class Google::Auth::Credentials
This class is intended to be inherited by API-specific classes which overrides the SCOPE constant.
Constants
- AUDIENCE
- DEFAULT_PATHS
- JSON_ENV_VARS
- PATH_ENV_VARS
- SCOPE
- TOKEN_CREDENTIAL_URI
Attributes
client[RW]
Public Class Methods
default(options = {})
click to toggle source
Returns the default credentials checking, in this order, the path env evironment variables, json environment variables, default paths. If the previously stated locations do not contain keyfile information, this method defaults to use the application default.
# File lib/googleauth/credentials.rb, line 79 def self.default(options = {}) scope = options[:scope] # First try to find keyfile file from environment variables. client = from_path_vars scope # Second try to find keyfile json from environment variables. client ||= from_json_vars scope # Third try to find keyfile file from known file paths. client ||= from_default_paths scope # Finally get instantiated client from Google::Auth client ||= from_application_default scope client end
new(keyfile, options = {})
click to toggle source
# File lib/googleauth/credentials.rb, line 56 def initialize(keyfile, options = {}) scope = options[:scope] verify_keyfile_provided! keyfile if keyfile.is_a? Signet::OAuth2::Client @client = keyfile elsif keyfile.is_a? Hash hash = stringify_hash_keys keyfile hash['scope'] ||= scope @client = init_client hash else verify_keyfile_exists! keyfile json = JSON.parse ::File.read(keyfile) json['scope'] ||= scope @client = init_client json end CredentialsLoader.warn_if_cloud_sdk_credentials @client.client_id @client.fetch_access_token! end
Private Class Methods
from_application_default(scope)
click to toggle source
# File lib/googleauth/credentials.rb, line 131 def self.from_application_default(scope) scope ||= self::SCOPE client = Google::Auth.get_application_default scope new client end
from_default_paths(scope)
click to toggle source
# File lib/googleauth/credentials.rb, line 122 def self.from_default_paths(scope) self::DEFAULT_PATHS .select { |p| ::File.file? p } .each do |file| return new file, scope: scope end nil end
from_json_vars(scope)
click to toggle source
# File lib/googleauth/credentials.rb, line 106 def self.from_json_vars(scope) json = lambda do |v| unless ENV[v].nil? begin JSON.parse ENV[v] rescue nil end end end self::JSON_ENV_VARS.map(&json).compact.each do |hash| return new hash, scope: scope end nil end
from_path_vars(scope)
click to toggle source
# File lib/googleauth/credentials.rb, line 95 def self.from_path_vars(scope) self::PATH_ENV_VARS .map { |v| ENV[v] } .compact .select { |p| ::File.file? p } .each do |file| return new file, scope: scope end nil end
Protected Instance Methods
client_options(options)
click to toggle source
# File lib/googleauth/credentials.rb, line 166 def client_options(options) # Keyfile options have higher priority over constructor defaults options['token_credential_uri'] ||= self.class::TOKEN_CREDENTIAL_URI options['audience'] ||= self.class::AUDIENCE options['scope'] ||= self.class::SCOPE # client options for initializing signet client { token_credential_uri: options['token_credential_uri'], audience: options['audience'], scope: Array(options['scope']), issuer: options['client_email'], signing_key: OpenSSL::PKey::RSA.new(options['private_key']) } end
init_client(keyfile)
click to toggle source
Initializes the Signet client.
# File lib/googleauth/credentials.rb, line 156 def init_client(keyfile) client_opts = client_options keyfile Signet::OAuth2::Client.new client_opts end
stringify_hash_keys(hash)
click to toggle source
returns a new Hash with string keys instead of symbol keys.
# File lib/googleauth/credentials.rb, line 162 def stringify_hash_keys(hash) Hash[hash.map { |k, v| [k.to_s, v] }] end
verify_keyfile_exists!(keyfile)
click to toggle source
Verify that the keyfile argument is a file.
# File lib/googleauth/credentials.rb, line 150 def verify_keyfile_exists!(keyfile) exists = ::File.file? keyfile raise "The keyfile '#{keyfile}' is not a valid file." unless exists end
verify_keyfile_provided!(keyfile)
click to toggle source
Verify that the keyfile argument is provided.
# File lib/googleauth/credentials.rb, line 144 def verify_keyfile_provided!(keyfile) return unless keyfile.nil? raise 'The keyfile passed to Google::Auth::Credentials.new was nil.' end