Module: Google::Auth

Defined in:: lib/googleauth/iam.rb,
lib/googleauth/version.rb,
lib/googleauth/client_id.rb,
lib/googleauth/scope_util.rb,
lib/googleauth/credentials.rb,
lib/googleauth/token_store.rb,
lib/googleauth/user_refresh.rb,
lib/googleauth/compute_engine.rb,
lib/googleauth/json_key_reader.rb,
lib/googleauth/service_account.rb,
lib/googleauth/user_authorizer.rb,
lib/googleauth/credentials_loader.rb,
lib/googleauth/application_default.rb,
lib/googleauth/default_credentials.rb,
lib/googleauth/web_user_authorizer.rb,
lib/googleauth/stores/file_token_store.rb,
lib/googleauth/stores/redis_token_store.rb

Overview

Module Auth provides classes that provide Google-specific authorization used to access Google APIs.

Defined Under Namespace

Modules: CredentialsLoader, JsonKeyReader, ScopeUtil, Stores Classes: ClientId, Credentials, DefaultCredentials, GCECredentials, IAMCredentials, ServiceAccountCredentials, ServiceAccountJwtHeaderCredentials, TokenStore, UserAuthorizer, UserRefreshCredentials, WebUserAuthorizer

Constant Summary collapse

VERSION =

'0.6.7'.freeze

NO_METADATA_SERVER_ERROR =

<<ERROR.freeze
Error code 404 trying to get security access token
from Compute Engine metadata for the default service account. This
may be because the virtual machine instance does not have permission
scopes specified.
ERROR

UNEXPECTED_ERROR_SUFFIX =

<<ERROR.freeze
trying to get security access token from Compute Engine metadata for
the default service account
ERROR

NOT_FOUND_ERROR =

<<ERROR_MESSAGE.freeze
Could not load the default credentials. Browse to
https://developers.google.com/accounts/docs/application-default-credentials
for more information
ERROR_MESSAGE

Class Method Summary collapse

.get_application_default(scope = nil, options = {}) ⇒ Object

Obtains the default credentials implementation to use in this environment.

Class Method Details

.get_application_default(scope = nil, options = {}) ⇒ `Object`

Obtains the default credentials implementation to use in this environment.

Use this to obtain the Application Default Credentials for accessing Google APIs. Application Default Credentials are described in detail at goo.gl/IUuyuX.

If supplied, scope is used to create the credentials instance, when it can be applied. E.g, on google compute engine and for user credentials the scope is ignored.

Parameters:

scope (string|array|nil) (defaults to: nil) —

the scope(s) to access
options (hash) (defaults to: {}) —

allows override of the connection being used

# File 'lib/googleauth/application_default.rb', line 56

def get_application_default(scope = nil, options = {})
  creds = DefaultCredentials.from_env(scope) ||
          DefaultCredentials.from_well_known_path(scope) ||
          DefaultCredentials.from_system_default_path(scope)
  return creds unless creds.nil?
  unless GCECredentials.on_gce?(options)
    # Clear cache of the result of GCECredentials.on_gce?
    GCECredentials.unmemoize_all
    raise NOT_FOUND_ERROR
  end
  GCECredentials.new
end