如何使用google auth实例化google api服务?

我正在尝试使用其API,使用QuickStart指南,从一个python程序中填充一个Google工作表。( https://developers.google.com/sheets/api/quickstart/python )作为起点:

from __future__ import print_function
from apiclient.discovery import build
from httplib2 import Http
from oauth2client import file as oauth_file, client, tools

# Setup the Sheets API
SCOPES = 'https://www.googleapis.com/auth/spreadsheets.readonly'
store = oauth_file.Storage('token.json')
creds = store.get()
if not creds or creds.invalid:
    flow = client.flow_from_clientsecrets('credentials.json', SCOPES)
    creds = tools.run_flow(flow, store)
service = build('sheets', 'v4', http=creds.authorize(Http()))

但是,我只能用 flow_from_clientsecrets() 方法,该方法(默认情况下)在浏览器中打开身份验证页。这似乎不适用于我希望定期在生产服务器上运行的某些内容。

无论如何,根据 https://pypi.org/project/oauth2client/ , oauth2client 已弃用,建议开发人员使用 google-auth 相反。

因此,我尝试将这个示例调整为如下(如下所示 https://google-auth.readthedocs.io/en/latest/user-guide.html#service-account-private-key-files ):

from google.oauth2 import service_account

credentials = service_account.Credentials.from_service_account_file(
    'google_client_secret.json')

在哪里? 'google_client_secret.json' 是从api控制台下载的json文件,它看起来像这样(加扰和漂亮的打印):

{
  "installed": {
    "client_id": "33e.apps.googleusercontent.com",
    "project_id": "nps-survey-1532981793379",
    "auth_uri": "https://accounts.google.com/o/oauth2/auth",
    "token_uri": "https://accounts.google.com/o/oauth2/token",
    "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
    "client_secret": "foobar",
    "redirect_uris": [
      "urn:ietf:wg:oauth:2.0:oob",
      "http://localhost"
    ]
  }
}

但是,当我运行脚本时,会得到以下错误:

(lucy-web-CVxkrCFK) bash-3.2$ python nps.py
Traceback (most recent call last):
  File "nps.py", line 25, in <module>
    'google_client_secret.json')
  File "/Users/kurtpeek/.local/share/virtualenvs/lucy-web-CVxkrCFK/lib/python3.7/site-packages/google/oauth2/service_account.py", line 209, in from_service_account_file
    filename, require=['client_email', 'token_uri'])
  File "/Users/kurtpeek/.local/share/virtualenvs/lucy-web-CVxkrCFK/lib/python3.7/site-packages/google/auth/_service_account_info.py", line 73, in from_filename
    return data, from_dict(data, require=require)
  File "/Users/kurtpeek/.local/share/virtualenvs/lucy-web-CVxkrCFK/lib/python3.7/site-packages/google/auth/_service_account_info.py", line 51, in from_dict
    'fields {}.'.format(', '.join(missing)))
ValueError: Service account info was not in the expected format, missing fields token_uri, client_email.

从进入调试器,我注意到问题基本上是字典传递到 from_dict() 方法是 整个的 字典在 google_client_secret.json 文件,只有一个键, "installed" . 什么 Fuffi() 方法似乎是“looking for”子字典,因为它包含 token_uri 键,尽管它不包含所需的 client_email 关键。

我怀疑的是,我为我的用例创建了错误类型的OAuth2客户机,因为包含客户机机密的JSON的格式不符合预期。我能怎么解决这个问题吗?