class Google::Cloud::Credentials

which overrides the SCOPE constant.
This class is intended to be inherited by API-specific classes
Represents the OAuth 2.0 signing logic.
@private
#

def self.default scope: nil

Returns the default credentials.
#

def self.default scope: nil
  env  = ->(v) { ENV[v] }
  json = ->(v) { JSON.parse ENV[v] rescue nil unless ENV[v].nil? }
  path = ->(p) { ::File.file? p }
  # First try to find keyfile file from environment variables.
  self::PATH_ENV_VARS.map(&env).compact.select(&path).each do |file|
    return new file, scope: scope
  end
  # Second try to find keyfile json from environment variables.
  self::JSON_ENV_VARS.map(&json).compact.each do |hash|
    return new hash, scope: scope
  end
  # Third try to find keyfile file from known file paths.
  self::DEFAULT_PATHS.select(&path).each do |file|
    return new file, scope: scope
  end
  # Finally get instantiated client from Google::Auth.
  scope ||= self::SCOPE
  client = Google::Auth.get_application_default scope
  new client
end

def client_options options

def client_options options
  # Keyfile options have higher priority over constructor defaults
  options["token_credential_uri"] ||= self.class::TOKEN_CREDENTIAL_URI
  options["audience"]             ||= self.class::AUDIENCE
  options["scope"]                ||= self.class::SCOPE
  # client options for initializing signet client
  { token_credential_uri: options["token_credential_uri"],
    audience:             options["audience"],
    scope:                Array(options["scope"]),
    issuer:               options["client_email"],
    signing_key:          OpenSSL::PKey::RSA.new(options["private_key"]) }
end

def init_client keyfile

Initializes the Signet client.
#

def init_client keyfile
  client_opts = client_options keyfile
  Signet::OAuth2::Client.new client_opts
end

def initialize keyfile, scope: nil

def initialize keyfile, scope: nil
  verify_keyfile_provided! keyfile
  if keyfile.is_a? Signet::OAuth2::Client
    @client = keyfile
  elsif keyfile.is_a? Hash
    hash = stringify_hash_keys keyfile
    hash["scope"] ||= scope
    @client = init_client hash
  else
    verify_keyfile_exists! keyfile
    json = JSON.parse ::File.read(keyfile)
    json["scope"] ||= scope
    @client = init_client json
  end
  @client.fetch_access_token!
end

def stringify_hash_keys hash

returns a new Hash with string keys instead of symbol keys.
#

def stringify_hash_keys hash
  Hash[hash.map { |k, v| [k.to_s, v] }]
end

def verify_keyfile_exists! keyfile

Verify that the keyfile argument is a file.
#

def verify_keyfile_exists! keyfile
  exists = ::File.file? keyfile
  raise "The keyfile '#{keyfile}' is not a valid file." unless exists
end

def verify_keyfile_provided! keyfile

Verify that the keyfile argument is provided.
#

def verify_keyfile_provided! keyfile
  raise "You must provide a keyfile to connect with." if keyfile.nil?
end

Instance Methods

Defined in

lib/google/cloud/credentials.rb