auth

package
v0.0.0-...-04b04dc Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 20, 2025 License: BSD-3-Clause Imports: 21 Imported by: 10

Documentation

Index

Constants

View Source
const (
	ScopeReadOnly        = storage.DevstorageReadOnlyScope
	ScopeReadWrite       = storage.DevstorageReadWriteScope
	ScopeFullControl     = storage.DevstorageFullControlScope
	ScopeCompute         = compute.ComputeScope
	ScopeGerrit          = "https://www.googleapis.com/auth/gerritcodereview"
	ScopePubsub          = pubsub.ScopePubSub
	ScopeUserinfoEmail   = "https://www.googleapis.com/auth/userinfo.email"
	ScopeUserinfoProfile = "https://www.googleapis.com/auth/userinfo.profile"
	ScopeAllCloudAPIs    = iam.CloudPlatformScope
)

Variables

This section is empty.

Functions

func NewDefaultJWTServiceAccountTokenSource

func NewDefaultJWTServiceAccountTokenSource(ctx context.Context, scopes ...string) (oauth2.TokenSource, error)

NewDefaultJWTServiceAccountTokenSource creates a new oauth2.TokenSource that is loaded first by attempting to load JWT JSON Service Account data from GCE Project Level metadata, and if that fails falls back to loading the data from a local file.

func NewGCloudTokenSource

func NewGCloudTokenSource(projectId string) oauth2.TokenSource

NewGCloudTokenSource creates an oauth2.TokenSource that returns tokens from the locally authorized gcloud command line tool, i.e. it gets them from running:

gcloud auth print-access-token

projectId - The name of the GCP project, e.g. 'skia-public'. If empty, "", then

the default project id for gcloud is used.

func NewJWTServiceAccountTokenSource

func NewJWTServiceAccountTokenSource(ctx context.Context, metadataname, filename, secretProject, secretName string, scopes ...string) (oauth2.TokenSource, error)

NewJWTServiceAccountTokenSource creates a new oauth2.TokenSource that is loaded first by attempting to load JWT JSON Service Account data from GCE Project Level metadata, and if that fails falls back to loading the data from a local file, followed by GCP secrets if the local file fails.

metadataname - The name of the GCE project level metadata key that holds the JWT JSON. If empty a default is used.
filename - The name of the local file that holds the JWT JSON. If empty a default is used.
secretProject - The GCP project containing the GCP secret which holds the JWT JSON.
secretName - The name of the GCP secret which holds the JWT JSON.

func NewTokenSourceFromKeyString

func NewTokenSourceFromKeyString(ctx context.Context, local bool, keyAsBase64String string, scopes ...string) (oauth2.TokenSource, error)

NewTokenSourceFromKeyString creates a TokenSource from the given 'keyAsBase64String' for the given 'scopes'.

The value of 'keyAsBase64String' is a JSON service account key encoded in base64.

This function can be used with public variables declared in a module and the value of the Key can be changed via -ldflags to pass an -X flag to the linker, for example

go build \
-ldflags="-X 'main.Key=${SERVICE_ACCOUNT_KEY_IN_BASE64}' " \
./go/foo

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL