Package com.google.auth.oauth2
Class IdentityPoolCredentials
- java.lang.Object
-
- com.google.auth.Credentials
-
- com.google.auth.oauth2.OAuth2Credentials
-
- com.google.auth.oauth2.GoogleCredentials
-
- com.google.auth.oauth2.ExternalAccountCredentials
-
- com.google.auth.oauth2.IdentityPoolCredentials
-
- All Implemented Interfaces:
QuotaProjectIdProvider
,java.io.Serializable
public class IdentityPoolCredentials extends ExternalAccountCredentials
Url-sourced, file-sourced, or user provided supplier method-sourced external account credentials.By default, attempts to exchange the external credential for a GCP access token.
- See Also:
- Serialized Form
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
IdentityPoolCredentials.Builder
-
Nested classes/interfaces inherited from class com.google.auth.oauth2.ExternalAccountCredentials
ExternalAccountCredentials.CredentialSource, ExternalAccountCredentials.ServiceAccountImpersonationOptions, ExternalAccountCredentials.SubjectTokenTypes
-
Nested classes/interfaces inherited from class com.google.auth.oauth2.OAuth2Credentials
OAuth2Credentials.AsyncRefreshResult, OAuth2Credentials.CacheState, OAuth2Credentials.CredentialsChangedListener, OAuth2Credentials.FutureCallbackToMetadataCallbackAdapter, OAuth2Credentials.OAuthValue, OAuth2Credentials.RefreshTask, OAuth2Credentials.RefreshTaskListener
-
-
Field Summary
Fields Modifier and Type Field Description (package private) static java.lang.String
FILE_METRICS_HEADER_VALUE
private java.lang.String
metricsHeaderValue
private static long
serialVersionUID
private IdentityPoolSubjectTokenSupplier
subjectTokenSupplier
private ExternalAccountSupplierContext
supplierContext
(package private) static java.lang.String
URL_METRICS_HEADER_VALUE
-
Fields inherited from class com.google.auth.oauth2.ExternalAccountCredentials
DEFAULT_TOKEN_URL, EXECUTABLE_SOURCE_KEY, EXTERNAL_ACCOUNT_FILE_TYPE, impersonatedCredentials, PROGRAMMATIC_METRICS_HEADER_VALUE, transportFactory
-
Fields inherited from class com.google.auth.oauth2.GoogleCredentials
GDCH_SERVICE_ACCOUNT_FILE_TYPE, QUOTA_PROJECT_ID_HEADER_KEY, quotaProjectId, SERVICE_ACCOUNT_FILE_TYPE, USER_FILE_TYPE
-
Fields inherited from class com.google.auth.oauth2.OAuth2Credentials
clock, DEFAULT_EXPIRATION_MARGIN, DEFAULT_REFRESH_MARGIN, lock, refreshTask
-
Fields inherited from class com.google.auth.Credentials
GOOGLE_DEFAULT_UNIVERSE
-
-
Constructor Summary
Constructors Constructor Description IdentityPoolCredentials(IdentityPoolCredentials.Builder builder)
Internal constructor.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description IdentityPoolCredentials
createScoped(java.util.Collection<java.lang.String> newScopes)
Clones the IdentityPoolCredentials with the specified scopes.(package private) java.lang.String
getCredentialSourceType()
(package private) IdentityPoolSubjectTokenSupplier
getIdentityPoolSubjectTokenSupplier()
static IdentityPoolCredentials.Builder
newBuilder()
static IdentityPoolCredentials.Builder
newBuilder(IdentityPoolCredentials identityPoolCredentials)
AccessToken
refreshAccessToken()
Method to refresh the access token according to the specific type of credentials.java.lang.String
retrieveSubjectToken()
Retrieves the external subject token to be exchanged for a Google Cloud access token.-
Methods inherited from class com.google.auth.oauth2.ExternalAccountCredentials
buildImpersonatedCredentials, exchangeExternalCredentialForAccessToken, fromJson, fromStream, fromStream, getAudience, getClientId, getClientSecret, getCredentialSource, getEnvironmentProvider, getRequestMetadata, getRequestMetadata, getScopes, getServiceAccountEmail, getServiceAccountImpersonationOptions, getServiceAccountImpersonationUrl, getSubjectTokenType, getTokenInfoUrl, getTokenUrl, getUniverseDomain, getWorkforcePoolUserProject, isWorkforcePoolConfiguration, validateServiceAccountImpersonationInfoUrl, validateTokenUrl
-
Methods inherited from class com.google.auth.oauth2.GoogleCredentials
addQuotaProjectIdToRequestMetadata, create, create, createDelegated, createScoped, createScoped, createScopedRequired, createWithCustomRetryStrategy, createWithQuotaProject, equals, getAdditionalHeaders, getApplicationDefault, getApplicationDefault, getQuotaProjectId, hashCode, isDefaultUniverseDomain, isExplicitUniverseDomain, toBuilder, toString, toStringHelper
-
Methods inherited from class com.google.auth.oauth2.OAuth2Credentials
addChangeListener, getAccessToken, getAuthenticationType, getExpirationMargin, getFromServiceLoader, getRefreshMargin, getRequestMetadataInternal, hasRequestMetadata, hasRequestMetadataOnly, newInstance, refresh, refreshIfExpired, removeChangeListener
-
Methods inherited from class com.google.auth.Credentials
blockingGetToCallback, getMetricsCredentialType, getRequestMetadata
-
-
-
-
Field Detail
-
FILE_METRICS_HEADER_VALUE
static final java.lang.String FILE_METRICS_HEADER_VALUE
- See Also:
- Constant Field Values
-
URL_METRICS_HEADER_VALUE
static final java.lang.String URL_METRICS_HEADER_VALUE
- See Also:
- Constant Field Values
-
serialVersionUID
private static final long serialVersionUID
- See Also:
- Constant Field Values
-
subjectTokenSupplier
private final IdentityPoolSubjectTokenSupplier subjectTokenSupplier
-
supplierContext
private final ExternalAccountSupplierContext supplierContext
-
metricsHeaderValue
private final java.lang.String metricsHeaderValue
-
-
Constructor Detail
-
IdentityPoolCredentials
IdentityPoolCredentials(IdentityPoolCredentials.Builder builder)
Internal constructor. SeeIdentityPoolCredentials.Builder
.
-
-
Method Detail
-
refreshAccessToken
public AccessToken refreshAccessToken() throws java.io.IOException
Description copied from class:OAuth2Credentials
Method to refresh the access token according to the specific type of credentials.Throws IllegalStateException if not overridden since direct use of OAuth2Credentials is only for temporary or non-refreshing access tokens.
- Overrides:
refreshAccessToken
in classOAuth2Credentials
- Returns:
- never
- Throws:
java.io.IOException
-
retrieveSubjectToken
public java.lang.String retrieveSubjectToken() throws java.io.IOException
Description copied from class:ExternalAccountCredentials
Retrieves the external subject token to be exchanged for a Google Cloud access token.Must be implemented by subclasses as the retrieval method is dependent on the credential source.
- Specified by:
retrieveSubjectToken
in classExternalAccountCredentials
- Returns:
- the external subject token
- Throws:
java.io.IOException
- if the subject token cannot be retrieved
-
getCredentialSourceType
java.lang.String getCredentialSourceType()
- Overrides:
getCredentialSourceType
in classExternalAccountCredentials
-
getIdentityPoolSubjectTokenSupplier
IdentityPoolSubjectTokenSupplier getIdentityPoolSubjectTokenSupplier()
-
createScoped
public IdentityPoolCredentials createScoped(java.util.Collection<java.lang.String> newScopes)
Clones the IdentityPoolCredentials with the specified scopes.- Overrides:
createScoped
in classGoogleCredentials
- Parameters:
newScopes
- Collection of scopes to request.- Returns:
- GoogleCredentials with requested scopes.
-
newBuilder
public static IdentityPoolCredentials.Builder newBuilder()
-
newBuilder
public static IdentityPoolCredentials.Builder newBuilder(IdentityPoolCredentials identityPoolCredentials)
-
-