auth: add compute service account
This commit is contained in:
parent
b95cf48ada
commit
9d7735f031
|
@ -0,0 +1,28 @@
|
|||
# Copyright 2013 Google Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
require 'faraday'
|
||||
require 'signet/oauth_2/client'
|
||||
|
||||
module Google
|
||||
class APIClient
|
||||
class ComputeServiceAccount < Signet::OAuth2::Client
|
||||
def fetch_access_token(options={})
|
||||
options[:connection] ||= Faraday.default_connection
|
||||
response = options[:connection].get 'http://metadata/computeMetadata/v1beta1/instance/service-accounts/default/token'
|
||||
Signet::OAuth2.parse_json_credentials(response.body)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
|
@ -15,3 +15,4 @@
|
|||
require 'google/api_client/auth/pkcs12'
|
||||
require 'google/api_client/auth/jwt_asserter'
|
||||
require 'google/api_client/auth/key_utils'
|
||||
require 'google/api_client/auth/compute_service_account'
|
||||
|
|
|
@ -141,3 +141,24 @@ describe Google::APIClient::JWTAsserter do
|
|||
end
|
||||
end
|
||||
|
||||
describe Google::APIClient::ComputeServiceAccount do
|
||||
include ConnectionHelpers
|
||||
|
||||
it 'should query metadata server' do
|
||||
conn = stub_connection do |stub|
|
||||
stub.get('/computeMetadata/v1beta1/instance/service-accounts/default/token') do |env|
|
||||
env.url.host.should == 'metadata'
|
||||
[200, {}, '{
|
||||
"access_token" : "1/abcdef1234567890",
|
||||
"token_type" : "Bearer",
|
||||
"expires_in" : 3600
|
||||
}']
|
||||
end
|
||||
end
|
||||
service_account = Google::APIClient::ComputeServiceAccount.new
|
||||
auth = service_account.fetch_access_token!({ :connection => conn })
|
||||
auth.should_not == nil?
|
||||
auth["access_token"].should == "1/abcdef1234567890"
|
||||
conn.verify
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue