Azure上的谷歌分析Api
本文关键字:Api 谷歌 Azure | 更新日期: 2023-09-27 18:17:30
我想在我的MVC网站中使用谷歌分析api,我使用api服务帐户和oauth2进行身份验证,在我的本地主机上没有问题,但一旦我部署到Azure,我就会得到502错误:
"502 - Web服务器在作为网关或代理服务器。你的页面有问题查找,无法显示。当Web服务器(while)作为网关或代理)联系上游内容服务器,从内容服务器收到了无效的响应。"
下面是我的代码:
const string ServiceAccountUser = "xxxxxxxxxx-cpla4j8focrebami0l87mbcto09j9j6k@developer.gserviceaccount.com";
AssertionFlowClient client = new AssertionFlowClient(
GoogleAuthenticationServer.Description,
new X509Certificate2(System.Web.Hosting.HostingEnvironment.MapPath("/Areas/Admin/xxxxxxxxxxxxxxxxxx-privatekey.p12"),
"notasecret", X509KeyStorageFlags.Exportable))
{
Scope = AnalyticsService.Scopes.AnalyticsReadonly.GetStringValue(),
ServiceAccountId = ServiceAccountUser //Bug, why does ServiceAccountUser have to be assigned to ServiceAccountId
//,ServiceAccountUser = ServiceAccountUser
};
OAuth2Authenticator<AssertionFlowClient> authenticator = new OAuth2Authenticator<AssertionFlowClient>(client, AssertionFlowClient.GetState);
我不知道是什么引起的?我在Azure中错过了什么吗?
谢谢你的帮助
我也遇到了同样的问题,但将X509KeyStorageFlags.MachineKeySet传递到构造函数中也为我修复了这个问题。
X509Certificate2 certificate = new X509Certificate2(file, "key", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet);
在经历了几个小时的痛苦之后,我找到了一个解决方法,将各种信息来源拼凑在一起。
问题出现在尝试从Azure网站读取p12文件时,即我的代码中的这一行失败
var key = new X509Certificate2(keyFile, keyPassword, X509KeyStorageFlags.Exportable);
不知道为什么,但如果您将文件拆分为cer和key.xml文件,它会工作吗?
首先,提取这些文件,(我只是使用控制台应用程序)
// load pfx/p12 as "exportable"
var p12Cert = new X509Certificate2(@"c:'Temp'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx-privatekey.p12", "notasecret", X509KeyStorageFlags.Exportable);
// export .cer from .pfx/.p12
File.WriteAllBytes(@"C:'Temp'MyCert.cer", p12Cert.Export(X509ContentType.Cert));
// export private key XML
string privateKeyXml = p12Cert.PrivateKey.ToXmlString(true);
File.WriteAllText(@"C:'Temp'PrivateKey.xml", privateKeyXml);
然后把它们复制到你的网站上然后像这样加载
//Store the authentication description
AuthorizationServerDescription desc = GoogleAuthenticationServer.Description;
//Create a certificate object to use when authenticating
var rsaCryptoServiceProvider = new RSACryptoServiceProvider();
rsaCryptoServiceProvider.FromXmlString(File.ReadAllText(keyFile));
var key = new X509Certificate2(certFile) {PrivateKey = rsaCryptoServiceProvider};
//Now, we will log in and authenticate, passing in the description
//and key from above, then setting the accountId and scope
var client = new AssertionFlowClient(desc, key)
{
//cliendId is your SERVICE ACCOUNT Email Address from Google APIs Console
//looks something like 12345-randomstring@developer.gserviceaccount.com
//~IMPORTANT~: this email address has to be added to your Google Analytics profile
// and given Read & Analyze permissions
ServiceAccountId = clientId,
Scope = "https://www.googleapis.com/auth/analytics.readonly"
};
//Finally, complete the authentication process
//NOTE: This is the first change from the update above
var auth = new OAuth2Authenticator<AssertionFlowClient>(client, AssertionFlowClient.GetState);
//First, create a new service object
//NOTE: this is the second change from the update
//above. Thanks to James for pointing this out
var gas = new AnalyticsService(new BaseClientService.Initializer { Authenticator = auth });