[GH-ISSUE #249] CloudTasks Authenticated Problems #29

New issue

Closed

opened 2026-03-03 16:36:04 +03:00 by kerem · 5 comments

kerem commented 2026-03-03 16:36:04 +03:00

Owner

Copy link

Originally created by @drexhacker on GitHub (Jul 21, 2023).
Original GitHub issue: https://github.com/NdoleStudio/httpsms/issues/249

Client

Cloud Tasks Client (with service account)

Environment

ubuntu 22.04 linux on GCE

Go Environment

$ go version
go version go1.20.6 linux/amd64
$ go env

GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="/home/joshua/.cache/go-build"
GOENV="/home/joshua/.config/go/env"
GOEXE=""
GOEXPERIMENT=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GOMODCACHE="/home/joshua/go/pkg/mod"
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/home/joshua/go"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/local/go"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/local/go/pkg/tool/linux_amd64"
GOVCS=""
GOVERSION="go1.20.6"
GCCGO="gccgo"
GOAMD64="v1"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="0"
GOMOD="/dev/null"
GOWORK=""
CGO_CFLAGS="-O2 -g"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-O2 -g"
CGO_FFLAGS="-O2 -g"
CGO_LDFLAGS="-O2 -g"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -fno-caret-diagnostics -Qunused-arguments -Wl,--no-gc-sections -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build3217169298=/tmp/go-build -gno-record-gcc-switches"

Code
Environment Variables

FIREBASE_CREDENTIALS='{
  "type": "service_account",
  "project_id": "my-project",
  "private_key_id": "<private-key-id>",
  "private_key": "-----BEGIN PRIVATE KEY-----\n<private-key>\n-----END PRIVATE KEY-----\n",
  "client_email": "<service-account-name>@<project-id>.iam.gserviceaccount.com",
  "client_id": "<client-id>",
  "auth_uri": "https://accounts.google.com/o/oauth2/auth",
  "token_uri": "https://oauth2.googleapis.com/token",
  "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
  "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/http-cloudtasks%40<project-id>.iam.gserviceaccount.com",
  "universe_domain": "googleapis.com"
}'

Credentials Code

// FirebaseCredentials returns firebase credentials as bytes.
func (container *Container) FirebaseCredentials() []byte {
	container.logger.Debug("creating firebase credentials")
	return []byte(os.Getenv("FIREBASE_CREDENTIALS"))
}

Client Code

// CloudTasksClient creates a new instance of cloudtasks.Client
func (container *Container) CloudTasksClient() (client *cloudtasks.Client) {
	container.logger.Debug(fmt.Sprintf("creating %T", client))

	client, err := cloudtasks.NewClient(context.Background(), option.WithCredentialsJSON(container.FirebaseCredentials()))
	if err != nil {
		container.logger.Fatal(err)
		container.logger.Fatal(stacktrace.Propagate(err, "cannot initialize cloud tasks client"))
	}

	return client
}

Expected behavior

Expected the Client to use the PROJECT_ID supplied by the service account.

Actual behavior

But instead it uses an unkown project id 25699032575

{"severity":"ERROR","logging.googleapis.com/trace":"projects/bpc-management-system/traces/00000000000000000000000000000000","logging.googleapis.com/spanId":"0000000000000000","logging.googleapis.com/trace_sampled":false,"pid":"3673860","hostname":"mail.drexsoft.tech","service.name":"*handlers.MessageHandler","error":"cannot send message with paylod [{\"to\":\"+256761585999\",\"from\":\"+256784007449\",\"content\":\"Hello\",\"sim\":\"DEFAULT\"}]\n --- at /home/joshua/httpsms/api/pkg/handlers/message_handler.go:99 (MessageHandler.PostSend) ---\nCaused by: cannot dispatch event type [message.api.sent] and id [84f07795-1eca-4a61-9443-51ce7715cf19]\n --- at /home/joshua/httpsms/api/pkg/services/message_service.go:336 (MessageService.SendMessage) ---\nCaused by: cannot enqueue event with ID [84f07795-1eca-4a61-9443-51ce7715cf19] and type [message.api.sent]\n --- at /home/joshua/httpsms/api/pkg/services/event_dispatcher_service.go:83 (EventDispatcher.DispatchWithTimeout) ---\nCaused by: cannot schedule task {\"specversion\":\"1.0\",\"id\":\"84f07795-1eca-4a61-9443-51ce7715cf19\",\"source\":\"/v1/messages/send\",\"type\":\"message.api.sent\",\"datacontenttype\":\"application/json\",\"time\":\"2023-07-21T17:30:03.987907595Z\",\"data\":{\"message_id\":\"a88b7146-f561-460a-8aca-9957d4cd81be\",\"user_id\":\"ADlQwb2ibKfnI9oO5MWcjlPGBE93\",\"owner\":\"+256784007449\",\"max_send_attempts\":2,\"contact\":\"+256761585999\",\"request_received_at\":\"2023-07-21T17:30:03.980567857Z\",\"content\":\"Hello\",\"sim\":\"SIM1\"}} to URL: projects/bpc-management-system/locations/us-central1/queues/send-sms\n --- at /home/joshua/httpsms/api/pkg/services/google_cloud_push_queue_service.go:74 (googlePushQueue.Enqueue) ---\nCaused by: rpc error: code = PermissionDenied desc = Cloud Tasks API has not been used in project 25699032575 before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/cloudtasks.googleapis.com/overview?project=25699032575 then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.\nerror details: name = ErrorInfo reason = SERVICE_DISABLED domain = googleapis.com metadata = map[consumer:projects/25699032575 service:cloudtasks.googleapis.com]\nerror details: name = Help desc = Google developers console API activation url = https://console.developers.google.com/apis/api/cloudtasks.googleapis.com/overview?project=25699032575","time":"2023-07-21T18:30:04.559722546+01:00","caller":"/home/joshua/httpsms/api/pkg/handlers/message_handler.go:99"}

Additional context

Facing the Same Error on GCE, CloudRun, and Non-Google VMs.
Note: I even created a service account with Cloud Tasks Admin Role but it still fails.
I even queried the Metadata from GCE VM I was using and it returned the the real project-id.

@AchoArnold Please Help

Originally created by @drexhacker on GitHub (Jul 21, 2023). Original GitHub issue: https://github.com/NdoleStudio/httpsms/issues/249 **Client** Cloud Tasks Client (with service account) **Environment** ubuntu 22.04 linux on GCE **Go Environment** $ go version `go version go1.20.6 linux/amd64` $ go env ```env GO111MODULE="" GOARCH="amd64" GOBIN="" GOCACHE="/home/joshua/.cache/go-build" GOENV="/home/joshua/.config/go/env" GOEXE="" GOEXPERIMENT="" GOFLAGS="" GOHOSTARCH="amd64" GOHOSTOS="linux" GOINSECURE="" GOMODCACHE="/home/joshua/go/pkg/mod" GONOPROXY="" GONOSUMDB="" GOOS="linux" GOPATH="/home/joshua/go" GOPRIVATE="" GOPROXY="https://proxy.golang.org,direct" GOROOT="/usr/local/go" GOSUMDB="sum.golang.org" GOTMPDIR="" GOTOOLDIR="/usr/local/go/pkg/tool/linux_amd64" GOVCS="" GOVERSION="go1.20.6" GCCGO="gccgo" GOAMD64="v1" AR="ar" CC="gcc" CXX="g++" CGO_ENABLED="0" GOMOD="/dev/null" GOWORK="" CGO_CFLAGS="-O2 -g" CGO_CPPFLAGS="" CGO_CXXFLAGS="-O2 -g" CGO_FFLAGS="-O2 -g" CGO_LDFLAGS="-O2 -g" PKG_CONFIG="pkg-config" GOGCCFLAGS="-fPIC -m64 -fno-caret-diagnostics -Qunused-arguments -Wl,--no-gc-sections -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build3217169298=/tmp/go-build -gno-record-gcc-switches" ``` **Code** Environment Variables ```env FIREBASE_CREDENTIALS='{ "type": "service_account", "project_id": "my-project", "private_key_id": "<private-key-id>", "private_key": "-----BEGIN PRIVATE KEY-----\n<private-key>\n-----END PRIVATE KEY-----\n", "client_email": "<service-account-name>@<project-id>.iam.gserviceaccount.com", "client_id": "<client-id>", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "token_uri": "https://oauth2.googleapis.com/token", "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/http-cloudtasks%40<project-id>.iam.gserviceaccount.com", "universe_domain": "googleapis.com" }' ``` Credentials Code ```go // FirebaseCredentials returns firebase credentials as bytes. func (container *Container) FirebaseCredentials() []byte { container.logger.Debug("creating firebase credentials") return []byte(os.Getenv("FIREBASE_CREDENTIALS")) } ``` Client Code ```go // CloudTasksClient creates a new instance of cloudtasks.Client func (container *Container) CloudTasksClient() (client *cloudtasks.Client) { container.logger.Debug(fmt.Sprintf("creating %T", client)) client, err := cloudtasks.NewClient(context.Background(), option.WithCredentialsJSON(container.FirebaseCredentials())) if err != nil { container.logger.Fatal(err) container.logger.Fatal(stacktrace.Propagate(err, "cannot initialize cloud tasks client")) } return client } ``` **Expected behavior** Expected the Client to use the `PROJECT_ID` supplied by the service account. **Actual behavior** But instead it uses an unkown project id `25699032575` ```json {"severity":"ERROR","logging.googleapis.com/trace":"projects/bpc-management-system/traces/00000000000000000000000000000000","logging.googleapis.com/spanId":"0000000000000000","logging.googleapis.com/trace_sampled":false,"pid":"3673860","hostname":"mail.drexsoft.tech","service.name":"*handlers.MessageHandler","error":"cannot send message with paylod [{\"to\":\"+256761585999\",\"from\":\"+256784007449\",\"content\":\"Hello\",\"sim\":\"DEFAULT\"}]\n --- at /home/joshua/httpsms/api/pkg/handlers/message_handler.go:99 (MessageHandler.PostSend) ---\nCaused by: cannot dispatch event type [message.api.sent] and id [84f07795-1eca-4a61-9443-51ce7715cf19]\n --- at /home/joshua/httpsms/api/pkg/services/message_service.go:336 (MessageService.SendMessage) ---\nCaused by: cannot enqueue event with ID [84f07795-1eca-4a61-9443-51ce7715cf19] and type [message.api.sent]\n --- at /home/joshua/httpsms/api/pkg/services/event_dispatcher_service.go:83 (EventDispatcher.DispatchWithTimeout) ---\nCaused by: cannot schedule task {\"specversion\":\"1.0\",\"id\":\"84f07795-1eca-4a61-9443-51ce7715cf19\",\"source\":\"/v1/messages/send\",\"type\":\"message.api.sent\",\"datacontenttype\":\"application/json\",\"time\":\"2023-07-21T17:30:03.987907595Z\",\"data\":{\"message_id\":\"a88b7146-f561-460a-8aca-9957d4cd81be\",\"user_id\":\"ADlQwb2ibKfnI9oO5MWcjlPGBE93\",\"owner\":\"+256784007449\",\"max_send_attempts\":2,\"contact\":\"+256761585999\",\"request_received_at\":\"2023-07-21T17:30:03.980567857Z\",\"content\":\"Hello\",\"sim\":\"SIM1\"}} to URL: projects/bpc-management-system/locations/us-central1/queues/send-sms\n --- at /home/joshua/httpsms/api/pkg/services/google_cloud_push_queue_service.go:74 (googlePushQueue.Enqueue) ---\nCaused by: rpc error: code = PermissionDenied desc = Cloud Tasks API has not been used in project 25699032575 before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/cloudtasks.googleapis.com/overview?project=25699032575 then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.\nerror details: name = ErrorInfo reason = SERVICE_DISABLED domain = googleapis.com metadata = map[consumer:projects/25699032575 service:cloudtasks.googleapis.com]\nerror details: name = Help desc = Google developers console API activation url = https://console.developers.google.com/apis/api/cloudtasks.googleapis.com/overview?project=25699032575","time":"2023-07-21T18:30:04.559722546+01:00","caller":"/home/joshua/httpsms/api/pkg/handlers/message_handler.go:99"} ``` **Additional context** Facing the Same Error on GCE, CloudRun, and Non-Google VMs. Note: I even created a service account with `Cloud Tasks Admin` Role but it still fails. I even queried the Metadata from GCE VM I was using and it returned the the real project-id. @AchoArnold Please Help

kerem closed this issue 2026-03-03 16:36:04 +03:00

kerem commented 2026-03-03 16:36:05 +03:00

Author

Owner

Copy link

@AchoArnold commented on GitHub (Jul 23, 2023):

Hello @drexhacker

It seems you're re-creating this issue #240

I'm not sure how your setup looks like it seems there's a mistake somewhere. I can't find the ID 25699032575 anywhere in this codebase, Did you use that ID somewhere in your .env file?

Also the error says

Cloud Tasks API has not been used in project 25699032575 before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/cloudtasks.googleapis.com/overview?project=25699032575 then retry.

Did you enable the cloud task API?

Alternatively, you can try sending the SMS with the emulator queue

EVENTS_QUEUE_TYPE=emulator
EVENTS_QUEUE_USER_API_KEY={Api Key of a valid User in your system}
EVENTS_QUEUE_NAME=projects/{your project id}/locations/us-east1/queues/{queue name}
EVENTS_QUEUE_USER_ID={Id of a user in your system}
EVENTS_QUEUE_ENDPOINT={Your URL}/v1/events

Can you test if everything is okay with the cloud task queue? Try to push something to the queue using the go SDK for google cloud task and see if it works properly.

<!-- gh-comment-id:1646764323 --> @AchoArnold commented on GitHub (Jul 23, 2023): Hello @drexhacker It seems you're re-creating this issue #240 I'm not sure how your setup looks like it seems there's a mistake somewhere. I can't find the ID 25699032575 anywhere in this codebase, Did you use that ID somewhere in your `.env` file? Also the error says ``` Cloud Tasks API has not been used in project 25699032575 before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/cloudtasks.googleapis.com/overview?project=25699032575 then retry. ``` Did you enable the cloud task API? Alternatively, you can try sending the SMS with the emulator queue ``` EVENTS_QUEUE_TYPE=emulator EVENTS_QUEUE_USER_API_KEY={Api Key of a valid User in your system} EVENTS_QUEUE_NAME=projects/{your project id}/locations/us-east1/queues/{queue name} EVENTS_QUEUE_USER_ID={Id of a user in your system} EVENTS_QUEUE_ENDPOINT={Your URL}/v1/events ``` Can you test if everything is okay with the cloud task queue? Try to push something to the queue using the go SDK for google cloud task and see if it works properly.

kerem commented 2026-03-03 16:36:05 +03:00

Author

Owner

Copy link

@bpcsys commented on GitHub (Jul 24, 2023):

@AchoArnold Thanks for the response. First of all that project ID is no where in my setup not even in my gcp account. Also I enabled the API. But let me try the emulator setup.

Thanks Alot Really.

<!-- gh-comment-id:1647378020 --> @bpcsys commented on GitHub (Jul 24, 2023): @AchoArnold Thanks for the response. First of all that project ID is no where in my setup not even in my gcp account. Also I enabled the API. But let me try the emulator setup. Thanks Alot Really.

kerem commented 2026-03-03 16:36:05 +03:00

Author

Owner

Copy link

@AchoArnold commented on GitHub (Jul 25, 2023):

Hello @bpcsys

Dit everything work out fine?

<!-- gh-comment-id:1649126647 --> @AchoArnold commented on GitHub (Jul 25, 2023): Hello @bpcsys Dit everything work out fine?

kerem commented 2026-03-03 16:36:05 +03:00

Author

Owner

Copy link

@drexhacker commented on GitHub (Jul 26, 2023):

Yeah except messages aren't sent they have mismatched credentials

<!-- gh-comment-id:1651041118 --> @drexhacker commented on GitHub (Jul 26, 2023): Yeah except messages aren't sent they have mismatched credentials

kerem commented 2026-03-03 16:36:05 +03:00

Author

Owner

Copy link

@AchoArnold commented on GitHub (Jul 26, 2023):

@drexhacker what do you mean by "mismatched credentials"? Which part of the code is throwing the error? Unfortunately I can't debug it without more information

<!-- gh-comment-id:1651655979 --> @AchoArnold commented on GitHub (Jul 26, 2023): @drexhacker what do you mean by "mismatched credentials"? Which part of the code is throwing the error? Unfortunately I can't debug it without more information

kerem referenced this issue 2026-03-03 16:36:42 +03:00

[PR #29] [CLOSED] Bump parse-path and @nuxt/telemetry in /web #94

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

feature/send-sms-based-on-schedule

feat/mms-attachment-support

revert-794-dependabot/npm_and_yarn/web/stylelint-config-recommended-vue-1.6.1

revert-761-dependabot/npm_and_yarn/web/nuxtjs/sitemap-7.4.7

dependabot/npm_and_yarn/web/date-fns-3.0.6

revert-217-dependabot/npm_and_yarn/web/nuxt-3.4.3

172/enable-sending-sms-to-short-codes

104/bulk-sms-send

add-payment-plans

revert-50-dependabot/npm_and_yarn/web/vue-and-vue-template-compiler-2.7.14

36/add-sticky-notification-for-android-13

34/enable-multipart-sms-support

dev

v0.0.17

v0.0.16

v0.0.14

v0.0.15

v0.0.13

v0.0.12

v0.0.11

v0.0.10

v0.0.9

v0.0.8

v0.0.7

v0.0.6

v0.0.5

v0.0.4

v0.0.3

v0.0.2

v0.0.1

Labels

Clear labels   

In Review

  

documentation

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

wontfix

No labels

In Review

documentation

pull-request

question

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/httpsms#29

No description provided.