Package com.google.auth.oauth2
Class AwsCredentials.Builder
- java.lang.Object
-
- com.google.auth.oauth2.OAuth2Credentials.Builder
-
- com.google.auth.oauth2.GoogleCredentials.Builder
-
- com.google.auth.oauth2.ExternalAccountCredentials.Builder
-
- com.google.auth.oauth2.AwsCredentials.Builder
-
- Enclosing class:
- AwsCredentials
public static class AwsCredentials.Builder extends ExternalAccountCredentials.Builder
-
-
Field Summary
Fields Modifier and Type Field Description private AwsSecurityCredentialsSupplier
awsSecurityCredentialsSupplier
private java.lang.String
regionalCredentialVerificationUrlOverride
-
Fields inherited from class com.google.auth.oauth2.ExternalAccountCredentials.Builder
audience, clientId, clientSecret, credentialSource, environmentProvider, metricsHandler, scopes, serviceAccountImpersonationOptions, serviceAccountImpersonationUrl, subjectTokenType, tokenInfoUrl, tokenUrl, transportFactory, universeDomain, workforcePoolUserProject
-
Fields inherited from class com.google.auth.oauth2.GoogleCredentials.Builder
quotaProjectId
-
-
Constructor Summary
Constructors Constructor Description Builder()
Builder(AwsCredentials credentials)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description AwsCredentials
build()
AwsCredentials.Builder
setAudience(java.lang.String audience)
Sets the Security Token Service audience, which is usually the fully specified resource name of the workload/workforce pool provider.AwsCredentials.Builder
setAwsSecurityCredentialsSupplier(AwsSecurityCredentialsSupplier awsSecurityCredentialsSupplier)
Sets the AWS security credentials supplier.AwsCredentials.Builder
setClientId(java.lang.String clientId)
Sets the optional client ID of the service account from the console.AwsCredentials.Builder
setClientSecret(java.lang.String clientSecret)
Sets the optional client secret of the service account from the console.AwsCredentials.Builder
setCredentialSource(AwsCredentialSource credentialSource)
(package private) AwsCredentials.Builder
setEnvironmentProvider(EnvironmentProvider environmentProvider)
Sets the optional Environment Provider.AwsCredentials.Builder
setHttpTransportFactory(HttpTransportFactory transportFactory)
Sets the HTTP transport factory, creates the transport used to get access tokens.AwsCredentials.Builder
setQuotaProjectId(java.lang.String quotaProjectId)
Sets the optional project used for quota and billing purposes.AwsCredentials.Builder
setRegionalCredentialVerificationUrlOverride(java.lang.String regionalCredentialVerificationUrlOverride)
Sets the AWS regional credential verification URL.AwsCredentials.Builder
setScopes(java.util.Collection<java.lang.String> scopes)
Sets the optional scopes to request during the authorization grant.AwsCredentials.Builder
setServiceAccountImpersonationOptions(java.util.Map<java.lang.String,java.lang.Object> optionsMap)
Sets the optional service account impersonation options.AwsCredentials.Builder
setServiceAccountImpersonationUrl(java.lang.String serviceAccountImpersonationUrl)
Sets the optional URL used for service account impersonation, which is required for some APIs.AwsCredentials.Builder
setSubjectTokenType(ExternalAccountCredentials.SubjectTokenTypes subjectTokenType)
Sets the Security Token Service subject token type based on the OAuth 2.0 token exchange spec.AwsCredentials.Builder
setSubjectTokenType(java.lang.String subjectTokenType)
Sets the Security Token Service subject token type based on the OAuth 2.0 token exchange spec.AwsCredentials.Builder
setTokenInfoUrl(java.lang.String tokenInfoUrl)
Sets the optional endpoint used to retrieve account related information.AwsCredentials.Builder
setTokenUrl(java.lang.String tokenUrl)
Sets the Security Token Service token exchange endpoint.AwsCredentials.Builder
setUniverseDomain(java.lang.String universeDomain)
Sets the optional universe domain.AwsCredentials.Builder
setWorkforcePoolUserProject(java.lang.String workforcePoolUserProject)
Sets the optional workforce pool user project number when the credential corresponds to a workforce pool and not a workload identity pool.-
Methods inherited from class com.google.auth.oauth2.ExternalAccountCredentials.Builder
setCredentialSource
-
Methods inherited from class com.google.auth.oauth2.GoogleCredentials.Builder
getQuotaProjectId, getUniverseDomain, setAccessToken
-
Methods inherited from class com.google.auth.oauth2.OAuth2Credentials.Builder
getAccessToken, getExpirationMargin, getRefreshMargin, setExpirationMargin, setRefreshMargin
-
-
-
-
Field Detail
-
awsSecurityCredentialsSupplier
private AwsSecurityCredentialsSupplier awsSecurityCredentialsSupplier
-
regionalCredentialVerificationUrlOverride
private java.lang.String regionalCredentialVerificationUrlOverride
-
-
Constructor Detail
-
Builder
Builder()
-
Builder
Builder(AwsCredentials credentials)
-
-
Method Detail
-
setAwsSecurityCredentialsSupplier
@CanIgnoreReturnValue public AwsCredentials.Builder setAwsSecurityCredentialsSupplier(AwsSecurityCredentialsSupplier awsSecurityCredentialsSupplier)
Sets the AWS security credentials supplier. The supplier should return a validAwsSecurityCredentials
object and a valid AWS region.- Parameters:
awsSecurityCredentialsSupplier
- the supplier to use.- Returns:
- this
Builder
object
-
setRegionalCredentialVerificationUrlOverride
@CanIgnoreReturnValue public AwsCredentials.Builder setRegionalCredentialVerificationUrlOverride(java.lang.String regionalCredentialVerificationUrlOverride)
Sets the AWS regional credential verification URL. If set, will override any credential verification URL provided in the credential source. If not set, the credential verification URL will default to- Parameters:
regionalCredentialVerificationUrlOverride
- the AWS credential verification url to set.- Returns:
- this
Builder
object
-
setHttpTransportFactory
@CanIgnoreReturnValue public AwsCredentials.Builder setHttpTransportFactory(HttpTransportFactory transportFactory)
Description copied from class:ExternalAccountCredentials.Builder
Sets the HTTP transport factory, creates the transport used to get access tokens.- Overrides:
setHttpTransportFactory
in classExternalAccountCredentials.Builder
- Parameters:
transportFactory
- theHttpTransportFactory
to set- Returns:
- this
Builder
object
-
setAudience
@CanIgnoreReturnValue public AwsCredentials.Builder setAudience(java.lang.String audience)
Description copied from class:ExternalAccountCredentials.Builder
Sets the Security Token Service audience, which is usually the fully specified resource name of the workload/workforce pool provider.- Overrides:
setAudience
in classExternalAccountCredentials.Builder
- Parameters:
audience
- the Security Token Service audience to set- Returns:
- this
Builder
object
-
setSubjectTokenType
@CanIgnoreReturnValue public AwsCredentials.Builder setSubjectTokenType(java.lang.String subjectTokenType)
Description copied from class:ExternalAccountCredentials.Builder
Sets the Security Token Service subject token type based on the OAuth 2.0 token exchange spec. Indicates the type of the security token in the credential file.- Overrides:
setSubjectTokenType
in classExternalAccountCredentials.Builder
- Parameters:
subjectTokenType
- the Security Token Service subject token type to set- Returns:
- this
Builder
object
-
setSubjectTokenType
@CanIgnoreReturnValue public AwsCredentials.Builder setSubjectTokenType(ExternalAccountCredentials.SubjectTokenTypes subjectTokenType)
Description copied from class:ExternalAccountCredentials.Builder
Sets the Security Token Service subject token type based on the OAuth 2.0 token exchange spec. Indicates the type of the security token in the credential file.- Overrides:
setSubjectTokenType
in classExternalAccountCredentials.Builder
- Parameters:
subjectTokenType
- theSubjectTokenType
to set- Returns:
- this
Builder
object
-
setTokenUrl
@CanIgnoreReturnValue public AwsCredentials.Builder setTokenUrl(java.lang.String tokenUrl)
Description copied from class:ExternalAccountCredentials.Builder
Sets the Security Token Service token exchange endpoint.- Overrides:
setTokenUrl
in classExternalAccountCredentials.Builder
- Parameters:
tokenUrl
- the Security Token Service token exchange url to set- Returns:
- this
Builder
object
-
setCredentialSource
@CanIgnoreReturnValue public AwsCredentials.Builder setCredentialSource(AwsCredentialSource credentialSource)
-
setServiceAccountImpersonationUrl
@CanIgnoreReturnValue public AwsCredentials.Builder setServiceAccountImpersonationUrl(java.lang.String serviceAccountImpersonationUrl)
Description copied from class:ExternalAccountCredentials.Builder
Sets the optional URL used for service account impersonation, which is required for some APIs. If this URL is not available, the access token from the Security Token Service is used directly.- Overrides:
setServiceAccountImpersonationUrl
in classExternalAccountCredentials.Builder
- Parameters:
serviceAccountImpersonationUrl
- the service account impersonation url to set- Returns:
- this
Builder
object
-
setTokenInfoUrl
@CanIgnoreReturnValue public AwsCredentials.Builder setTokenInfoUrl(java.lang.String tokenInfoUrl)
Description copied from class:ExternalAccountCredentials.Builder
Sets the optional endpoint used to retrieve account related information. Required for gCloud session account identification.- Overrides:
setTokenInfoUrl
in classExternalAccountCredentials.Builder
- Parameters:
tokenInfoUrl
- the token info url to set- Returns:
- this
Builder
object
-
setQuotaProjectId
@CanIgnoreReturnValue public AwsCredentials.Builder setQuotaProjectId(java.lang.String quotaProjectId)
Description copied from class:ExternalAccountCredentials.Builder
Sets the optional project used for quota and billing purposes.- Overrides:
setQuotaProjectId
in classExternalAccountCredentials.Builder
- Parameters:
quotaProjectId
- the quota and billing project id to set- Returns:
- this
Builder
object
-
setClientId
@CanIgnoreReturnValue public AwsCredentials.Builder setClientId(java.lang.String clientId)
Description copied from class:ExternalAccountCredentials.Builder
Sets the optional client ID of the service account from the console.- Overrides:
setClientId
in classExternalAccountCredentials.Builder
- Parameters:
clientId
- the service account client id to set- Returns:
- this
Builder
object
-
setClientSecret
@CanIgnoreReturnValue public AwsCredentials.Builder setClientSecret(java.lang.String clientSecret)
Description copied from class:ExternalAccountCredentials.Builder
Sets the optional client secret of the service account from the console.- Overrides:
setClientSecret
in classExternalAccountCredentials.Builder
- Parameters:
clientSecret
- the service account client secret to set- Returns:
- this
Builder
object
-
setScopes
@CanIgnoreReturnValue public AwsCredentials.Builder setScopes(java.util.Collection<java.lang.String> scopes)
Description copied from class:ExternalAccountCredentials.Builder
Sets the optional scopes to request during the authorization grant.- Overrides:
setScopes
in classExternalAccountCredentials.Builder
- Parameters:
scopes
- the request scopes to set- Returns:
- this
Builder
object
-
setWorkforcePoolUserProject
@CanIgnoreReturnValue public AwsCredentials.Builder setWorkforcePoolUserProject(java.lang.String workforcePoolUserProject)
Description copied from class:ExternalAccountCredentials.Builder
Sets the optional workforce pool user project number when the credential corresponds to a workforce pool and not a workload identity pool. The underlying principal must still have serviceusage.services.use IAM permission to use the project for billing/quota.- Overrides:
setWorkforcePoolUserProject
in classExternalAccountCredentials.Builder
- Parameters:
workforcePoolUserProject
- the workforce pool user project number to set- Returns:
- this
Builder
object
-
setServiceAccountImpersonationOptions
@CanIgnoreReturnValue public AwsCredentials.Builder setServiceAccountImpersonationOptions(java.util.Map<java.lang.String,java.lang.Object> optionsMap)
Description copied from class:ExternalAccountCredentials.Builder
Sets the optional service account impersonation options.- Overrides:
setServiceAccountImpersonationOptions
in classExternalAccountCredentials.Builder
- Parameters:
optionsMap
- the service account impersonation options to set- Returns:
- this
Builder
object
-
setUniverseDomain
@CanIgnoreReturnValue public AwsCredentials.Builder setUniverseDomain(java.lang.String universeDomain)
Description copied from class:ExternalAccountCredentials.Builder
Sets the optional universe domain.- Overrides:
setUniverseDomain
in classExternalAccountCredentials.Builder
- Parameters:
universeDomain
- the universe domain to set- Returns:
- this
Builder
object
-
setEnvironmentProvider
@CanIgnoreReturnValue AwsCredentials.Builder setEnvironmentProvider(EnvironmentProvider environmentProvider)
Description copied from class:ExternalAccountCredentials.Builder
Sets the optional Environment Provider.- Overrides:
setEnvironmentProvider
in classExternalAccountCredentials.Builder
- Parameters:
environmentProvider
- theEnvironmentProvider
to set- Returns:
- this
Builder
object
-
build
public AwsCredentials build()
- Specified by:
build
in classExternalAccountCredentials.Builder
-
-