token-generator

command module

v0.0.0-...-2d04211 Latest Latest Go to latest Published: Mar 6, 2020 License: Apache-2.0 Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Allow to generate id_token based on service account.

This tool can help for testing API when gcloud is not installed on a machine, with postman or curl for example. With curl, you can perform this

curl -H "Authorization: Bearer $(curl localhost:8080?aud=https://my-service)" https://my-service/...

It can be used in collocation with an application where getting a token is too complex (old application or out-of-date framework). For this:

Run the token-generator server on a free port of the server
Run your (old) application
Simply perform a GET with an HTTP library on localhost and on the token-generator port for getting the signed id_token.

Already compiled executable are available here

Run the token generator with these params:

port for changing the port. Optional, default is 8080
file for setting the service account json secret file url path. If missing use this one configured in GOOGLE_APPLICATION_CREDENTIALS ev var

Example

 token-generator -port 8081

Never expose this service on a public IP. Your credential can be stolen!

Query to the opened port with the audience of the service to reach in the aud query parameter

Example

curl http://localhost:8080?aud=http://my-service

The return is the id_token signed by Google.

This library is licensed under Apache 2.0. Full license text is available in LICENSE.

There is no documentation for this package.