Class Credentials
- All Implemented Interfaces:
Serializable
- Direct Known Subclasses:
ApiKeyCredentials
,JwtCredentials
,OAuth2Credentials
,ServiceAccountJwtAccessCredentials
- See Also:
-
Field Summary
Fields -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected final void
blockingGetToCallback
(URI uri, RequestMetadataCallback callback) CallgetRequestMetadata(URI)
and pass the result or error to the callback.abstract String
A constant string name describing the authentication technology.Gets the credential type used for internal metrics header.Get the current request metadata, refreshing tokens if required.getRequestMetadata
(URI uri) Get the current request metadata in a blocking manner, refreshing tokens if required.void
getRequestMetadata
(URI uri, Executor executor, RequestMetadataCallback callback) Get the current request metadata without blocking.Gets the universe domain for the credential in a blocking manner, refreshing tokens if required.abstract boolean
Whether the credentials have metadata entries that should be added to each request.abstract boolean
Indicates whether or not the Auth mechanism works purely by including request metadata.abstract void
refresh()
Refresh the authorization data, discarding any cached state.
-
Field Details
-
serialVersionUID
private static final long serialVersionUID- See Also:
-
GOOGLE_DEFAULT_UNIVERSE
- See Also:
-
-
Constructor Details
-
Credentials
public Credentials()
-
-
Method Details
-
getAuthenticationType
A constant string name describing the authentication technology.E.g. “OAuth2”, “SSL”. For use by the transport layer to determine whether it supports the type of authentication in the case where
hasRequestMetadataOnly()
is false. Also serves as a debugging helper.- Returns:
- The type of authentication used.
-
getUniverseDomain
Gets the universe domain for the credential in a blocking manner, refreshing tokens if required.- Returns:
- a universe domain value in the format some-domain.xyz. By default, returns the Google universe domain googleapis.com.
- Throws:
IOException
- extending classes might have to do remote calls to determine the universe domain. The exception must implementRetryable
andisRetryable()
will return true if the operation may be retried.
-
getMetricsCredentialType
Gets the credential type used for internal metrics header.The default is
CredentialTypeForMetrics.DO_NOT_SEND
. For a credential that is established to track for metrics, this default should be overridden.- Returns:
- a enum value for credential type
-
getRequestMetadata
Get the current request metadata, refreshing tokens if required.This should be called by the transport layer on each request, and the data should be populated in headers or other context. The operation can block and fail to complete and may do things such as refreshing access tokens.
The convention for handling binary data is for the key in the returned map to end with
"-bin"
and for the corresponding values to be base64 encoded.- Returns:
- The request metadata used for populating headers or other context.
- Throws:
IOException
- if there was an error getting up-to-date access.
-
getRequestMetadata
Get the current request metadata without blocking.This should be called by the transport layer on each request, and the data should be populated in headers or other context. The implementation can either call the callback inline or asynchronously. Either way it should never block in this method. The executor is provided for tasks that may block.
The default implementation will just call
getRequestMetadata(URI)
then the callback from the given executor.The convention for handling binary data is for the key in the returned map to end with
"-bin"
and for the corresponding values to be base64 encoded.- Parameters:
uri
- URI of the entry point for the request.executor
- Executor to perform the request.callback
- Callback to execute when the request is finished.
-
blockingGetToCallback
CallgetRequestMetadata(URI)
and pass the result or error to the callback.- Parameters:
uri
- URI of the entry point for the request.callback
- Callback handler to execute when the metadata completes.
-
getRequestMetadata
Get the current request metadata in a blocking manner, refreshing tokens if required.This should be called by the transport layer on each request, and the data should be populated in headers or other context. The operation can block and fail to complete and may do things such as refreshing access tokens.
The convention for handling binary data is for the key in the returned map to end with
"-bin"
and for the corresponding values to be base64 encoded.- Parameters:
uri
- URI of the entry point for the request.- Returns:
- The request metadata used for populating headers or other context.
- Throws:
IOException
- if there was an error getting up-to-date access. The exception should implementRetryable
andisRetryable()
will return true if the operation may be retried.
-
hasRequestMetadata
public abstract boolean hasRequestMetadata()Whether the credentials have metadata entries that should be added to each request.This should be called by the transport layer to see if
getRequestMetadata()
should be used for each request.- Returns:
- Whether or not the transport layer should call
getRequestMetadata()
-
hasRequestMetadataOnly
public abstract boolean hasRequestMetadataOnly()Indicates whether or not the Auth mechanism works purely by including request metadata.This is meant for the transport layer. If this is true a transport does not need to take actions other than including the request metadata. If this is false, a transport must specifically know about the authentication technology to support it, and should fail to accept the credentials otherwise.
- Returns:
- Whether or not the Auth mechanism works purely by including request metadata.
-
refresh
Refresh the authorization data, discarding any cached state.For use by the transport to allow retry after getting an error indicating there may be invalid tokens or other cached state.
- Throws:
IOException
- if there was an error getting up-to-date access.
-