gcp-auth
API
Generated with
gcp-auth/com.permutive.gcp.auth/TokenProvider

TokenProvider

com.permutive.gcp.auth.TokenProvider
See theTokenProvider companion trait
object TokenProvider

Attributes

Companion
trait
Graph
Supertypes
class Object
trait Matchable
class Any
Self type

Members list

Type members

Classlikes

final class CachedBuilder[F[_]]

Attributes

Supertypes
class Object
trait Matchable
class Any

Value members

Concrete methods

def apply[F[_]](implicit ev: TokenProvider[F]): TokenProvider[F]
def cached[F[_] : Temporal]: CachedBuilder[F]

Transforms a TokenProvider in a cached version of itself that automatically refreshes the token given its expiration.

Transforms a TokenProvider in a cached version of itself that automatically refreshes the token given its expiration.

Attributes

def const[F[_] : Applicative](token: AccessToken): TokenProvider[F]
def create[F[_]](fa: F[AccessToken]): TokenProvider[F]
def identity[F[_] : Clock](httpClient: Client[F], audience: Uri): TokenProvider[F]

Retrieves an identity token using Google's metadata server for a specific audience.

Retrieves an identity token using Google's metadata server for a specific audience.

Identity tokens can be used for calling Cloud Run services.

'''Important!''' This method can only be run from within a workload container in GCP. The call will fail otherwise.

Attributes

See also
def serviceAccount[F[_] : Concurrent](httpClient: Client[F]): TokenProvider[F]

Retrieves a workload service account token using Google's metadata server.

Retrieves a workload service account token using Google's metadata server.

You can then user the service account token to send authenticated requests to GCP services, such as Vertex-AI, Google Cloud Storage...

'''Important!''' This method can only be run from within a workload container in GCP. The call will fail otherwise.

Attributes

See also
def serviceAccount[F[_] : Async](serviceAccountPath: Path, scope: List[String], httpClient: Client[F]): F[TokenProvider[F]]

Retrieves a service account token from Google's OAuth API.

Retrieves a service account token from Google's OAuth API.

You can then user the service account token to send authenticated requests to GCP services, such as Vertex-AI, Google Cloud Storage...

Attributes

See also
def serviceAccount[F[_] : Async](clientEmail: ClientEmail, privateKey: RSAPrivateKey, scope: List[String], httpClient: Client[F]): TokenProvider[F]

Retrieves a service account token from Google's OAuth API.

Retrieves a service account token from Google's OAuth API.

You can then user the service account token to send authenticated requests to GCP services, such as Vertex-AI, Google Cloud Storage...

Attributes

See also
def userAccount[F[_] : Files](clientSecretsPath: Path, refreshTokenPath: Path, httpClient: Client[F]): F[TokenProvider[F]]

Retrieves a user account token from Google's OAuth API.

Retrieves a user account token from Google's OAuth API.

You can then user the user account token to send authenticated requests to GCP services, such as Vertex-AI, Google Cloud Storage...

Attributes

See also
def userAccount[F[_] : Concurrent](clientId: ClientId, clientSecret: ClientSecret, refreshToken: RefreshToken, httpClient: Client[F]): TokenProvider[F]

Retrieves a user account token from Google's OAuth API.

Retrieves a user account token from Google's OAuth API.

You can then user the user account token to send authenticated requests to GCP services, such as Vertex-AI, Google Cloud Storage...

Attributes

See also
def userAccount[F[_] : Concurrent](httpClient: Client[F]): F[TokenProvider[F]]

Retrieves a user account token from Google's OAuth API using the "Application Default Credentials" file.

Retrieves a user account token from Google's OAuth API using the "Application Default Credentials" file.

By default this file is located under ~/.config/cloud/application_default_credentials.json (or %AppData%/gcloud/application_default_credentials.json if running on Windows) and can be created using gcloud auth application-default login or set GOOGLE_APPLICATION_CREDENTIALS environment variable to override to another path.

You can then user the user account token to send authenticated requests to GCP services, such as Vertex-AI, Google Cloud Storage...

Attributes

See also

Concrete fields

val InstanceMetadataOAuthSafetyPeriod: FiniteDuration

Suitable safety period for an token from the instance metadata.

Suitable safety period for an token from the instance metadata.

The GCP metadata endpoint caches tokens for 5 minutes until their expiry. The value here (4 minutes) should ensure a new token will be provided and have no risk of requests using an expired token.

Attributes

See also
Generated with