0

I've used a Pyrebase client w/o service-account-key and Rules to upload and access a files on FB Storage, and it worked fine. But now I'm using a google.cloud.storage.Client() with user creds like this:

def readAva(dictCred):   #creds dictionary    
    cred = Credentials(dictCred["user"]["stsTokenManager"]['accessToken'])
    stor = storage.Client(project='fbtest-XXX', credentials=cred)
    print("CREDs OK")

    fName = dictCred["user"]["uid"] + ".png"
    url = stor.get_bucket("fbtest-XXX.appspot.com").blob(f"test-users/{fName}").public_url    
    print("URL=" + url)
    
    return url

and it returns:

127.0.0.1 - - [12/Jul/2023 16:54:18] "GET /DAhmgc5UEFUstSeDjSaAAQ0PUPl1 HTTP/1.1" 200 -
CREDs OK
Can't read an avatar!

Code on Flask:

def userPage(userid):    
    avaURL = ""

    if request.method == "GET":
        #if userid != session["userid"]: pageNotFound(404) 
        #else:
            try:
                avaURL = storage.readAva(session["dictCred"])             
            except:
                print("Can't read an avatar!")    

    return render_template("home.html", avaURL=avaURL)

Credentials are OK, they work well with firestore.Client(). Browser console shows no error, but img src="".

Tryed to use a litheral like this: url = stor.get_bucket("fbtest-ba697.appspot.com").blob("test-users/DAhmgc5UEFUstSeDjSaAAQ0PUPl1.png").public_url -still nothing.

Rules are just:

service firebase.storage {
  match /b/{bucket}/o {    
    match /test-users/{filename} {
      allow read: if request.auth != null; 
    }
  }
}

And simulated GET works. Files are present in "test-users" folder.

Mikhail Nikolaev
  • 17
  • 4
  • Can you try replacing `get_blob` instead of `blob` ? And it seems, you are sharing your project-id along with code. make sure you remove that. – Roopa M Jul 12 '23 at 10:25
  • Consider printing the exception that you catch, so that you can see the root cause of the problem: https://stackoverflow.com/questions/1483429/how-do-i-print-an-exception-in-python – Frank van Puffelen Jul 12 '23 at 13:44
  • Changed to get_blob(), still dont works. Exception is: "The credentials do not contain the necessary fields need to refresh the access token. You must specify refresh_token, token_uri, client_id, and client_secret." But it worked fine with Firestore... Well, will try to add. – Mikhail Nikolaev Jul 13 '23 at 01:24
  • Added this nesessary fields, but now: "127.0.0.1 - - [13/Jul/2023 11:04:14] "GET /DAhmgc5UEFUstSeDjSaAAQ0PUPl1 HTTP/1.1" 200 - ('invalid_grant: Bad Request', {'error': 'invalid_grant', 'error_description': 'Bad Request'})". Tryed blob() and get_blob(). Or is it problem with creds again? – Mikhail Nikolaev Jul 13 '23 at 02:10
  • Can you check this [thread](https://stackoverflow.com/a/72811679/18265570)? – Roopa M Jul 13 '23 at 04:33

0 Answers0