module Google::Auth::ExternalAccount::ExternalAccountUtils
def normalize_timestamp time
-
(Google::Auth::CredentialsError)- If the time value is not nil, Time, or String
Returns:
-
(Time, nil)- The normalized timestamp or nil if input is nil
Parameters:
-
time(Time, String, nil) -- The timestamp to normalize
def normalize_timestamp time case time when NilClass nil when Time time when String Time.parse time else raise CredentialsError, "Invalid time value #{time}" end end
def project_id
-
(String, nil)- The project ID corresponding to the workload identity
def project_id return @project_id unless @project_id.nil? project_number = self.project_number || @workforce_pool_user_project # if we missing either project number or scope, we won't retrieve project_id return nil if project_number.nil? || @scope.nil? url = "#{CLOUD_RESOURCE_MANAGER}#{project_number}" response = connection.get url do |req| req.headers["Authorization"] = "Bearer #{@access_token}" req.headers["Content-Type"] = "application/json" end if response.status == 200 response_data = MultiJson.load response.body, symbolize_names: true @project_id = response_data[:projectId] end @project_id end
def project_number
-
(String, nil)- The project number extracted from the audience string,
def project_number segments = @audience.split "/" idx = segments.index "projects" return nil if idx.nil? || idx + 1 == segments.size segments[idx + 1] end
def service_account_email
-
(String, nil)- The service account email extracted from the
def service_account_email return nil if @service_account_impersonation_url.nil? start_idx = @service_account_impersonation_url.rindex "/" end_idx = @service_account_impersonation_url.index ":generateAccessToken" if start_idx != -1 && end_idx != -1 && start_idx < end_idx start_idx += 1 return @service_account_impersonation_url[start_idx..end_idx] end nil end