Class ExternalAccountCredentials.Builder

Direct Known Subclasses:
AwsCredentials.Builder, IdentityPoolCredentials.Builder, PluggableAuthCredentials.Builder
Enclosing class:
ExternalAccountCredentials

public abstract static class ExternalAccountCredentials.Builder extends GoogleCredentials.Builder
Base builder for external account credentials.
  • Field Details

  • Constructor Details

  • Method Details

    • setHttpTransportFactory

      @CanIgnoreReturnValue public ExternalAccountCredentials.Builder setHttpTransportFactory(HttpTransportFactory transportFactory)
      Sets the HTTP transport factory, creates the transport used to get access tokens.
      Parameters:
      transportFactory - the HttpTransportFactory to set
      Returns:
      this Builder object
    • setAudience

      @CanIgnoreReturnValue public ExternalAccountCredentials.Builder setAudience(String audience)
      Sets the Security Token Service audience, which is usually the fully specified resource name of the workload/workforce pool provider.
      Parameters:
      audience - the Security Token Service audience to set
      Returns:
      this Builder object
    • setSubjectTokenType

      @CanIgnoreReturnValue public ExternalAccountCredentials.Builder setSubjectTokenType(String subjectTokenType)
      Sets the Security Token Service subject token type based on the OAuth 2.0 token exchange spec. Indicates the type of the security token in the credential file.
      Parameters:
      subjectTokenType - the Security Token Service subject token type to set
      Returns:
      this Builder object
    • setSubjectTokenType

      @CanIgnoreReturnValue public ExternalAccountCredentials.Builder setSubjectTokenType(ExternalAccountCredentials.SubjectTokenTypes subjectTokenType)
      Sets the Security Token Service subject token type based on the OAuth 2.0 token exchange spec. Indicates the type of the security token in the credential file.
      Parameters:
      subjectTokenType - the SubjectTokenType to set
      Returns:
      this Builder object
    • setTokenUrl

      @CanIgnoreReturnValue public ExternalAccountCredentials.Builder setTokenUrl(String tokenUrl)
      Sets the Security Token Service token exchange endpoint.
      Parameters:
      tokenUrl - the Security Token Service token exchange url to set
      Returns:
      this Builder object
    • setCredentialSource

      @CanIgnoreReturnValue public ExternalAccountCredentials.Builder setCredentialSource(ExternalAccountCredentials.CredentialSource credentialSource)
      Sets the external credential source.
      Parameters:
      credentialSource - the CredentialSource to set
      Returns:
      this Builder object
    • setServiceAccountImpersonationUrl

      @CanIgnoreReturnValue public ExternalAccountCredentials.Builder setServiceAccountImpersonationUrl(String serviceAccountImpersonationUrl)
      Sets the optional URL used for service account impersonation, which is required for some APIs. If this URL is not available, the access token from the Security Token Service is used directly.
      Parameters:
      serviceAccountImpersonationUrl - the service account impersonation url to set
      Returns:
      this Builder object
    • setTokenInfoUrl

      @CanIgnoreReturnValue public ExternalAccountCredentials.Builder setTokenInfoUrl(String tokenInfoUrl)
      Sets the optional endpoint used to retrieve account related information. Required for gCloud session account identification.
      Parameters:
      tokenInfoUrl - the token info url to set
      Returns:
      this Builder object
    • setQuotaProjectId

      @CanIgnoreReturnValue public ExternalAccountCredentials.Builder setQuotaProjectId(String quotaProjectId)
      Sets the optional project used for quota and billing purposes.
      Overrides:
      setQuotaProjectId in class GoogleCredentials.Builder
      Parameters:
      quotaProjectId - the quota and billing project id to set
      Returns:
      this Builder object
    • setClientId

      @CanIgnoreReturnValue public ExternalAccountCredentials.Builder setClientId(String clientId)
      Sets the optional client ID of the service account from the console.
      Parameters:
      clientId - the service account client id to set
      Returns:
      this Builder object
    • setClientSecret

      @CanIgnoreReturnValue public ExternalAccountCredentials.Builder setClientSecret(String clientSecret)
      Sets the optional client secret of the service account from the console.
      Parameters:
      clientSecret - the service account client secret to set
      Returns:
      this Builder object
    • setScopes

      @CanIgnoreReturnValue public ExternalAccountCredentials.Builder setScopes(Collection<String> scopes)
      Sets the optional scopes to request during the authorization grant.
      Parameters:
      scopes - the request scopes to set
      Returns:
      this Builder object
    • setWorkforcePoolUserProject

      @CanIgnoreReturnValue public ExternalAccountCredentials.Builder setWorkforcePoolUserProject(String workforcePoolUserProject)
      Sets the optional workforce pool user project number when the credential corresponds to a workforce pool and not a workload identity pool. The underlying principal must still have serviceusage.services.use IAM permission to use the project for billing/quota.
      Parameters:
      workforcePoolUserProject - the workforce pool user project number to set
      Returns:
      this Builder object
    • setServiceAccountImpersonationOptions

      @CanIgnoreReturnValue public ExternalAccountCredentials.Builder setServiceAccountImpersonationOptions(Map<String,Object> optionsMap)
      Sets the optional service account impersonation options.
      Parameters:
      optionsMap - the service account impersonation options to set
      Returns:
      this Builder object
    • setUniverseDomain

      @CanIgnoreReturnValue public ExternalAccountCredentials.Builder setUniverseDomain(String universeDomain)
      Sets the optional universe domain.
      Overrides:
      setUniverseDomain in class GoogleCredentials.Builder
      Parameters:
      universeDomain - the universe domain to set
      Returns:
      this Builder object
    • setEnvironmentProvider

      @CanIgnoreReturnValue ExternalAccountCredentials.Builder setEnvironmentProvider(EnvironmentProvider environmentProvider)
      Sets the optional Environment Provider.
      Parameters:
      environmentProvider - the EnvironmentProvider to set
      Returns:
      this Builder object
    • build

      public abstract ExternalAccountCredentials build()
      Overrides:
      build in class GoogleCredentials.Builder