31 releases (16 breaking)
0.17.2 | Nov 26, 2024 |
---|---|
0.16.0 | Jun 27, 2024 |
0.13.2 | Mar 24, 2024 |
0.13.0 | Oct 15, 2023 |
0.1.1 | Nov 28, 2021 |
#1158 in Web programming
279,586 downloads per month
Used in 47 crates
(13 directly)
94KB
2K
SLoC
google-cloud-auth
Google Cloud Platform server application authentication library.
Installation
[dependencies]
google-cloud-auth = <version>
google-cloud-token = "0.1.2"
Quickstart
#[tokio::main]
async fn main() -> Result<(), error::Error> {
use google_cloud_auth::{project::Config, token::DefaultTokenSourceProvider};
use google_cloud_token::TokenSourceProvider as _;
let audience = "https://spanner.googleapis.com/";
let scopes = [
"https://www.googleapis.com/auth/cloud-platform",
"https://www.googleapis.com/auth/spanner.data",
];
let config = Config {
// audience is required only for service account jwt-auth
// https://developers.google.com/identity/protocols/oauth2/service-account#jwt-auth
audience: Some(audience),
// scopes is required only for service account Oauth2
// https://developers.google.com/identity/protocols/oauth2/service-account
scopes: Some(&scopes),
sub: None,
};
let tsp = DefaultTokenSourceProvider::new(config).await?;
let ts = tsp.token_source();
let token = ts.token().await?;
println!("token is {}", token);
Ok(())
}
DefaultTokenSourceProvider::new(config)
looks for credentials in the following places,
preferring the first location found:
- A JSON file whose path is specified by the GOOGLE_APPLICATION_CREDENTIALS environment variable.
- A JSON file in a location known to the gcloud command-line tool. On Windows, this is %APPDATA%/gcloud/application_default_credentials.json. On other systems, $HOME/.config/gcloud/application_default_credentials.json.
- On Google Compute Engine, it fetches credentials from the metadata server.
Supported Credentials
- Service Account(JWT)
- Service Account(OAuth 2.0)
- Authorized User
- External Account
- Google Developers Console client_credentials.json
Supported Workload Identity
https://cloud.google.com/iam/docs/workload-identity-federation
- AWS
- Azure Active Directory
- On-premises Active Directory
- Okta
- Kubernetes clusters
Dependencies
~8–23MB
~366K SLoC