GoogleCredential getJsonCredential( Path keyPath, HttpTransport transport, JsonFactory jsonFactory, HttpRequestInitializer httpRequestInitializer, Collection<String> scopes) throws IOException { try (InputStream is = newInputStream(keyPath)) { GoogleCredential credential = GoogleCredential.fromStream(is, transport, jsonFactory).createScoped(scopes); return new GoogleCredential.Builder() .setServiceAccountId(credential.getServiceAccountId()) .setServiceAccountScopes(scopes) .setServiceAccountPrivateKey(credential.getServiceAccountPrivateKey()) .setTransport(transport) .setJsonFactory(jsonFactory) .setRequestInitializer(httpRequestInitializer) .build(); } }
/** Create a new GoogleCredentialWithRetry from a GoogleCredential. */ public static GoogleCredentialWithRetry fromGoogleCredential(GoogleCredential credential) { GoogleCredential.Builder builder = new GoogleCredential.Builder() .setServiceAccountPrivateKey(credential.getServiceAccountPrivateKey()) .setServiceAccountPrivateKeyId(credential.getServiceAccountPrivateKeyId()) .setServiceAccountId(credential.getServiceAccountId()) .setServiceAccountUser(credential.getServiceAccountUser()) .setServiceAccountScopes(credential.getServiceAccountScopes()) .setTokenServerEncodedUrl(credential.getTokenServerEncodedUrl()) .setTransport(credential.getTransport()) .setClientAuthentication(credential.getClientAuthentication()) .setJsonFactory(credential.getJsonFactory()) .setClock(credential.getClock()) .setRequestInitializer(new CredentialHttpRetryInitializer()); GoogleCredentialWithRetry withRetry = new GoogleCredentialWithRetry(builder); // Setting a refresh token requires validation even if it is null. if (credential.getRefreshToken() != null) { withRetry.setRefreshToken(credential.getRefreshToken()); } return withRetry; }
private String getServiceAccountToken(GoogleCredential credential, String targetAudience) throws IOException, GeneralSecurityException { log.debug("Fetching service account access token for {}", credential.getServiceAccountUser()); final TokenRequest request = new TokenRequest( this.httpTransport, JSON_FACTORY, new GenericUrl(credential.getTokenServerEncodedUrl()), "urn:ietf:params:oauth:grant-type:jwt-bearer"); final Header header = jwtHeader(); final Payload payload = jwtPayload( targetAudience, credential.getServiceAccountId(), credential.getTokenServerEncodedUrl()); request.put("assertion", JsonWebSignature.signUsingRsaSha256( credential.getServiceAccountPrivateKey(), JSON_FACTORY, header, payload)); final TokenResponse response = request.execute(); return (String) response.get("id_token"); }
/** Create a new GoogleCredentialWithRetry from a GoogleCredential. */ public static GoogleCredentialWithRetry fromGoogleCredential(GoogleCredential credential) { GoogleCredential.Builder builder = new GoogleCredential.Builder() .setServiceAccountPrivateKey(credential.getServiceAccountPrivateKey()) .setServiceAccountPrivateKeyId(credential.getServiceAccountPrivateKeyId()) .setServiceAccountId(credential.getServiceAccountId()) .setServiceAccountUser(credential.getServiceAccountUser()) .setServiceAccountScopes(credential.getServiceAccountScopes()) .setTokenServerEncodedUrl(credential.getTokenServerEncodedUrl()) .setTransport(credential.getTransport()) .setClientAuthentication(credential.getClientAuthentication()) .setJsonFactory(credential.getJsonFactory()) .setClock(credential.getClock()) .setRequestInitializer(new CredentialHttpRetryInitializer()); GoogleCredentialWithRetry withRetry = new GoogleCredentialWithRetry(builder); // Setting a refresh token requires validation even if it is null. if (credential.getRefreshToken() != null) { withRetry.setRefreshToken(credential.getRefreshToken()); } return withRetry; }
.setJsonFactory(credential.getJsonFactory()) .setServiceAccountId(credential.getServiceAccountId()) .setServiceAccountPrivateKey(credential.getServiceAccountPrivateKey()) .setServiceAccountScopes(credential.getServiceAccountScopes()) .setTransport(credential.getTransport())
.setJsonFactory(credential.getJsonFactory()) .setServiceAccountId(credential.getServiceAccountId()) .setServiceAccountPrivateKey(credential.getServiceAccountPrivateKey()) .setServiceAccountScopes(credential.getServiceAccountScopes()) .setTransport(credential.getTransport())
.setServiceAccountScopes(ImmutableSet.of(ADMIN_DIRECTORY_GROUP_MEMBER_READONLY)) .setServiceAccountUser(gsuiteUserEmail) .setServiceAccountPrivateKey(credential.getServiceAccountPrivateKey()) .build();