class Google::Auth::Credentials

This class is intended to be inherited by API-specific classes which overrides the SCOPE constant.

Constants

AUDIENCE
DEFAULT_PATHS
JSON_ENV_VARS
PATH_ENV_VARS
SCOPE
TOKEN_CREDENTIAL_URI

Attributes

client[RW]

Public Class Methods

default(options = {}) click to toggle source

Returns the default credentials checking, in this order, the path env evironment variables, json environment variables, default paths. If the previously stated locations do not contain keyfile information, this method defaults to use the application default.

# File lib/googleauth/credentials.rb, line 78
def self.default(options = {})
  scope = options[:scope]
  # First try to find keyfile file from environment variables.
  client = from_path_vars(scope)

  # Second try to find keyfile json from environment variables.
  client ||= from_json_vars(scope)

  # Third try to find keyfile file from known file paths.
  client ||= from_default_paths(scope)

  # Finally get instantiated client from Google::Auth
  client ||= from_application_default(scope)
  client
end
new(keyfile, options = {}) click to toggle source
# File lib/googleauth/credentials.rb, line 56
def initialize(keyfile, options = {})
  scope = options[:scope]
  verify_keyfile_provided! keyfile
  if keyfile.is_a? Signet::OAuth2::Client
    @client = keyfile
  elsif keyfile.is_a? Hash
    hash = stringify_hash_keys keyfile
    hash['scope'] ||= scope
    @client = init_client hash
  else
    verify_keyfile_exists! keyfile
    json = JSON.parse ::File.read(keyfile)
    json['scope'] ||= scope
    @client = init_client json
  end
  @client.fetch_access_token!
end

Private Class Methods

from_application_default(scope) click to toggle source
# File lib/googleauth/credentials.rb, line 130
def self.from_application_default(scope)
  scope ||= self::SCOPE
  client = Google::Auth.get_application_default scope
  new client
end
from_default_paths(scope) click to toggle source
# File lib/googleauth/credentials.rb, line 121
def self.from_default_paths(scope)
  self::DEFAULT_PATHS
    .select { |p| ::File.file? p }
    .each do |file|
      return new file, scope: scope
    end
  nil
end
from_json_vars(scope) click to toggle source
# File lib/googleauth/credentials.rb, line 105
def self.from_json_vars(scope)
  json = lambda do |v|
    unless ENV[v].nil?
      begin
        JSON.parse ENV[v]
      rescue
        nil
      end
    end
  end
  self::JSON_ENV_VARS.map(&json).compact.each do |hash|
    return new hash, scope: scope
  end
  nil
end
from_path_vars(scope) click to toggle source
# File lib/googleauth/credentials.rb, line 94
def self.from_path_vars(scope)
  self::PATH_ENV_VARS
    .map { |v| ENV[v] }
    .compact
    .select { |p| ::File.file? p }
    .each do |file|
      return new file, scope: scope
    end
  nil
end

Protected Instance Methods

client_options(options) click to toggle source
# File lib/googleauth/credentials.rb, line 165
def client_options(options)
  # Keyfile options have higher priority over constructor defaults
  options['token_credential_uri'] ||= self.class::TOKEN_CREDENTIAL_URI
  options['audience'] ||= self.class::AUDIENCE
  options['scope'] ||= self.class::SCOPE

  # client options for initializing signet client
  { token_credential_uri: options['token_credential_uri'],
    audience: options['audience'],
    scope: Array(options['scope']),
    issuer: options['client_email'],
    signing_key: OpenSSL::PKey::RSA.new(options['private_key']) }
end
init_client(keyfile) click to toggle source

Initializes the Signet client.

# File lib/googleauth/credentials.rb, line 155
def init_client(keyfile)
  client_opts = client_options keyfile
  Signet::OAuth2::Client.new client_opts
end
stringify_hash_keys(hash) click to toggle source

returns a new Hash with string keys instead of symbol keys.

# File lib/googleauth/credentials.rb, line 161
def stringify_hash_keys(hash)
  Hash[hash.map { |k, v| [k.to_s, v] }]
end
verify_keyfile_exists!(keyfile) click to toggle source

Verify that the keyfile argument is a file.

# File lib/googleauth/credentials.rb, line 149
def verify_keyfile_exists!(keyfile)
  exists = ::File.file? keyfile
  raise "The keyfile '#{keyfile}' is not a valid file." unless exists
end
verify_keyfile_provided!(keyfile) click to toggle source

Verify that the keyfile argument is provided.

# File lib/googleauth/credentials.rb, line 143
def verify_keyfile_provided!(keyfile)
  return unless keyfile.nil?
  raise 'The keyfile passed to Google::Auth::Credentials.new was nil.'
end