@Override public GoogleCredentials getGoogleCredentials(Map<PropertyDescriptor, String> properties, HttpTransportFactory transportFactory) throws IOException { return ComputeEngineCredentials.newBuilder() .setHttpTransportFactory(transportFactory) .build(); } }
@Override public void refresh(final GoogleCredentials credentials) throws IOException { credentials.refresh(); } }
private static GoogleCredentials defaultCredentials() { try { return GoogleCredentials.getApplicationDefault(); } catch (Exception ex) { return null; } }
private GoogleCredentials loadGoogleCredentials( final boolean useDefaultCredentials, final File credentialsFile) throws ArgumentParserException, IOException { if (useDefaultCredentials && credentialsFile != null) { final String msg = String.format("Cannot set both %s and %s", this.googleCloudCredentialsFile.getDest(), this.useGoogleDefaultApplicationCredentials.getDest()); throw new IllegalArgumentException(msg); } if (useDefaultCredentials) { return GoogleCredentials.getApplicationDefault(); } try (final FileInputStream stream = new FileInputStream(credentialsFile)) { return GoogleCredentials.fromStream(stream); } }
@BeforeClass public static void beforeClass() throws IOException { Credentials credentials = GoogleCredentials.getApplicationDefault() .createScoped(DiskTypeSettings.getDefaultServiceScopes()); diskTypeSettings = DiskTypeSettings.newBuilder() .setCredentialsProvider(FixedCredentialsProvider.create(credentials)) .build(); diskTypeClient = DiskTypeClient.create(diskTypeSettings); }
public ContainerRegistryAuthSupplier build() { final GoogleCredentials credentials = this.credentials.createScoped(scopes); // log some sort of identifier for the credentials, which requires looking at the // instance type if (credentials instanceof ServiceAccountCredentials) { final String clientEmail = ((ServiceAccountCredentials) credentials).getClientEmail(); log.info("loaded credentials for service account with clientEmail={}", clientEmail); } else if (credentials instanceof UserCredentials) { final String clientId = ((UserCredentials) credentials).getClientId(); log.info("loaded credentials for user account with clientId={}", clientId); } final Clock clock = Clock.systemDefaultZone(); final DefaultCredentialRefresher refresher = new DefaultCredentialRefresher(); return new ContainerRegistryAuthSupplier(credentials, clock, minimumExpiryMillis, refresher); } }
/** Returns the authentication credentials. If required, credentials are scoped. */ public Credentials getScopedCredentials() { Credentials credentialsToReturn = credentials; if (credentials instanceof GoogleCredentials && ((GoogleCredentials) credentials).createScopedRequired()) { credentialsToReturn = ((GoogleCredentials) credentials).createScoped(getScopes()); } return credentialsToReturn; }
/** * Constructs a ContainerRegistryAuthSupplier for the account with the given credentials. * * @see Builder */ public static Builder fromStream(final InputStream credentialsStream) throws IOException { final GoogleCredentials credentials = GoogleCredentials.fromStream(credentialsStream); return new Builder(credentials); }
/** * Example of creating a signed URL for the blob passing the {@link * SignUrlOption#signWith(ServiceAccountSigner)} option, that will be used to sign the URL. */ // [TARGET signUrl(long, TimeUnit, SignUrlOption...)] // [VARIABLE "/path/to/key.json"] public URL signUrlWithSigner(String keyPath) throws IOException { // [START signUrlWithSigner] URL signedUrl = blob.signUrl( 14, TimeUnit.DAYS, SignUrlOption.signWith( ServiceAccountCredentials.fromStream(new FileInputStream(keyPath)))); // [END signUrlWithSigner] return signedUrl; }
private boolean needsRefresh(final AccessToken accessToken) { if (accessToken == null) { // has not yet been fetched return true; } final Date expirationTime = credentials.getAccessToken().getExpirationTime(); // Don't refresh if expiration time hasn't been provided. if (expirationTime == null) { return false; } // refresh the token if it expires "soon" final long expiresIn = expirationTime.getTime() - clock.millis(); return expiresIn <= minimumExpiryMillis; }
private RegistryAuth authForAccessToken(final AccessToken accessToken) { return RegistryAuth.builder() .username("oauth2accesstoken") .password(accessToken.getTokenValue()) .build(); }
@Override public Optional<AccessToken> get() { Optional<AccessToken> tokenOpt = Optional.absent(); if (enabled) { if (staticToken != null) { tokenOpt = Optional.of(staticToken); } else { try { synchronized (lock) { if (credentials == null) { credentials = getCredentialsWithScopes(tokenScopes); } credentials.refreshIfExpired(); } tokenOpt = Optional.of(credentials.getAccessToken()); } catch (IOException | RuntimeException e) { LOG.debug("Exception (possibly benign) while loading Google Credentials", e); return Optional.absent(); } } } return tokenOpt; }
/** * Get an accessToken to use, possibly refreshing the token if it expires within the * minimumExpiryMillis. */ private AccessToken getAccessToken() throws IOException { // synchronize attempts to refresh the accessToken synchronized (credentials) { if (needsRefresh(credentials.getAccessToken())) { credentialRefresher.refresh(credentials); } } return credentials.getAccessToken(); }
/** * Sets the service authentication credentials. If no credentials are set, {@link * GoogleCredentials#getApplicationDefault()} will be used to attempt getting credentials from * the environment. Use {@link NoCredentials#getInstance()} to skip authentication, this is * typically useful when using local service emulators. * * @param credentials authentication credentials, should not be {@code null} * @return the builder * @throws NullPointerException if {@code credentials} is {@code null}. To disable * authentication use {@link NoCredentials#getInstance()} */ public B setCredentials(Credentials credentials) { this.credentials = checkNotNull(credentials); // set project id if available if (this.projectId == null && credentials instanceof ServiceAccountCredentials) { this.projectId = ((ServiceAccountCredentials) credentials).getProjectId(); } return self(); }
@Override public GoogleCredentials getGoogleCredentials(Map<PropertyDescriptor, String> properties, HttpTransportFactory transportFactory) throws IOException { return GoogleCredentials.getApplicationDefault(transportFactory); }
@Override public GoogleCredentials getGoogleCredentials(Map<PropertyDescriptor, String> properties, HttpTransportFactory transportFactory) throws IOException { return GoogleCredentials.fromStream(getServiceAccountJson(properties), transportFactory); }
private Subscriber createSubscriberWithCustomCredentials() throws Exception { // [START pubsub_subscriber_custom_credentials] CredentialsProvider credentialsProvider = FixedCredentialsProvider.create( ServiceAccountCredentials.fromStream(new FileInputStream("credentials.json"))); Subscriber subscriber = Subscriber.newBuilder(subscriptionName, receiver) .setCredentialsProvider(credentialsProvider) .build(); // [END pubsub_subscriber_custom_credentials] return subscriber; }
@Override public GoogleCredentials getGoogleCredentials(Map<PropertyDescriptor, String> properties, HttpTransportFactory transportFactory) throws IOException { return GoogleCredentials.getApplicationDefault(transportFactory); }
private Publisher createPublisherWithCustomCredentials(ProjectTopicName topicName) throws Exception { // [START pubsub_publisher_custom_credentials] // read service account credentials from file CredentialsProvider credentialsProvider = FixedCredentialsProvider.create( ServiceAccountCredentials.fromStream(new FileInputStream("credentials.json"))); Publisher publisher = Publisher.newBuilder(topicName).setCredentialsProvider(credentialsProvider).build(); // [END pubsub_publisher_custom_credentials] return publisher; } }
/** * Constructs a ContainerRegistryAuthSupplier using the Application Default Credentials. * * @see Builder */ public static Builder forApplicationDefaultCredentials() throws IOException { return new Builder(GoogleCredentials.getApplicationDefault()); }