I use BigQuery from Colab for a long time, and since 2020 my account is on Google's enhanced security program. Until yesterday I had no issues authenticating with
from google.colab import auth
auth.authenticate_user()
Now, though, I get a 400 error. These are the details it gives:
access_type: offline
login_hint: (email)
response_type: none gsession
redirect_uri: https://colab.research.google.com/tun/m/auth-user-ephem
state: {"token":"(token)","endpoint":"(endpoint)","scopes":["openid","https://www.googleapis.com/auth/userinfo.email","https://www.googleapis.com/auth/cloud-platform","https://www.googleapis.com/auth/drive"]}
hd: (domain)
prompt: consent
client_id: (client_id)
scope: openid https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/drive
My question: are there configurations on the auth to allow for authenticating?
CodePudding user response:
You may try the below alternative approach wherein you will upload your json key file (for authentication) in Google Drive, then mount it to Google Colab and then explicitly use it in your python code to authenticate your BigQuery API request.
from google.cloud import bigquery
from google.oauth2 import service_account
from google.colab import drive
import json
# Construct a BigQuery client object.
drive.mount('/content/drive/') # Mount to google drive
# Define full path from Google Drive.
# This example, the json key file is in /MyDrive/keys/
key_path = '/content/drive/MyDrive/keys/your-json-file.json'
credentials = service_account.Credentials.from_service_account_file(
filename=key_path, scopes=["https://www.googleapis.com/auth/cloud-platform"],
)
client = bigquery.Client(credentials=credentials, project=credentials.project_id,)
query = """
SELECT name, SUM(number) as total_people
FROM `bigquery-public-data.usa_names.usa_1910_2013`
WHERE state = 'TX'
GROUP BY name, state
ORDER BY total_people DESC
LIMIT 20
"""
query_job = client.query(query) # Make an API request.
print("The query data:")
for row in query_job:
# Row values can be accessed by field name or index.
print("name={}, count={}".format(row[0], row["total_people"]))
Below is the result of my above sample code when executed in Google Colab:
CodePudding user response:
I've encountered this problem too. It seems that Google have changed the authentication procedure so that you (or your organisation) have to add colaboratory to the list of apps with permission to access your account.
However, there's also a way to revert to the old authentication behaviour which works without any special permissions:
import os
os.environ['USE_AUTH_EPHEM'] = '0'
from google.colab import auth
auth.authenticate_user()
If you look at the source code of the authenticate_user()
function, you can see that it reads the USE_AUTH_EPHEM
environment variable to decide whether to use the old or new authentication flow.