Class: Google::Auth::DefaultCredentials

Inherits:
Object
  • Object
show all
Extended by:
CredentialsLoader
Defined in:
lib/googleauth/default_credentials.rb

Overview

DefaultCredentials is used to preload the credentials file, to determine which type of credentials should be loaded.

Constant Summary

Constants included from CredentialsLoader

CredentialsLoader::ACCOUNT_TYPE_VAR, CredentialsLoader::CLIENT_EMAIL_VAR, CredentialsLoader::CLIENT_ID_VAR, CredentialsLoader::CLIENT_SECRET_VAR, CredentialsLoader::CLOUD_SDK_CLIENT_ID, CredentialsLoader::CLOUD_SDK_CREDENTIALS_WARNING, CredentialsLoader::CREDENTIALS_FILE_NAME, CredentialsLoader::ENV_VAR, CredentialsLoader::NOT_FOUND_ERROR, CredentialsLoader::PRIVATE_KEY_VAR, CredentialsLoader::REFRESH_TOKEN_VAR, CredentialsLoader::SYSTEM_DEFAULT_ERROR, CredentialsLoader::WELL_KNOWN_ERROR, CredentialsLoader::WELL_KNOWN_PATH

Class Method Summary collapse

Methods included from CredentialsLoader

from_env, from_system_default_path, from_well_known_path, make_creds, warn_if_cloud_sdk_credentials

Class Method Details

.determine_creds_class(json_key_io) ⇒ Object

Reads the input json and determines which creds class to use.


77
78
79
80
81
82
83
84
85
86
87
88
89
90
# File 'lib/googleauth/default_credentials.rb', line 77

def self.determine_creds_class(json_key_io)
  json_key = MultiJson.load json_key_io.read
  key = 'type'
  raise "the json is missing the '#{key}' field" unless json_key.key?(key)
  type = json_key[key]
  case type
  when 'service_account'
    [json_key, ServiceAccountCredentials]
  when 'authorized_user'
    [json_key, UserRefreshCredentials]
  else
    raise "credentials type '#{type}' is not supported"
  end
end

.make_creds(options = {}) ⇒ Object

override CredentialsLoader#make_creds to use the class determined by loading the json.


48
49
50
51
52
53
54
55
56
57
58
59
60
# File 'lib/googleauth/default_credentials.rb', line 48

def self.make_creds(options = {})
  json_key_io, scope = options.values_at(:json_key_io, :scope)
  if json_key_io
    json_key, clz = determine_creds_class(json_key_io)
    warn_if_cloud_sdk_credentials json_key['client_id']
    clz.make_creds(json_key_io: StringIO.new(MultiJson.dump(json_key)),
                   scope: scope)
  else
    warn_if_cloud_sdk_credentials ENV[CredentialsLoader::CLIENT_ID_VAR]
    clz = read_creds
    clz.make_creds(scope: scope)
  end
end

.read_credsObject


62
63
64
65
66
67
68
69
70
71
72
73
74
# File 'lib/googleauth/default_credentials.rb', line 62

def self.read_creds
  env_var = CredentialsLoader::ACCOUNT_TYPE_VAR
  type = ENV[env_var]
  raise "#{env_var} is undefined in env" unless type
  case type
  when 'service_account'
    ServiceAccountCredentials
  when 'authorized_user'
    UserRefreshCredentials
  else
    raise "credentials type '#{type}' is not supported"
  end
end