Class IamUtils

java.lang.Object
com.google.auth.oauth2.IamUtils

class IamUtils extends Object
This internal class provides shared utilities for interacting with the IAM API for common features like signing.
  • Field Details

  • Constructor Details

    • IamUtils

      IamUtils()
  • Method Details

    • sign

      static byte[] sign(String serviceAccountEmail, Credentials credentials, com.google.api.client.http.HttpTransport transport, byte[] toSign, Map<String,?> additionalFields)
      Returns a signature for the provided bytes.
      Parameters:
      serviceAccountEmail - the email address for the service account used for signing
      credentials - credentials required for making the IAM call
      transport - transport used for building the HTTP request
      toSign - bytes to sign
      additionalFields - additional fields to send in the IAM call
      Returns:
      signed bytes
      Throws:
      ServiceAccountSigner.SigningException - if signing fails
    • getSignature

      private static String getSignature(String serviceAccountEmail, String bytes, Map<String,?> additionalFields, com.google.api.client.http.HttpRequestFactory factory) throws IOException
      Throws:
      IOException
    • getIdToken

      static IdToken getIdToken(String serviceAccountEmail, Credentials credentials, com.google.api.client.http.HttpTransport transport, String targetAudience, boolean includeEmail, Map<String,?> additionalFields, CredentialTypeForMetrics credentialTypeForMetrics) throws IOException
      Returns an IdToken issued to the serviceAccount with a specified targetAudience
      Parameters:
      serviceAccountEmail - the email address for the service account to get an ID Token for
      credentials - credentials required for making the IAM call
      transport - transport used for building the HTTP request
      targetAudience - the audience the issued ID token should include
      additionalFields - additional fields to send in the IAM call
      credentialTypeForMetrics - credential type for credential making this call
      Returns:
      IdToken issed to the serviceAccount
      Throws:
      IOException - if the IdToken cannot be issued.
      See Also: