0

Newbie question: I am trying to publish my first web site on GCP. It works fine when I set public access, but I want to control access rights via Google sign-in. Any attempt to load the home page index.html raises Anonymous caller does not have storage.objects.get access. This page contains the required scripts and sign-in button, but it can't give access to the home page itself. The web site is set with uniform access control. TIA and best regards, Robert.

Robert Kirkpatrick
  • 1
  • Perhaps [this answer](https://stackoverflow.com/questions/56302658/anonymous-caller-does-not-have-storage-objects-get) can help. It appears to be an issue with permissions, verify the scopes of your app – Aerials May 02 '20 at 11:07
  • More info: the failed test above is run under my bucket-owner google account. – Robert Kirkpatrick May 02 '20 at 11:19
  • This is a simple static web-site, I did not specify any particular scope. – Robert Kirkpatrick May 02 '20 at 11:25
  • 1
    How are you enabling Google Sign-In for your site (in your code or via IAP)? Edit your question with more details. – John Hanley May 02 '20 at 16:42
  • The scripts embedded in the home page are expected to enable Google sign-in. I don't use IAP, but may be I should. – Robert Kirkpatrick May 03 '20 at 16:59
  • I follow the Google guidelines from [link](https://developers.google.com/identity/sign-in/web/sign-in#before_you_begin) – Robert Kirkpatrick May 03 '20 at 17:34
  • You may want to look into using OAUTH2 to accomplish this [Setting up OAuth2.0][1] [Using OAuth2.0 for Web Server Applications][2] [1]: https://support.google.com/cloud/answer/6158849?hl=en [2]: https://developers.google.com/identity/protocols/oauth2/web-server?_gac=1.247131440.1586437475.EAIaIQobChMI97XTjbTb6AIVDp6fCh34qguBEAAYASAAEgJBM_D_BwE&_ga=2.23563834.1606303968.1588595302-1590434231.1584445337 – Nicholas Elkaim May 05 '20 at 16:46
  • Unless I misunderstood something, OAUTH2 should not be required to access a static web site. I don't require any user credential to validate a server transaction of any kind. – Robert Kirkpatrick May 07 '20 at 15:02
  • I only want the user to be identified via his GoogleId to be able to read the pages. – Robert Kirkpatrick May 07 '20 at 15:03

0 Answers0