auth: add compute service account
This commit is contained in:
parent
b95cf48ada
commit
9d7735f031
|
@ -0,0 +1,28 @@
|
||||||
|
# Copyright 2013 Google Inc.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
require 'faraday'
|
||||||
|
require 'signet/oauth_2/client'
|
||||||
|
|
||||||
|
module Google
|
||||||
|
class APIClient
|
||||||
|
class ComputeServiceAccount < Signet::OAuth2::Client
|
||||||
|
def fetch_access_token(options={})
|
||||||
|
options[:connection] ||= Faraday.default_connection
|
||||||
|
response = options[:connection].get 'http://metadata/computeMetadata/v1beta1/instance/service-accounts/default/token'
|
||||||
|
Signet::OAuth2.parse_json_credentials(response.body)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
|
@ -15,3 +15,4 @@
|
||||||
require 'google/api_client/auth/pkcs12'
|
require 'google/api_client/auth/pkcs12'
|
||||||
require 'google/api_client/auth/jwt_asserter'
|
require 'google/api_client/auth/jwt_asserter'
|
||||||
require 'google/api_client/auth/key_utils'
|
require 'google/api_client/auth/key_utils'
|
||||||
|
require 'google/api_client/auth/compute_service_account'
|
||||||
|
|
|
@ -141,3 +141,24 @@ describe Google::APIClient::JWTAsserter do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe Google::APIClient::ComputeServiceAccount do
|
||||||
|
include ConnectionHelpers
|
||||||
|
|
||||||
|
it 'should query metadata server' do
|
||||||
|
conn = stub_connection do |stub|
|
||||||
|
stub.get('/computeMetadata/v1beta1/instance/service-accounts/default/token') do |env|
|
||||||
|
env.url.host.should == 'metadata'
|
||||||
|
[200, {}, '{
|
||||||
|
"access_token" : "1/abcdef1234567890",
|
||||||
|
"token_type" : "Bearer",
|
||||||
|
"expires_in" : 3600
|
||||||
|
}']
|
||||||
|
end
|
||||||
|
end
|
||||||
|
service_account = Google::APIClient::ComputeServiceAccount.new
|
||||||
|
auth = service_account.fetch_access_token!({ :connection => conn })
|
||||||
|
auth.should_not == nil?
|
||||||
|
auth["access_token"].should == "1/abcdef1234567890"
|
||||||
|
conn.verify
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
Loading…
Reference in New Issue