Not authenticating to Google Cloud Platform

What is the problem you are having with rclone?

Both the GUI and the Command Line authentications to Google Cloud Platform do not seem to work. Google tells me that rclone is not yet approved.

What is your rclone version (output from rclone version)

1.48

Which OS you are using and how many bits (eg Windows 7, 64 bit)

Windows 10 64 bit

Which cloud storage system are you using? (eg Google Drive)

Google Cloud Storage (not Google Drive)

The command you were trying to run (eg rclone copy /tmp remote:tmp)

I am just trying to authenticate through the GUI interface when Google tells me that rclone is not supported

A log from the command with the -vv flag (eg output from rclone -vv copy /tmp remote:tmp)

D:\D\rclone>rclone lsd homepcs1:
2019/08/09 13:01:48 Failed to create file system for "homepcs1:": failed configuring Google Cloud Storage Service Account: error processing credentials: invalid character 'c' looking for beginning of value

GUI web browser message

Sign in with Google temporarily disabled for this app

This app has not been verified yet by Google in order to use Google Sign In.

The problem seems to be in your credentials, so you probably need to post your config here so we can check obvious errors or formatting problems.
Just make sure to sufficiently obscure or redact any sensitive information like keys and passwords.

If you haven't gotten past the configuration part (and thus haven't saved to config file) then you may want to let us get some idea of what you put in for each question. (not the exact value in case of sensitive info, but some idea of the format and where you got the info from).

thanks but I have tested the same service account and json file with Cloudberrylabs backup software to access to the Google Cloud Storage Bucket and it works fine. I am now trying to use the same Service Account credentials with rclone to no success.

And when I remove the Service Account and Json file from the rclone configuration it brings me to the Google login page but then does not allow me to login as it says rclone is not an approved application.

Sign in with Google temporarily disabled for this app

This app has not been verified yet by Google in order to use Google Sign In.

[homepcs1]
type = google cloud storage
object_acl = authenticatedRead
bucket_acl = authenticatedRead
location = us-central1
storage_class = REGIONAL

y) Yes this is OK
e) Edit this remote
d) Delete this remote
y/e/d> y
Remote config
Use auto config?

  • Say Y if not sure
  • Say N if you are working on a remote or headless machine
    y) Yes
    n) No
    y/n> y
    If your browser doesn't open automatically go to the following link: http://127.0.0.1:53682/auth
    Log in and authorize rclone for access
    Waiting for code...

Oh, not approved? I remember something in the docs about this. Let me go find it real quick... (eill edit in 2 min)

I really sincerely appreciate your help. Trying to get this setup for a client. I really like what rclone can do but I am new to using it. Any and all help appreciated.

I wasn't really able to find what I was thinking about... but I know it was somewhere in the docs. Basically some troubleshooting steps regarding service account and requiring some sort of additional permission set by admin. That's all I can remember, sorry. I don't use google cloud myself so I have don't have direct experience. Hopefully someone else can step in and provide a little more spesific instruction.

But in your config stuff - have you not entered a path to your service account file? I think that makes it fall back to the regular Oauth authentication, which wouldn't be what you'd want here. See:

To use a Service Account instead of OAuth2 token flow, enter the path to your Service Account credentials at the service_account_file prompt and rclone won’t use the browser based authentication flow. If you’d rather stuff the contents of the credentials file into the rclone config file, you can set service_account_credentials with the actual contents of the file instead, or set the equivalent environment variable.

Maybe the problem is as simple as that?

Probably the same issue as this :

Can you try with the latest beta linked there?

please provide url to the beta download you are specifically referring to

https://beta.rclone.org/rclone-beta-latest-windows-amd64.zip

They don't state the exact build number in that thread, but if you grab the latest current beta that will have those changes in it - so just grab the highest version number from here for your OS:

https://beta.rclone.org/

Success!

All done. Please go back to rclone.

D:\temp\rclone>rclone --version
rclone v1.48.0-147-g873e87fc-beta

  • os/arch: windows/386
  • go version: go1.12.3

D:\temp\rclone>rclone lsd homepcs1:
-1 2019-08-09 13:59:01 -1 bucket11111aaaa
-1 2019-08-09 13:59:01 -1 cloud49
-1 2019-08-09 13:59:01 -1 cloudberry-232002.appspot.com
-1 2019-08-09 13:59:01 -1 homepcs
-1 2019-08-09 13:59:01 -1 janpc789
-1 2019-08-09 13:59:01 -1 staging.cloudberry-232002.appspot.com

thanks everyone

D:\temp\rclone>rclone sync "d:\f\temp" homepcs1:homepcs
2019/08/09 14:03:59 ERROR : test/: Entry doesn't belong in directory "test" (same as directory) - ignoring

Not sure where the "test/:" entry is coming from?

Not sure what I am missing but rclone is trying to use the account I gui oauth authenticated with but still not seem to have access. my account is a Org Administrator.

D:\temp\rclone>rclone mkdir homepcs1:rclone
2019/08/09 14:13:32 ERROR : Attempt 1/3 failed with 2 errors and: failed to get bucket: googleapi: Error 403: arnold@troposphere.tech does not have storage.objects.list access to rclone., forbidden
2019/08/09 14:13:32 ERROR : Attempt 2/3 failed with 2 errors and: failed to get bucket: googleapi: Error 403: arnold@troposphere.tech does not have storage.objects.list access to rclone., forbidden
2019/08/09 14:13:32 ERROR : Attempt 3/3 failed with 2 errors and: failed to get bucket: googleapi: Error 403: arnold@troposphere.tech does not have storage.objects.list access to rclone., forbidden
2019/08/09 14:13:32 Failed to mkdir with 2 errors: last error was: failed to get bucket: googleapi: Error 403: arnold@troposphere.tech does not have storage.objects.list access to rclone., forbidden

Ok, I think I figured out something. You need to first create the bucket in GCS then you need to declare the bucket to rclone. Then you can start to sync stuff. This command now works.

D:\temp\rclone>rclone ls homepcs1:rclone4666

D:\temp\rclone>rclone sync d:\f\temp homepcs1:rclone4666

[
Buckets
storage/browser?project=cloudberry-232002&organizationId=334210160181)/

rclone4666

Drop files here to upload them to:

Name Size Type Storage class Last modified Public access Encryption Retention expiration date Holds
[

Eating/
storage/browser/rclone4666/Eating/?project=cloudberry-232002&organizationId=334210160181)|—|Folder|

thank everyone for the help. much appreciated.

Now I am getting this error?

401. That’s an error.

Error: invalid_client

The OAuth client was not found.

Request Details

  • access_type=offline
  • client_id=cloud
  • redirect_uri=http://127.0.0.1:53682/
  • response_type=code
  • scope=https://www.googleapis.com/auth/devstorage.read_write
  • state=75548e6563a3796fe1c3611ff28af9b9

This approach seems to get it working again. Is this a known bug?

108

Set/change your product name, I had this issue until I created a product name as same as project name.

The product name can be set in the Consent screen section of the Google Developers Console for your project. Look under APIs & auth in the left navigation and select Consent screen. You need also to set your email address in the box above the product name.

All I did was rerun rclone config and removed the clientid!!!

Think I figured it out.

With the newer versions of rclone you do not need to specify service_account_credentials (email of SA account). Rather you just need to point to the service_account_file location.

I just went back and removed the service_account_credentials email address of the SA account through rclone config and it seems to be working.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.