@Inject GoogleAppSecretDecrypter( HttpTransport transport, JsonFactory jsonFactory, @ProjectId String projectId) throws GoogleCredentialException { GoogleCredential credential; try { credential = GoogleCredential.getApplicationDefault(transport, jsonFactory); } catch (IOException e) { throw new GoogleCredentialException( "Problem obtaining credentials via GoogleCredential.getApplicationDefault()"); } if (credential.createScopedRequired()) { credential = credential.createScoped(CloudKMSScopes.all()); } this.cloudKMS = new CloudKMS.Builder(transport, jsonFactory, credential) .setApplicationName("GoogleAppSecretDecrypter") .build(); this.secretsCryptoKey = String.format(SECRETS_CRYPTO_KEY_FMT_STRING, projectId); }
@Provides @LazySingleton public GoogleStorage getGoogleStorage(final GoogleAccountConfig config) throws IOException, GeneralSecurityException { LOG.info("Building Cloud Storage Client..."); HttpTransport httpTransport = GoogleNetHttpTransport.newTrustedTransport(); JsonFactory jsonFactory = JacksonFactory.getDefaultInstance(); GoogleCredential credential = GoogleCredential.getApplicationDefault(httpTransport, jsonFactory); if (credential.createScopedRequired()) { credential = credential.createScoped(StorageScopes.all()); } Storage storage = new Storage.Builder(httpTransport, jsonFactory, credential).setApplicationName(APPLICATION_NAME).build(); return new GoogleStorage(storage); } }
/** * Create a Storage Transfer client using user-supplied credentials and other settings. * * @param httpTransport * a user-supplied HttpTransport * @param jsonFactory * a user-supplied JsonFactory * @param credential * a user-supplied Google credential * @return a Storage Transfer client */ public static Storagetransfer createStorageTransferClient( HttpTransport httpTransport, JsonFactory jsonFactory, GoogleCredential credential) { Preconditions.checkNotNull(httpTransport); Preconditions.checkNotNull(jsonFactory); Preconditions.checkNotNull(credential); // In some cases, you need to add the scope explicitly. if (credential.createScopedRequired()) { credential = credential.createScoped(StoragetransferScopes.all()); } // Please use custom HttpRequestInitializer for automatic // retry upon failures. We provide a simple reference // implementation in the "Retry Handling" section. HttpRequestInitializer initializer = new RetryHttpInitializerWrapper(credential); return new Storagetransfer.Builder(httpTransport, jsonFactory, initializer) .setApplicationName("storagetransfer-sample") .build(); } }
if (credential.createScopedRequired()) { List<String> scopes = new ArrayList<>();
private static Storage buildService() throws IOException, GeneralSecurityException { HttpTransport transport = GoogleNetHttpTransport.newTrustedTransport(); JsonFactory jsonFactory = new JacksonFactory(); GoogleCredential credential = GoogleCredential.getApplicationDefault(transport, jsonFactory); // Depending on the environment that provides the default credentials (for // example: Compute Engine, App Engine), the credentials may require us to // specify the scopes we need explicitly. Check for this case, and inject // the Cloud Storage scope if required. if (credential.createScopedRequired()) { Collection<String> scopes = StorageScopes.all(); credential = credential.createScoped(scopes); } return new Storage.Builder(transport, jsonFactory, credential) .setApplicationName("GCS Samples") .build(); } }
private Credential scoped(final GoogleCredential credential) { if (credential.createScopedRequired()) { return credential.createScoped(SCOPES); } return credential; }
private GoogleCredential createDefault() throws Exception { GoogleCredential credential = GoogleCredential.getApplicationDefault(); Collection<String> scopes = Collections.singletonList(BigqueryScopes.BIGQUERY); if (credential.createScopedRequired()) { credential = credential.createScoped(scopes); } return credential; }
/** * Obtain the Application Default com.google.api.client.auth.oauth2.Credential * * @return the Application Default Credential */ public static GoogleCredential getApplicationDefaultCredential() { try { GoogleCredential credential = GoogleCredential.getApplicationDefault(); if (credential.createScopedRequired()) { credential = credential.createScoped(Arrays.asList("https://www.googleapis.com/auth/genomics")); } return credential; } catch (IOException e) { throw new RuntimeException(MISSING_ADC_EXCEPTION_MESSAGE, e); } }
private GoogleCredential createDefault() throws Exception { GoogleCredential credential = GoogleCredential.getApplicationDefault(); Collection pubSubScopes = Collections.singletonList(PubsubScopes.PUBSUB); if (credential.createScopedRequired()) { credential = credential.createScoped(pubSubScopes); } return credential; }
@Override public Credential create() { GoogleCredential credential; try { credential = GoogleCredential.getApplicationDefault(); } catch (IOException e) { throw new RuntimeException( "Unable to obtain credentials to communicate with the Cloud SQL API", e); } if (credential.createScopedRequired()) { credential = credential.createScoped( Collections.singletonList(SQLAdminScopes.SQLSERVICE_ADMIN)); } return credential; } }
private static GoogleCredential scoped(GoogleCredential credential) { if (credential.createScopedRequired()) { return credential.createScoped(CloudKMSScopes.all()); } return credential; }
private GoogleCredential createFromFile() throws Exception { GoogleCredential credential = GoogleCredential.fromStream(new FileInputStream(credentialsFileLocation)); if (credential.createScopedRequired()) { credential = credential.createScoped(PubsubScopes.all()); } return credential; }
private static GoogleCredential loadKmsCredential(HttpTransport transport, JsonFactory factory, String jsonPath) throws IOException { GoogleCredential credential; if (!jsonPath.isEmpty()) { FileInputStream stream = new FileInputStream(jsonPath); credential = GoogleCredential.fromStream(stream, transport, factory); log.info("Loaded kms credentials from " + jsonPath); } else { log.info("Using kms default application credentials."); credential = GoogleCredential.getApplicationDefault(); } if (credential.createScopedRequired()) { credential = credential.createScoped(CloudKMSScopes.all()); } return credential; } }
private GoogleCredential createFromFile() throws Exception { GoogleCredential credential = GoogleCredential.fromStream(new FileInputStream(credentialsFileLocation)); if (credential.createScopedRequired()) { credential = credential.createScoped(BigqueryScopes.all()); } return credential; }
private static GoogleCredential loadStorageCredential(HttpTransport transport, JsonFactory factory, String jsonPath) throws IOException { GoogleCredential credential; if (!jsonPath.isEmpty()) { FileInputStream stream = new FileInputStream(jsonPath); credential = GoogleCredential.fromStream(stream, transport, factory); log.info("Loaded storage credentials from " + jsonPath); } else { log.info("Using storage default application credentials."); credential = GoogleCredential.getApplicationDefault(); } if (credential.createScopedRequired()) { credential = credential.createScoped(StorageScopes.all()); } return credential; } }
private static GoogleCredential loadKmsCredential(HttpTransport transport, JsonFactory factory, String jsonPath) throws IOException { GoogleCredential credential; if (!jsonPath.isEmpty()) { FileInputStream stream = new FileInputStream(jsonPath); credential = GoogleCredential.fromStream(stream, transport, factory); log.info("Loaded kms credentials from " + jsonPath); } else { log.info("Using kms default application credentials."); credential = GoogleCredential.getApplicationDefault(); } if (credential.createScopedRequired()) { credential = credential.createScoped(CloudKMSScopes.all()); } return credential; } }
@Override protected Bigquery client(GoogleCredential credential, HttpTransport transport, JsonFactory jsonFactory) { if (credential.createScopedRequired()) { credential = credential.createScoped(BigqueryScopes.all()); } return new Bigquery.Builder(transport, jsonFactory, credential) .setApplicationName("Digdag") .build(); }
private Storage createGoogleStorage(boolean useApplicationDefaultCreds) { JsonFactory jsonFactory = JacksonFactory.getDefaultInstance(); String applicationName = "Spinnaker/Halyard"; HttpRequestInitializer requestInitializer; try { GoogleCredential credential = useApplicationDefaultCreds ? GoogleCredential.getApplicationDefault() : new GoogleCredential(); if (credential.createScopedRequired()) { credential = credential.createScoped(Collections.singleton(StorageScopes.DEVSTORAGE_FULL_CONTROL)); } requestInitializer = GoogleCredentials.setHttpTimeout(credential); log.info("Loaded application default credential for reading BOMs & profiles."); } catch (Exception e) { requestInitializer = GoogleCredentials.retryRequestInitializer(); log.debug("No application default credential could be loaded for reading BOMs & profiles. Continuing unauthenticated: {}", e.getMessage()); } return new Storage.Builder(GoogleCredentials.buildHttpTransport(), jsonFactory, requestInitializer) .setApplicationName(applicationName) .build(); }
@Override protected Storage client(GoogleCredential credential, HttpTransport transport, JsonFactory jsonFactory) { if (credential.createScopedRequired()) { credential = credential.createScoped(BigqueryScopes.all()); } return new Storage.Builder(transport, jsonFactory, credential) .setApplicationName("Digdag") .build(); }
/** Loads the provided credential. */ private KmsClient withCredentials(GoogleCredential credential) { if (credential.createScopedRequired()) { credential = credential.createScoped(CloudKMSScopes.all()); } this.client = new CloudKMS.Builder(new NetHttpTransport(), new JacksonFactory(), credential) .setApplicationName(APPLICATION_NAME) .build(); return this; }