Hi all, The current situation is as follows: I currently have a google cloud project. The account that I log into the google cloud project with can also log into a DoubleClick bid Manager account. My aim is to use the DoubleClick Bid Manager api to retrieve certain buckets stored by DBM and save them in my separate google cloud project.

So far i can access the public buckets (gdbm-public) and pull and download the data, however when I try to access the partner specific buckets the same way, i.e. (gdbm-201032-201843) I get a status code 403.

Upon Reading the documentation here, I have discovered that I need to add a google group to the DBM partner information On DBM itself. However when i try to add a google group and save the changes i get an error saying the changes cannot be saved.

This is where i authenticate:

return new GoogleCredential.Builder().setTransport(HTTP_TRANSPORT)
            .setJsonFactory(JSON_FACTORY)
            .setServiceAccountId("<service_account_i_cant_show_here>")
            .setServiceAccountScopes(Collections.singleton(StorageScopes.DEVSTORAGE_READ_ONLY))
            .setServiceAccountPrivateKeyFromP12File(new File("secret-privatekey.p12"))
            .build();

I then try to access the bucket like this:

    String bucketName = "gdbm-201032-201843";
    GoogleCredential credentials = getCredentials();
    Storage storage = new Storage(HTTP_TRANSPORT, JSON_FACTORY, credentials);

    Storage.Objects.List listObjects = storage.objects().list(bucketName);
    Objects objects;
    do {
        objects = listObjects.execute();
        for (StorageObject object : objects.getItems()) {
            System.out.println(object);
        }
        listObjects.setPageToken(objects.getNextPageToken());
    } while (null != objects.getNextPageToken());

More specifically, listObjects.execute() is where the 403 is thrown.

The areas I am trying to edit are Log Read Google Group and Log Management Google Group in the partner itself.

Any help greatly appreciated, thanks!

1

There are 1 answers

0
Zanny On BEST ANSWER

I think i have a solution, I used a different means of authentication as found here. Using the linked class i entered in my google cloud project client credentials and the user that i log into both the google cloud project, and DBM.

I also changed the scope to "https://www.googleapis.com/auth/cloud-platform" however i am not 100% sure this had an effect on the outcome.

Code example:

// Scopes for the OAuth token
private static final Set<String> SCOPES =
        ImmutableSet.of("https://www.googleapis.com/auth/cloud-platform");

public static Credential getUserCredential() throws Exception {
    GoogleClientSecrets clientSecrets = GoogleClientSecrets.load(
            JSON_FACTORY,
            new InputStreamReader(SecurityUtilities.class.
                    getResourceAsStream("/client_secret.json")));
    dataStoreFactory = new FileDataStoreFactory(DATA_STORE_DIR);

// set up authorization code flow.
    GoogleAuthorizationCodeFlow flow = new GoogleAuthorizationCodeFlow.Builder(
            HTTP_TRANSPORT, JSON_FACTORY, clientSecrets, SCOPES)
            .setDataStoreFactory(dataStoreFactory)
            .build();
    // authorize and get credentials.
    return new AuthorizationCodeInstalledApp(flow, new LocalServerReceiver())
            .authorize("<Personal user account>");

So instead of using a service account i used a personal account.