I'm using visual studio code to develop a web application that monitors air quality using google earth engine. The issue I'm having is that the authentication is not working. I already tried the instructions in the google earth engine NPM installation guide but that doesn't work either.
here my code:
var ee = require('@google/earthengine');
var privateKey = require('./privatekey.json');
var client_email = "email"
ee.data.authenticateViaPrivateKey(
{client_email, privateKey},
() => console.log('Authentication succeeded'),
error => console.error('Authentication failed:')
)
I know the issue is not the value of the client_email variable. I just changed it here just in case.
The error shows
error in text:
Uncaught Error: Use of private key authentication in the browser is
insecure. Consider using OAuth, instead.
at Object.ee.data.authenticateViaPrivateKey (bundle.js:18136)
at Object.2../privatekey.json (bundle.js:23980)
at o (bundle.js:1)
at r (bundle.js:1)
at bundle.js:1
I don't know if this is relevant information but I'm also using Browserify so that my main.js script would work since it previously displayed a "require not defined error".
Best Answer
It appears that code is being run in the user's browser. That means that anyone with access to the website will also have the private keys to the service account you're using to authenticate. Malicious actors could easily take those keys and use your resource quota without your permission, or worse.
As the error message suggests, you should consider using OAuth instead so that users can log in using their own Earth Engine accounts. You can find high level instructions here:
https://developers.google.com/earth-engine/guides/app_engine_intro#oauth-2.0-client-id
And a basic example of what this might look like in practice here:
https://github.com/google/earthengine-api/tree/master/demos/client-auth/static
Hope this helps!