Class: Google::Auth::GCECredentials
- Inherits:
-
Signet::OAuth2::Client
- Object
- Signet::OAuth2::Client
- Google::Auth::GCECredentials
- Defined in:
- lib/googleauth/compute_engine.rb
Overview
Extends Signet::OAuth2::Client so that the auth token is obtained from the GCE metadata server.
Constant Summary
Constants included from BaseClient
Instance Attribute Summary
Attributes inherited from Signet::OAuth2::Client
Class Method Summary collapse
-
.on_gce?(_options = {}, _reload = false) ⇒ Boolean
Detect if this appear to be a GCE instance, by checking if metadata is available.
- .reset_cache ⇒ Object (also: unmemoize_all)
Instance Method Summary collapse
-
#fetch_access_token(_options = {}) ⇒ Object
Overrides the super class method to change how access tokens are fetched.
Methods inherited from Signet::OAuth2::Client
#build_default_connection, #configure_connection, #fetch_access_token!, #orig_fetch_access_token!, #retry_with_error, #token_type, #update_token!, #update_token_signet_base
Methods included from BaseClient
#apply, #apply!, #expires_within?, #needs_access_token?, #notify_refresh_listeners, #on_refresh, #updater_proc
Class Method Details
.on_gce?(_options = {}, _reload = false) ⇒ Boolean
Detect if this appear to be a GCE instance, by checking if metadata is available. The parameters are deprecated and unused.
72 73 74 |
# File 'lib/googleauth/compute_engine.rb', line 72 def on_gce? = {}, _reload = false # rubocop:disable Style/OptionalBooleanParameter Google::Cloud.env. end |
Instance Method Details
#fetch_access_token(_options = {}) ⇒ Object
Overrides the super class method to change how access tokens are fetched.
85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 |
# File 'lib/googleauth/compute_engine.rb', line 85 def fetch_access_token = {} if token_type == :id_token query = { "audience" => target_audience, "format" => "full" } entry = "service-accounts/default/identity" else query = {} entry = "service-accounts/default/token" end query[:scopes] = Array(scope).join "," if scope begin resp = Google::Cloud.env. "instance", entry, query: query case resp.status when 200 build_token_hash resp.body, resp.headers["content-type"], resp.retrieval_monotonic_time when 403, 500 msg = "Unexpected error code #{resp.status} #{UNEXPECTED_ERROR_SUFFIX}" raise Signet::UnexpectedStatusError, msg when 404 raise Signet::AuthorizationError, NO_METADATA_SERVER_ERROR else msg = "Unexpected error code #{resp.status} #{UNEXPECTED_ERROR_SUFFIX}" raise Signet::AuthorizationError, msg end rescue Google::Cloud::Env::MetadataServerNotResponding => e raise Signet::AuthorizationError, e. end end |