search

craftcms / google-cloud

Google Cloud Storage volume type for Craft CMS.
https://plugins.craftcms.com/google-cloud
MIT License
11 stars 10 forks source link

Access key in env not working #17

Closed wuhhh closed 3 years ago

wuhhh commented 3 years ago

Description

I have an access key which works if it's entered through the control panel and stored in the db. When I try to store the same key in our .env file, I run into problems. It took me a minute to work out how to get past Craft screaming at me because it wasn't escaped properly.

Now what I've done is surrounded the key in single quotes, removed all line breaks and escaped \n with \\\\n. This gets me as far as being able to hit refresh to get the list of buckets, but then I get the following error :

openssl_sign(): supplied key param cannot be coerced into a private key

Key looks like this in .env:

GCLOUD_ACCESS_KEY='{"type": "service_account", "project_id": "xxxxxx", "private_key_id": "xxxxxx", "private_key": "-----BEGIN PRIVATE KEY-----\\\\nxxxxxx==\\\\n-----END PRIVATE KEY-----\\\\n", "client_email": "xxxxxx", "client_id": "xxxxxx", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "token_uri": "https://oauth2.googleapis.com/token", "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "client_x509_cert_url": "xxxxxx"}'

Additional info

hongc-cc commented 3 years ago

I just get a response from Brad that it was only replacing \n with \\n. Nothing else. "Looks like if you search for \n and replace it with \n in that JSON file it will work. Put $GC_FILE in the "Contents of the access key file" setting in the plugin settings and put this in .env"

My key look like this:

GC_FILE='{   "type": "service_account",   "project_id": "xxxxxxxxxxxx",   "private_key_id": "xxxxxxxxxxxxxxx",   "private_key": "-----BEGIN PRIVATE KEY-----\\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQClg4Btx+I7SCNg\\n5S4yFnEmFfEn6EELR/6kMd4ZYkcMTv...........jC+HseJEQE=\\n-----END PRIVATE KEY-----\\n",   "client_email": ....

I dont know it this related but you can definitely give this a try.

angrybrad commented 3 years ago

@wuhhh that should work, but if it doesn't respond back here and I'll re-open the issue.

wuhhh commented 3 years ago

Perfect, that worked, thank you 👍

tomkiss commented 1 year ago

Just noting here for the benefit of others, that after upgrading a project to Craft 4, I am now having to change \\n back to \n in order for the env var key to work again with the Google Cloud Volume plugin. So:

Not sure if this is expected or not, @angrybrad.

croxton commented 8 months ago

Just a note for my future self and anyone else that find this, whether or not you need to escape the \n depends on the version of the package vlucas/phpdotenv that you are using in your project. With the 3.x branch of that package (commonly used on projects that started on an older version of Craft and were upgraded), you DO need to escape the \n to \\n whether the project is running Craft 3 or 4.