Class Credentials
- java.lang.Object
-
- com.google.auth.Credentials
-
- All Implemented Interfaces:
java.io.Serializable
- Direct Known Subclasses:
ApiKeyCredentials
,JwtCredentials
,OAuth2Credentials
,ServiceAccountJwtAccessCredentials
public abstract class Credentials extends java.lang.Object implements java.io.Serializable
Represents an abstract authorized identity instance.- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
GOOGLE_DEFAULT_UNIVERSE
private static long
serialVersionUID
-
Constructor Summary
Constructors Constructor Description Credentials()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description protected void
blockingGetToCallback(java.net.URI uri, RequestMetadataCallback callback)
CallgetRequestMetadata(URI)
and pass the result or error to the callback.abstract java.lang.String
getAuthenticationType()
A constant string name describing the authentication technology.CredentialTypeForMetrics
getMetricsCredentialType()
Gets the credential type used for internal metrics header.java.util.Map<java.lang.String,java.util.List<java.lang.String>>
getRequestMetadata()
Get the current request metadata, refreshing tokens if required.abstract java.util.Map<java.lang.String,java.util.List<java.lang.String>>
getRequestMetadata(java.net.URI uri)
Get the current request metadata in a blocking manner, refreshing tokens if required.void
getRequestMetadata(java.net.URI uri, java.util.concurrent.Executor executor, RequestMetadataCallback callback)
Get the current request metadata without blocking.java.lang.String
getUniverseDomain()
Gets the universe domain for the credential in a blocking manner, refreshing tokens if required.abstract boolean
hasRequestMetadata()
Whether the credentials have metadata entries that should be added to each request.abstract boolean
hasRequestMetadataOnly()
Indicates whether or not the Auth mechanism works purely by including request metadata.abstract void
refresh()
Refresh the authorization data, discarding any cached state.
-
-
-
Field Detail
-
serialVersionUID
private static final long serialVersionUID
- See Also:
- Constant Field Values
-
GOOGLE_DEFAULT_UNIVERSE
public static final java.lang.String GOOGLE_DEFAULT_UNIVERSE
- See Also:
- Constant Field Values
-
-
Method Detail
-
getAuthenticationType
public abstract java.lang.String getAuthenticationType()
A constant string name describing the authentication technology.E.g. “OAuth2”, “SSL”. For use by the transport layer to determine whether it supports the type of authentication in the case where
hasRequestMetadataOnly()
is false. Also serves as a debugging helper.- Returns:
- The type of authentication used.
-
getUniverseDomain
public java.lang.String getUniverseDomain() throws java.io.IOException
Gets the universe domain for the credential in a blocking manner, refreshing tokens if required.- Returns:
- a universe domain value in the format some-domain.xyz. By default, returns the Google universe domain googleapis.com.
- Throws:
java.io.IOException
- extending classes might have to do remote calls to determine the universe domain. The exception must implementRetryable
andisRetryable()
will return true if the operation may be retried.
-
getMetricsCredentialType
public CredentialTypeForMetrics getMetricsCredentialType()
Gets the credential type used for internal metrics header.The default is
CredentialTypeForMetrics.DO_NOT_SEND
. For a credential that is established to track for metrics, this default should be overridden.- Returns:
- a enum value for credential type
-
getRequestMetadata
public java.util.Map<java.lang.String,java.util.List<java.lang.String>> getRequestMetadata() throws java.io.IOException
Get the current request metadata, refreshing tokens if required.This should be called by the transport layer on each request, and the data should be populated in headers or other context. The operation can block and fail to complete and may do things such as refreshing access tokens.
The convention for handling binary data is for the key in the returned map to end with
"-bin"
and for the corresponding values to be base64 encoded.- Returns:
- The request metadata used for populating headers or other context.
- Throws:
java.io.IOException
- if there was an error getting up-to-date access.
-
getRequestMetadata
public void getRequestMetadata(java.net.URI uri, java.util.concurrent.Executor executor, RequestMetadataCallback callback)
Get the current request metadata without blocking.This should be called by the transport layer on each request, and the data should be populated in headers or other context. The implementation can either call the callback inline or asynchronously. Either way it should never block in this method. The executor is provided for tasks that may block.
The default implementation will just call
getRequestMetadata(URI)
then the callback from the given executor.The convention for handling binary data is for the key in the returned map to end with
"-bin"
and for the corresponding values to be base64 encoded.- Parameters:
uri
- URI of the entry point for the request.executor
- Executor to perform the request.callback
- Callback to execute when the request is finished.
-
blockingGetToCallback
protected final void blockingGetToCallback(java.net.URI uri, RequestMetadataCallback callback)
CallgetRequestMetadata(URI)
and pass the result or error to the callback.- Parameters:
uri
- URI of the entry point for the request.callback
- Callback handler to execute when the metadata completes.
-
getRequestMetadata
public abstract java.util.Map<java.lang.String,java.util.List<java.lang.String>> getRequestMetadata(java.net.URI uri) throws java.io.IOException
Get the current request metadata in a blocking manner, refreshing tokens if required.This should be called by the transport layer on each request, and the data should be populated in headers or other context. The operation can block and fail to complete and may do things such as refreshing access tokens.
The convention for handling binary data is for the key in the returned map to end with
"-bin"
and for the corresponding values to be base64 encoded.- Parameters:
uri
- URI of the entry point for the request.- Returns:
- The request metadata used for populating headers or other context.
- Throws:
java.io.IOException
- if there was an error getting up-to-date access. The exception should implementRetryable
andisRetryable()
will return true if the operation may be retried.
-
hasRequestMetadata
public abstract boolean hasRequestMetadata()
Whether the credentials have metadata entries that should be added to each request.This should be called by the transport layer to see if
getRequestMetadata()
should be used for each request.- Returns:
- Whether or not the transport layer should call
getRequestMetadata()
-
hasRequestMetadataOnly
public abstract boolean hasRequestMetadataOnly()
Indicates whether or not the Auth mechanism works purely by including request metadata.This is meant for the transport layer. If this is true a transport does not need to take actions other than including the request metadata. If this is false, a transport must specifically know about the authentication technology to support it, and should fail to accept the credentials otherwise.
- Returns:
- Whether or not the Auth mechanism works purely by including request metadata.
-
refresh
public abstract void refresh() throws java.io.IOException
Refresh the authorization data, discarding any cached state.For use by the transport to allow retry after getting an error indicating there may be invalid tokens or other cached state.
- Throws:
java.io.IOException
- if there was an error getting up-to-date access.
-
-