Package google
Overview ▹
Index ▹
Constants
JWTTokenURL is Google's OAuth 2.0 token URL to use with the JWT flow.
const JWTTokenURL = "https://accounts.google.com/o/oauth2/token"
Variables
Endpoint is Google's OAuth 2.0 endpoint.
var Endpoint = oauth2.Endpoint{ AuthURL: "https://accounts.google.com/o/oauth2/auth", TokenURL: "https://accounts.google.com/o/oauth2/token", }
func AppEngineTokenSource ¶
func AppEngineTokenSource(ctx context.Context, scope ...string) oauth2.TokenSource
AppEngineTokenSource returns a token source that fetches tokens issued to the current App Engine application's service account. If you are implementing a 3-legged OAuth 2.0 flow on App Engine that involves user accounts, see oauth2.Config instead.
The provided context must have come from appengine.NewContext.
func ComputeTokenSource ¶
func ComputeTokenSource(account string) oauth2.TokenSource
ComputeTokenSource returns a token source that fetches access tokens from Google Compute Engine (GCE)'s metadata server. It's only valid to use this token source if your program is running on a GCE instance. If no account is specified, "default" is used. Further information about retrieving access tokens from the GCE metadata server can be found at https://cloud.google.com/compute/docs/authentication.
func ConfigFromJSON ¶
func ConfigFromJSON(jsonKey []byte, scope ...string) (*oauth2.Config, error)
ConfigFromJSON uses a Google Developers Console client_credentials.json file to construct a config. client_credentials.json can be downloaded from https://console.developers.google.com, under "Credentials". Download the Web application credentials in the JSON format and provide the contents of the file as jsonKey.
func DefaultClient ¶
func DefaultClient(ctx context.Context, scope ...string) (*http.Client, error)
DefaultClient returns an HTTP Client that uses the DefaultTokenSource to obtain authentication credentials.
func DefaultTokenSource ¶
func DefaultTokenSource(ctx context.Context, scope ...string) (oauth2.TokenSource, error)
DefaultTokenSource returns the token source for "Application Default Credentials". It is a shortcut for FindDefaultCredentials(ctx, scope).TokenSource.
func JWTAccessTokenSourceFromJSON ¶
func JWTAccessTokenSourceFromJSON(jsonKey []byte, audience string) (oauth2.TokenSource, error)
JWTAccessTokenSourceFromJSON uses a Google Developers service account JSON key file to read the credentials that authorize and authenticate the requests, and returns a TokenSource that does not use any OAuth2 flow but instead creates a JWT and sends that as the access token. The audience is typically a URL that specifies the scope of the credentials.
Note that this is not a standard OAuth flow, but rather an optimization supported by a few Google services. Unless you know otherwise, you should use JWTConfigFromJSON instead.
func JWTConfigFromJSON ¶
func JWTConfigFromJSON(jsonKey []byte, scope ...string) (*jwt.Config, error)
JWTConfigFromJSON uses a Google Developers service account JSON key file to read the credentials that authorize and authenticate the requests. Create a service account on "Credentials" for your project at https://console.developers.google.com to download a JSON key file.
type DefaultCredentials ¶
DefaultCredentials holds "Application Default Credentials". For more details, see: https://developers.google.com/accounts/docs/application-default-credentials
type DefaultCredentials struct {
ProjectID string // may be empty
TokenSource oauth2.TokenSource
}
func FindDefaultCredentials ¶
func FindDefaultCredentials(ctx context.Context, scope ...string) (*DefaultCredentials, error)
FindDefaultCredentials searches for "Application Default Credentials".
It looks for credentials in the following places, preferring the first location found:
1. A JSON file whose path is specified by the GOOGLE_APPLICATION_CREDENTIALS environment variable. 2. A JSON file in a location known to the gcloud command-line tool. On Windows, this is %APPDATA%/gcloud/application_default_credentials.json. On other systems, $HOME/.config/gcloud/application_default_credentials.json. 3. On Google App Engine it uses the appengine.AccessToken function. 4. On Google Compute Engine and Google App Engine Managed VMs, it fetches credentials from the metadata server. (In this final case any provided scopes are ignored.)
type SDKConfig ¶
An SDKConfig provides access to tokens from an account already authorized via the Google Cloud SDK.
type SDKConfig struct {
// contains filtered or unexported fields
}
func NewSDKConfig ¶
func NewSDKConfig(account string) (*SDKConfig, error)
NewSDKConfig creates an SDKConfig for the given Google Cloud SDK account. If account is empty, the account currently active in Google Cloud SDK properties is used. Google Cloud SDK credentials must be created by running `gcloud auth` before using this function. The Google Cloud SDK is available at https://cloud.google.com/sdk/.
func (*SDKConfig) Client ¶
func (c *SDKConfig) Client(ctx context.Context) *http.Client
Client returns an HTTP client using Google Cloud SDK credentials to authorize requests. The token will auto-refresh as necessary. The underlying http.RoundTripper will be obtained using the provided context. The returned client and its Transport should not be modified.
func (*SDKConfig) Scopes ¶
func (c *SDKConfig) Scopes() []string
Scopes are the OAuth 2.0 scopes the current account is authorized for.
func (*SDKConfig) TokenSource ¶
func (c *SDKConfig) TokenSource(ctx context.Context) oauth2.TokenSource
TokenSource returns an oauth2.TokenSource that retrieve tokens from Google Cloud SDK credentials using the provided context. It will returns the current access token stored in the credentials, and refresh it when it expires, but it won't update the credentials with the new access token.