Package com.google.auth.oauth2
Class GdchCredentials
- java.lang.Object
-
- com.google.auth.Credentials
-
- com.google.auth.oauth2.OAuth2Credentials
-
- com.google.auth.oauth2.GoogleCredentials
-
- com.google.auth.oauth2.GdchCredentials
-
- All Implemented Interfaces:
QuotaProjectIdProvider
,java.io.Serializable
public class GdchCredentials extends GoogleCredentials
- See Also:
- Serialized Form
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
GdchCredentials.Builder
(package private) static class
GdchCredentials.TransportFactoryForGdch
-
Nested classes/interfaces inherited from class com.google.auth.oauth2.OAuth2Credentials
OAuth2Credentials.AsyncRefreshResult, OAuth2Credentials.CacheState, OAuth2Credentials.CredentialsChangedListener, OAuth2Credentials.FutureCallbackToMetadataCallbackAdapter, OAuth2Credentials.OAuthValue, OAuth2Credentials.RefreshTask, OAuth2Credentials.RefreshTaskListener
-
-
Field Summary
Fields Modifier and Type Field Description private java.net.URI
apiAudience
private java.lang.String
caCertPath
private static int
DEFAULT_LIFETIME_IN_SECONDS
private int
lifetime
private static java.lang.String
PARSE_ERROR_PREFIX
private java.security.PrivateKey
privateKey
private java.lang.String
privateKeyId
private java.lang.String
projectId
private java.lang.String
serviceIdentityName
(package private) static java.lang.String
SUPPORTED_FORMAT_VERSION
private java.net.URI
tokenServerUri
private HttpTransportFactory
transportFactory
private java.lang.String
transportFactoryClassName
-
Fields inherited from class com.google.auth.oauth2.GoogleCredentials
GDCH_SERVICE_ACCOUNT_FILE_TYPE, QUOTA_PROJECT_ID_HEADER_KEY, quotaProjectId, SERVICE_ACCOUNT_FILE_TYPE, USER_FILE_TYPE
-
Fields inherited from class com.google.auth.oauth2.OAuth2Credentials
clock, DEFAULT_EXPIRATION_MARGIN, DEFAULT_REFRESH_MARGIN, lock, refreshTask
-
Fields inherited from class com.google.auth.Credentials
GOOGLE_DEFAULT_UNIVERSE
-
-
Constructor Summary
Constructors Constructor Description GdchCredentials(GdchCredentials.Builder builder)
Internal constructor.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description (package private) java.lang.String
createAssertion(com.google.api.client.json.JsonFactory jsonFactory, long currentTime, java.net.URI apiAudience)
Create a self-signed JWT for GDCH authentication flow.GdchCredentials
createWithGdchAudience(java.net.URI apiAudience)
Create a copy of GDCH credentials with the specified audience.boolean
equals(java.lang.Object obj)
(package private) static GdchCredentials
fromJson(java.util.Map<java.lang.String,java.lang.Object> json)
Create GDCH service account credentials defined by JSON.(package private) static GdchCredentials
fromJson(java.util.Map<java.lang.String,java.lang.Object> json, HttpTransportFactory transportFactory)
Create GDCH service account credentials defined by JSON.(package private) static GdchCredentials
fromPkcs8(java.lang.String privateKeyPkcs8, GdchCredentials.Builder builder)
Internal constructor.java.net.URI
getApiAudience()
java.lang.String
getCaCertPath()
(package private) static java.lang.String
getIssuerSubjectValue(java.lang.String projectId, java.lang.String serviceIdentityName)
Get the issuer and subject value in the format GDCH token server required.java.security.PrivateKey
getPrivateKey()
java.lang.String
getPrivateKeyId()
java.lang.String
getProjectId()
java.lang.String
getServiceIdentityName()
java.net.URI
getTokenServerUri()
HttpTransportFactory
getTransportFactory()
int
hashCode()
static GdchCredentials.Builder
newBuilder()
private void
readObject(java.io.ObjectInputStream input)
(package private) static java.io.InputStream
readStream(java.io.File file)
AccessToken
refreshAccessToken()
Refresh the OAuth2 access token by getting a new access token using a JSON Web Token (JWT).GdchCredentials.Builder
toBuilder()
java.lang.String
toString()
private static java.lang.String
validateField(java.lang.String field, java.lang.String fieldName)
-
Methods inherited from class com.google.auth.oauth2.GoogleCredentials
addQuotaProjectIdToRequestMetadata, create, create, createDelegated, createScoped, createScoped, createScoped, createScopedRequired, createWithCustomRetryStrategy, createWithQuotaProject, fromStream, fromStream, getAdditionalHeaders, getApplicationDefault, getApplicationDefault, getQuotaProjectId, getUniverseDomain, isDefaultUniverseDomain, isExplicitUniverseDomain, toStringHelper
-
Methods inherited from class com.google.auth.oauth2.OAuth2Credentials
addChangeListener, getAccessToken, getAuthenticationType, getExpirationMargin, getFromServiceLoader, getRefreshMargin, getRequestMetadata, getRequestMetadata, getRequestMetadataInternal, hasRequestMetadata, hasRequestMetadataOnly, newInstance, refresh, refreshIfExpired, removeChangeListener
-
Methods inherited from class com.google.auth.Credentials
blockingGetToCallback, getMetricsCredentialType, getRequestMetadata
-
-
-
-
Field Detail
-
SUPPORTED_FORMAT_VERSION
static final java.lang.String SUPPORTED_FORMAT_VERSION
- See Also:
- Constant Field Values
-
PARSE_ERROR_PREFIX
private static final java.lang.String PARSE_ERROR_PREFIX
- See Also:
- Constant Field Values
-
DEFAULT_LIFETIME_IN_SECONDS
private static final int DEFAULT_LIFETIME_IN_SECONDS
- See Also:
- Constant Field Values
-
privateKey
private final java.security.PrivateKey privateKey
-
privateKeyId
private final java.lang.String privateKeyId
-
projectId
private final java.lang.String projectId
-
serviceIdentityName
private final java.lang.String serviceIdentityName
-
tokenServerUri
private final java.net.URI tokenServerUri
-
apiAudience
private final java.net.URI apiAudience
-
lifetime
private final int lifetime
-
transportFactoryClassName
private final java.lang.String transportFactoryClassName
-
caCertPath
private final java.lang.String caCertPath
-
transportFactory
private transient HttpTransportFactory transportFactory
-
-
Constructor Detail
-
GdchCredentials
GdchCredentials(GdchCredentials.Builder builder)
Internal constructor.- Parameters:
builder
- A builder forGdchCredentials
SeeGdchCredentials.Builder
.
-
-
Method Detail
-
fromJson
static GdchCredentials fromJson(java.util.Map<java.lang.String,java.lang.Object> json) throws java.io.IOException
Create GDCH service account credentials defined by JSON.- Parameters:
json
- a map from the JSON representing the credentials.- Returns:
- the GDCH service account credentials defined by the JSON.
- Throws:
java.io.IOException
- if the credential cannot be created from the JSON.
-
fromJson
static GdchCredentials fromJson(java.util.Map<java.lang.String,java.lang.Object> json, HttpTransportFactory transportFactory) throws java.io.IOException
Create GDCH service account credentials defined by JSON.- Parameters:
json
- a map from the JSON representing the credentials.transportFactory
- HTTP transport factory, creates the transport used to get access tokens.- Returns:
- the GDCH service account credentials defined by the JSON.
- Throws:
java.io.IOException
- if the credential cannot be created from the JSON.
-
fromPkcs8
static GdchCredentials fromPkcs8(java.lang.String privateKeyPkcs8, GdchCredentials.Builder builder) throws java.io.IOException
Internal constructor.- Parameters:
privateKeyPkcs8
- RSA private key object for the service account in PKCS#8 format.builder
- A builder for GdchCredentials.- Returns:
- an instance of GdchCredentials.
- Throws:
java.io.IOException
-
createWithGdchAudience
public GdchCredentials createWithGdchAudience(java.net.URI apiAudience) throws java.io.IOException
Create a copy of GDCH credentials with the specified audience.- Parameters:
apiAudience
- The intended audience for GDCH credentials.- Throws:
java.io.IOException
-
refreshAccessToken
public AccessToken refreshAccessToken() throws java.io.IOException
Refresh the OAuth2 access token by getting a new access token using a JSON Web Token (JWT).For GDCH credentials, this class creates a self-signed JWT, and sends to the GDCH authentication endpoint (tokenServerUri) to exchange an access token for the intended api audience (apiAudience).
- Overrides:
refreshAccessToken
in classOAuth2Credentials
- Returns:
- never
- Throws:
java.io.IOException
-
createAssertion
java.lang.String createAssertion(com.google.api.client.json.JsonFactory jsonFactory, long currentTime, java.net.URI apiAudience) throws java.io.IOException
Create a self-signed JWT for GDCH authentication flow.The self-signed JWT is used to exchange access token from GDCH authentication (tokenServerUri), not for API call. It uses the serviceIdentityName as the `iss` and `sub` claim, and the tokenServerUri as the `aud` claim. The JWT is signed with the privateKey.
- Throws:
java.io.IOException
-
getIssuerSubjectValue
static java.lang.String getIssuerSubjectValue(java.lang.String projectId, java.lang.String serviceIdentityName)
Get the issuer and subject value in the format GDCH token server required.This value is specific to GDCH and combined parameter used for both `iss` and `sub` fields in JWT claim.
-
getProjectId
public final java.lang.String getProjectId()
-
getPrivateKeyId
public final java.lang.String getPrivateKeyId()
-
getPrivateKey
public final java.security.PrivateKey getPrivateKey()
-
getServiceIdentityName
public final java.lang.String getServiceIdentityName()
-
getTokenServerUri
public final java.net.URI getTokenServerUri()
-
getApiAudience
public final java.net.URI getApiAudience()
-
getTransportFactory
public final HttpTransportFactory getTransportFactory()
-
getCaCertPath
public final java.lang.String getCaCertPath()
-
newBuilder
public static GdchCredentials.Builder newBuilder()
-
toBuilder
public GdchCredentials.Builder toBuilder()
- Overrides:
toBuilder
in classGoogleCredentials
-
readObject
private void readObject(java.io.ObjectInputStream input) throws java.io.IOException, java.lang.ClassNotFoundException
- Throws:
java.io.IOException
java.lang.ClassNotFoundException
-
hashCode
public int hashCode()
- Overrides:
hashCode
in classGoogleCredentials
-
toString
public java.lang.String toString()
- Overrides:
toString
in classGoogleCredentials
-
equals
public boolean equals(java.lang.Object obj)
- Overrides:
equals
in classGoogleCredentials
-
readStream
static java.io.InputStream readStream(java.io.File file) throws java.io.FileNotFoundException
- Throws:
java.io.FileNotFoundException
-
validateField
private static java.lang.String validateField(java.lang.String field, java.lang.String fieldName) throws java.io.IOException
- Throws:
java.io.IOException
-
-