleware); $config = array('handler' => $stack,'auth' => 'google_auth'); $httpClient = new Client($config); $promise = $httpClient->requestAsync("POST", "<function_url>", ['json' => ['data' => ""]]); $promise->then( function (ResponseInterface $res) { echo "<pre>"; print_r($res->getBody()); echo "</pre>"; }, function (RequestException $e) { echo "<pre>"; print_r($e->getRequest()->getHeaders()); echo "</pre>"; echo $e->getMessage() . "\n"; echo $e->getRequest()->getMethod(); } ); $promise->wait();

References:

ServiceAccountCredentials: From namespace Google\Auth\Credentials;

AuthTokenMiddleware: From namespace Google\Auth\Middleware;

HandlerStack: From GuzzleHttp

Client: From GuzzleHttp

Http Response From Above Code

`401 Unauthorized` response: {"error":{"status":"UNAUTHENTICATED","message":"Unauthenticated"}} POST

My Cloud Function

My Cloud Function checks for authentication as follow:

exports.testFunction = functions.https.onCall((data, context) => { if (!context.auth) { throw new functions.https.HttpsError('failed-precondition', 'The function must be called ' + 'while authenticated.'); } return "Hooraaay!"; });

What am I doing wrong? How can I successfully authenticate?

Improve this question
9
  • Add information about how authorization is handled by your Cloud Function. For testing, create a new dummy function that returns similar data but does not have authorization (divide by 2 debugging). Also include the top part of your code that shows your library include statements. Commented Feb 21, 2019 at 1:09
  • @JohnHanley Hey! I have added my library references as well as my cloud function. Commented Feb 21, 2019 at 1:13
  • @JohnHanley Just tried it on a function that requires no auth, and simply replies with hello responded with the same error 401 Unauthorized response: {"error":{"status":"UNAUTHENTICATED","message":"Unauthenticated"}}. Weird I think Commented Feb 21, 2019 at 1:16
  • OK - I just noticed the keyword Firebase. I have not worked with Firebase authentication for Cloud Functions (context.auth). I am not sure what headers Firebase uses and the values. I believe it is Authorization: Bearer token but I am not sure. Commented Feb 21, 2019 at 1:18
  • Trigger your dummy function in the Google Cloud Console. What happens? Commented Feb 21, 2019 at 1:27
Load 7 more related questions Show fewer related questions

0

Reset to default

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.