Goth v1.3.0-rc.3

Goth.Token (Goth v1.3.0-rc.3) View Source

Functions for retrieving the token from the Google API.

Link to this section Summary

Types

t()

Functions

fetch(config)

Fetch the token from the Google API using the given config.

for_scope(info, sub \\ nil) deprecated

Link to this section Types

Link to this type

t()

View Source

Specs

t() :: %Goth.Token{
  account: term(),
  expires: non_neg_integer(),
  scope: String.t(),
  sub: String.t() | nil,
  token: String.t(),
  type: String.t()
}

Link to this section Functions

Link to this function

fetch(config)

View Source (since 1.3.0)

Specs

fetch(map()) :: {:ok, t()} | {:error, Exception.t()}

Fetch the token from the Google API using the given config.

Config may contain the following keys:

Source

Source can be one of:

Service account - {:service_account, credentials, options}

The credentials is a map and can contain the following keys:

  • "private_key"

  • "client_email"

The options is a keywords list and can contain the following keys:

  • :url - the URL of the authentication service, defaults to: "https://www.googleapis.com/oauth2/v4/token"

  • :scopes - the list of token scopes, defaults to ["https://www.googleapis.com/auth/cloud-platform"]

  • :sub - an email of user being impersonated, defaults to nil

Refresh token - {:refresh_token, credentials, options}

The credentials is a map and can contain the following keys:

  • "refresh_token"

  • "client_id"

  • "client_secret"

The options is a keywords list and can contain the following keys:

  • :url - the URL of the authentication service, defaults to: "https://www.googleapis.com/oauth2/v4/token"

Google metadata server - {:metadata, options}

The options is a keywords list and can contain the following keys:

  • :account - the name of the account to generate the token for, defaults to "default"

  • :url - the URL of the metadata server, defaults to "http://metadata.google.internal"

Examples

Generate a token using a service account credentials file:

iex> credentials = "credentials.json" |> File.read!() |> Jason.decode!()
iex> Goth.Token.fetch(%{source: {:service_account, credentials, []}})
{:ok, %Goth.Token{...}}

You can generate a credentials file containing service account using gcloud utility like this:

gcloud iam service-accounts keys create --key-file-type=json --iam-account=... credentials.json

Retrieve the token using a refresh token:

iex> credentials = "credentials.json" |> File.read!() |> Jason.decode!()
iex> Goth.Token.fetch(%{source: {:refresh_token, credentials, []}})
{:ok, %Goth.Token{...}}

You can generate a credentials file containing refresh token using gcloud utility like this:

gcloud auth application-default login

Retrieve the token using the Google metadata server:

iex> Goth.Token.fetch(%{source: {:metadata, []}})
{:ok, %Goth.Token{...}}

See Storing and retrieving instance metadata for more information on metadata server.

Link to this function

for_scope(info, sub \\ nil)

View Source
This function is deprecated. Use Goth.fetch/1 instead.

Specs

for_scope(scope :: String.t(), sub :: String.t() | nil) ::
  {:ok, t()} | {:error, any()}
for_scope(info :: {String.t() | atom(), String.t()}, sub :: String.t() | nil) ::
  {:ok, t()} | {:error, any()}