Package com.google.auth.oauth2
Class ExternalAccountCredentials.Builder
- java.lang.Object
-
- com.google.auth.oauth2.OAuth2Credentials.Builder
-
- com.google.auth.oauth2.GoogleCredentials.Builder
-
- com.google.auth.oauth2.ExternalAccountCredentials.Builder
-
- Direct Known Subclasses:
AwsCredentials.Builder
,IdentityPoolCredentials.Builder
,PluggableAuthCredentials.Builder
- Enclosing class:
- ExternalAccountCredentials
public abstract static class ExternalAccountCredentials.Builder extends GoogleCredentials.Builder
Base builder for external account credentials.
-
-
Field Summary
Fields Modifier and Type Field Description protected java.lang.String
audience
protected java.lang.String
clientId
protected java.lang.String
clientSecret
protected ExternalAccountCredentials.CredentialSource
credentialSource
protected EnvironmentProvider
environmentProvider
protected ExternalAccountMetricsHandler
metricsHandler
protected java.util.Collection<java.lang.String>
scopes
protected ExternalAccountCredentials.ServiceAccountImpersonationOptions
serviceAccountImpersonationOptions
protected java.lang.String
serviceAccountImpersonationUrl
protected java.lang.String
subjectTokenType
protected java.lang.String
tokenInfoUrl
protected java.lang.String
tokenUrl
protected HttpTransportFactory
transportFactory
protected java.lang.String
universeDomain
Deprecated.protected java.lang.String
workforcePoolUserProject
-
Fields inherited from class com.google.auth.oauth2.GoogleCredentials.Builder
quotaProjectId
-
-
Constructor Summary
Constructors Modifier Constructor Description protected
Builder()
protected
Builder(ExternalAccountCredentials credentials)
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description abstract ExternalAccountCredentials
build()
ExternalAccountCredentials.Builder
setAudience(java.lang.String audience)
Sets the Security Token Service audience, which is usually the fully specified resource name of the workload/workforce pool provider.ExternalAccountCredentials.Builder
setClientId(java.lang.String clientId)
Sets the optional client ID of the service account from the console.ExternalAccountCredentials.Builder
setClientSecret(java.lang.String clientSecret)
Sets the optional client secret of the service account from the console.ExternalAccountCredentials.Builder
setCredentialSource(ExternalAccountCredentials.CredentialSource credentialSource)
Sets the external credential source.(package private) ExternalAccountCredentials.Builder
setEnvironmentProvider(EnvironmentProvider environmentProvider)
Sets the optional Environment Provider.ExternalAccountCredentials.Builder
setHttpTransportFactory(HttpTransportFactory transportFactory)
Sets the HTTP transport factory, creates the transport used to get access tokens.ExternalAccountCredentials.Builder
setQuotaProjectId(java.lang.String quotaProjectId)
Sets the optional project used for quota and billing purposes.ExternalAccountCredentials.Builder
setScopes(java.util.Collection<java.lang.String> scopes)
Sets the optional scopes to request during the authorization grant.ExternalAccountCredentials.Builder
setServiceAccountImpersonationOptions(java.util.Map<java.lang.String,java.lang.Object> optionsMap)
Sets the optional service account impersonation options.ExternalAccountCredentials.Builder
setServiceAccountImpersonationUrl(java.lang.String serviceAccountImpersonationUrl)
Sets the optional URL used for service account impersonation, which is required for some APIs.ExternalAccountCredentials.Builder
setSubjectTokenType(ExternalAccountCredentials.SubjectTokenTypes subjectTokenType)
Sets the Security Token Service subject token type based on the OAuth 2.0 token exchange spec.ExternalAccountCredentials.Builder
setSubjectTokenType(java.lang.String subjectTokenType)
Sets the Security Token Service subject token type based on the OAuth 2.0 token exchange spec.ExternalAccountCredentials.Builder
setTokenInfoUrl(java.lang.String tokenInfoUrl)
Sets the optional endpoint used to retrieve account related information.ExternalAccountCredentials.Builder
setTokenUrl(java.lang.String tokenUrl)
Sets the Security Token Service token exchange endpoint.ExternalAccountCredentials.Builder
setUniverseDomain(java.lang.String universeDomain)
Sets the optional universe domain.ExternalAccountCredentials.Builder
setWorkforcePoolUserProject(java.lang.String workforcePoolUserProject)
Sets the optional workforce pool user project number when the credential corresponds to a workforce pool and not a workload identity pool.-
Methods inherited from class com.google.auth.oauth2.GoogleCredentials.Builder
getQuotaProjectId, getUniverseDomain, setAccessToken
-
Methods inherited from class com.google.auth.oauth2.OAuth2Credentials.Builder
getAccessToken, getExpirationMargin, getRefreshMargin, setExpirationMargin, setRefreshMargin
-
-
-
-
Field Detail
-
audience
protected java.lang.String audience
-
subjectTokenType
protected java.lang.String subjectTokenType
-
tokenUrl
protected java.lang.String tokenUrl
-
tokenInfoUrl
protected java.lang.String tokenInfoUrl
-
credentialSource
protected ExternalAccountCredentials.CredentialSource credentialSource
-
environmentProvider
protected EnvironmentProvider environmentProvider
-
transportFactory
protected HttpTransportFactory transportFactory
-
serviceAccountImpersonationUrl
@Nullable protected java.lang.String serviceAccountImpersonationUrl
-
clientId
@Nullable protected java.lang.String clientId
-
clientSecret
@Nullable protected java.lang.String clientSecret
-
scopes
@Nullable protected java.util.Collection<java.lang.String> scopes
-
workforcePoolUserProject
@Nullable protected java.lang.String workforcePoolUserProject
-
serviceAccountImpersonationOptions
@Nullable protected ExternalAccountCredentials.ServiceAccountImpersonationOptions serviceAccountImpersonationOptions
-
universeDomain
@Nullable @Deprecated protected java.lang.String universeDomain
Deprecated.
-
metricsHandler
@Nullable protected ExternalAccountMetricsHandler metricsHandler
-
-
Constructor Detail
-
Builder
protected Builder()
-
Builder
protected Builder(ExternalAccountCredentials credentials)
-
-
Method Detail
-
setHttpTransportFactory
@CanIgnoreReturnValue public ExternalAccountCredentials.Builder setHttpTransportFactory(HttpTransportFactory transportFactory)
Sets the HTTP transport factory, creates the transport used to get access tokens.- Parameters:
transportFactory
- theHttpTransportFactory
to set- Returns:
- this
Builder
object
-
setAudience
@CanIgnoreReturnValue public ExternalAccountCredentials.Builder setAudience(java.lang.String audience)
Sets the Security Token Service audience, which is usually the fully specified resource name of the workload/workforce pool provider.- Parameters:
audience
- the Security Token Service audience to set- Returns:
- this
Builder
object
-
setSubjectTokenType
@CanIgnoreReturnValue public ExternalAccountCredentials.Builder setSubjectTokenType(java.lang.String subjectTokenType)
Sets the Security Token Service subject token type based on the OAuth 2.0 token exchange spec. Indicates the type of the security token in the credential file.- Parameters:
subjectTokenType
- the Security Token Service subject token type to set- Returns:
- this
Builder
object
-
setSubjectTokenType
@CanIgnoreReturnValue public ExternalAccountCredentials.Builder setSubjectTokenType(ExternalAccountCredentials.SubjectTokenTypes subjectTokenType)
Sets the Security Token Service subject token type based on the OAuth 2.0 token exchange spec. Indicates the type of the security token in the credential file.- Parameters:
subjectTokenType
- theSubjectTokenType
to set- Returns:
- this
Builder
object
-
setTokenUrl
@CanIgnoreReturnValue public ExternalAccountCredentials.Builder setTokenUrl(java.lang.String tokenUrl)
Sets the Security Token Service token exchange endpoint.- Parameters:
tokenUrl
- the Security Token Service token exchange url to set- Returns:
- this
Builder
object
-
setCredentialSource
@CanIgnoreReturnValue public ExternalAccountCredentials.Builder setCredentialSource(ExternalAccountCredentials.CredentialSource credentialSource)
Sets the external credential source.- Parameters:
credentialSource
- theCredentialSource
to set- Returns:
- this
Builder
object
-
setServiceAccountImpersonationUrl
@CanIgnoreReturnValue public ExternalAccountCredentials.Builder setServiceAccountImpersonationUrl(java.lang.String serviceAccountImpersonationUrl)
Sets the optional URL used for service account impersonation, which is required for some APIs. If this URL is not available, the access token from the Security Token Service is used directly.- Parameters:
serviceAccountImpersonationUrl
- the service account impersonation url to set- Returns:
- this
Builder
object
-
setTokenInfoUrl
@CanIgnoreReturnValue public ExternalAccountCredentials.Builder setTokenInfoUrl(java.lang.String tokenInfoUrl)
Sets the optional endpoint used to retrieve account related information. Required for gCloud session account identification.- Parameters:
tokenInfoUrl
- the token info url to set- Returns:
- this
Builder
object
-
setQuotaProjectId
@CanIgnoreReturnValue public ExternalAccountCredentials.Builder setQuotaProjectId(java.lang.String quotaProjectId)
Sets the optional project used for quota and billing purposes.- Overrides:
setQuotaProjectId
in classGoogleCredentials.Builder
- Parameters:
quotaProjectId
- the quota and billing project id to set- Returns:
- this
Builder
object
-
setClientId
@CanIgnoreReturnValue public ExternalAccountCredentials.Builder setClientId(java.lang.String clientId)
Sets the optional client ID of the service account from the console.- Parameters:
clientId
- the service account client id to set- Returns:
- this
Builder
object
-
setClientSecret
@CanIgnoreReturnValue public ExternalAccountCredentials.Builder setClientSecret(java.lang.String clientSecret)
Sets the optional client secret of the service account from the console.- Parameters:
clientSecret
- the service account client secret to set- Returns:
- this
Builder
object
-
setScopes
@CanIgnoreReturnValue public ExternalAccountCredentials.Builder setScopes(java.util.Collection<java.lang.String> scopes)
Sets the optional scopes to request during the authorization grant.- Parameters:
scopes
- the request scopes to set- Returns:
- this
Builder
object
-
setWorkforcePoolUserProject
@CanIgnoreReturnValue public ExternalAccountCredentials.Builder setWorkforcePoolUserProject(java.lang.String workforcePoolUserProject)
Sets the optional workforce pool user project number when the credential corresponds to a workforce pool and not a workload identity pool. The underlying principal must still have serviceusage.services.use IAM permission to use the project for billing/quota.- Parameters:
workforcePoolUserProject
- the workforce pool user project number to set- Returns:
- this
Builder
object
-
setServiceAccountImpersonationOptions
@CanIgnoreReturnValue public ExternalAccountCredentials.Builder setServiceAccountImpersonationOptions(java.util.Map<java.lang.String,java.lang.Object> optionsMap)
Sets the optional service account impersonation options.- Parameters:
optionsMap
- the service account impersonation options to set- Returns:
- this
Builder
object
-
setUniverseDomain
@CanIgnoreReturnValue public ExternalAccountCredentials.Builder setUniverseDomain(java.lang.String universeDomain)
Sets the optional universe domain.- Overrides:
setUniverseDomain
in classGoogleCredentials.Builder
- Parameters:
universeDomain
- the universe domain to set- Returns:
- this
Builder
object
-
setEnvironmentProvider
@CanIgnoreReturnValue ExternalAccountCredentials.Builder setEnvironmentProvider(EnvironmentProvider environmentProvider)
Sets the optional Environment Provider.- Parameters:
environmentProvider
- theEnvironmentProvider
to set- Returns:
- this
Builder
object
-
build
public abstract ExternalAccountCredentials build()
- Overrides:
build
in classGoogleCredentials.Builder
-
-