时间戳

首页 > 解决方案 > Cloud Vision:凭据问题

firebase - Cloud Vision:凭据问题

问题描述

我正在尝试在 Firebase 项目中的本地计算机上设置 Cloud Vision,但我遇到了默认凭据问题。

首先,我遇到了Could not load the default credentials. 这篇文章建议我这样做gcloud auth application-default login。在尝试这样做时,我遇到了这个:

Error: 7 PERMISSION_DENIED: Your application has authenticated using end user credentials from the Google Cloud SDK or Google Cloud Shell which are not supported by the vision.googleapis.com. We recommend configuring the billing/quota_project setting in gcloud or using a service account through the auth/impersonate_service_account setting. For more information about service accounts and how to use them in your application, see https://cloud.google.com/docs/authentication/.

我也尝试exports GOOGLE_APPLICATION_CREDENTIALS = "pathToServiceAccount"过,但在我的情况下不起作用。

请注意,我在 Firestore 和 Firebase 存储中读取/写入数据没有问题。当我的代码到达 Cloud Vision 部分时,它就会抛出错误。我已在云控制台上激活 API 并启用计费。Firestore 和 storage 中的安全规则目前处于测试模式。

const vision = require('@google-cloud/vision');
var admin = require('firebase-admin');
let serviceAccount = require('../path-to-service-account.json');

admin.initializeApp({
    credential: admin.credential.cert(serviceAccount),
    storageBucket: "mybucket.appspot.com"
});

let db = admin.firestore()
let bucket = admin.storage().bucket();

//Some networking code, return a promise
.then(response => {
    //setup storagePath
    return pipeToStorage(item, response, storagePath) //Save to firebase storage ok
})
.then((item) => {
    return performTextDetection(item.id) //Throws error here
})

function pipeToStorage(item, response, storagePath) {
    return new Promise((resolve, reject) => {
        gcFile = bucket.file(storagePath)

        response.data
        .pipe(gcFile.createWriteStream({
            metadata   : {
                contentType: "application/pdf"
            }
        }))
        .on('error', (error) => { 
            reject(error)
        })
        .on('finish', () => { 
            resolve(item)
        })
    }) 
}


function performTextDetection(id) {
    const client = new vision.ImageAnnotatorClient();
    const bucketName = bucket.name;
    const fileName = `items/${id}.pdf`
    const outputPrefix = 'ocr_results'
    const gcsSourceUri = `gs://${bucketName}/${fileName}`;
    const gcsDestinationUri = `gs://${bucketName}/${outputPrefix}/${id}/`;

    const inputConfig = {
        mimeType: 'application/pdf',
        gcsSource: {
            uri: gcsSourceUri,
        },
    };
    const outputConfig = {
        gcsDestination: {
            uri: gcsDestinationUri,
        },
    };
    const features = [{type: 'DOCUMENT_TEXT_DETECTION'}];
    const request = {
        requests: [
            {
            inputConfig: inputConfig,
            features: features,
            outputConfig: outputConfig,
            },
        ],
    };

    return client.asyncBatchAnnotateFiles(request)
    .then(([operation]) => {
        return operation.promise()
    })
    .then(([filesResponse]) => {
        const resultsUri = filesResponse.responses[0].outputConfig.gcsDestination.uri
        return resultsUri
    })
}

标签: firebasegoogle-cloud-platformgoogle-cloud-vision

解决方案

发生这种情况是因为您拥有exports而不是export

exports GOOGLE_APPLICATION_CREDENTIALS = "pathToServiceAccount"

请试试:

export GOOGLE_APPLICATION_CREDENTIALS="/home/user/credentials.json"

请注意,没有空格,请参阅此处的详细信息。顺便说一句,当export省略时,我也发现了相同的 PERMISSION_DENIED 错误。

验证步骤是使用 curl 执行 REST 请求:

curl -X POST \
-H "Authorization: Bearer "$(gcloud auth application-default print-access-token) \
-H "Content-Type: application/json; charset=utf-8" \
-d @request.json \
https://vision.googleapis.com/v1/images:annotate

请参阅此处的完整示例。

推荐阅读