public ClientCredentialKey(ITokenAccess tokenAccess, ServiceEndpoint serviceEndpoint, IDictionary additionalOptions) : this() { Credential = tokenAccess; AdditionalOptions = additionalOptions; Endpoint = serviceEndpoint ?? SpannerClient.DefaultEndpoint; }
public static async Task RunOAuth2AuthTokenAsync(TestService.TestServiceClient client, string oauthScope) { #if !NETCOREAPP1_0 Console.WriteLine("running oauth2_auth_token"); ITokenAccess credential = (await GoogleCredential.GetApplicationDefaultAsync()).CreateScoped(new[] { oauthScope }); string oauth2Token = await credential.GetAccessTokenForRequestAsync(); var credentials = GoogleGrpcCredentials.FromAccessToken(oauth2Token); var request = new SimpleRequest { FillUsername = true, FillOauthScope = true }; var response = client.UnaryCall(request, new CallOptions(credentials: credentials)); Assert.False(string.IsNullOrEmpty(response.OauthScope)); Assert.True(oauthScope.Contains(response.OauthScope)); Assert.AreEqual(GetEmailFromServiceAccountFile(), response.Username); Console.WriteLine("Passed!"); #else // TODO(jtattermusch): implement this throw new NotImplementedException("Not supported on CoreCLR yet"); #endif }
/// <summary> /// Creates an <see cref="AsyncAuthInterceptor"/> that will obtain access token from any credential type that implements /// <c>ITokenAccess</c>. (e.g. <c>GoogleCredential</c>). /// </summary> /// <param name="credential">The credential to use to obtain access tokens.</param> /// <returns>The interceptor.</returns> public static AsyncAuthInterceptor FromCredential(ITokenAccess credential) { return new AsyncAuthInterceptor(async (context, metadata) => { var accessToken = await credential.GetAccessTokenForRequestAsync(context.ServiceUrl, CancellationToken.None).ConfigureAwait(false); metadata.Add(CreateBearerTokenHeader(accessToken)); }); }
public async Task <string> GetAccessTokenForRequestAsync() { ITokenAccess c = _googleCredential as ITokenAccess; _accessToken = await c.GetAccessTokenForRequestAsync(); return(_accessToken); }
/// <summary> /// Creates an <see cref="AsyncAuthInterceptor"/> that will obtain access token from any credential type that implements /// <c>ITokenAccess</c>. (e.g. <c>GoogleCredential</c>). /// </summary> /// <param name="credential">The credential to use to obtain access tokens.</param> /// <returns>The interceptor.</returns> public static AsyncAuthInterceptor FromCredential(ITokenAccess credential) { return(new AsyncAuthInterceptor(async(authUri, metadata) => { var accessToken = await credential.GetAccessTokenForRequestAsync(authUri, CancellationToken.None).ConfigureAwait(false); metadata.Add(CreateBearerTokenHeader(accessToken)); })); }
/// <summary> /// Creates interceptor that will obtain access token from any credential type that implements /// <c>ITokenAccess</c>. (e.g. <c>GoogleCredential</c>). /// </summary> /// <param name="credential">The credential to use to obtain access tokens.</param> /// <returns>The header interceptor.</returns> public static HeaderInterceptor FromCredential(ITokenAccess credential) { return new HeaderInterceptor((method, authUri, metadata) => { // TODO(jtattermusch): Rethink synchronous wait to obtain the result. var accessToken = credential.GetAccessTokenForRequestAsync(authUri, CancellationToken.None) .ConfigureAwait(false).GetAwaiter().GetResult(); metadata.Add(CreateBearerTokenHeader(accessToken)); }); }
/// <summary> /// Creates interceptor that will obtain access token from any credential type that implements /// <c>ITokenAccess</c>. (e.g. <c>GoogleCredential</c>). /// </summary> /// <param name="credential">The credential to use to obtain access tokens.</param> /// <returns>The header interceptor.</returns> public static HeaderInterceptor FromCredential(ITokenAccess credential) { return(new HeaderInterceptor((method, authUri, metadata) => { // TODO(jtattermusch): Rethink synchronous wait to obtain the result. var accessToken = credential.GetAccessTokenForRequestAsync(authUri, CancellationToken.None) .ConfigureAwait(false).GetAwaiter().GetResult(); metadata.Add(CreateBearerTokenHeader(accessToken)); })); }
public static async Task <SpannerClient> AcquireClientAsync( ITokenAccess credentials = null, ServiceEndpoint endpoint = null) { var key = new ClientPoolKey(credentials, endpoint ?? SpannerClient.DefaultEndpoint); var poolEntry = s_clientEntryPool.GetOrAdd(key, k => new ClientPoolEntry(key)); var result = await poolEntry.AcquireClientFromEntryAsync().ConfigureAwait(false); Logger.LogPerformanceCounter("SpannerClient.Count", () => s_clientEntryPool.Count); return(result); }
public async Task <SpannerClient> AcquireClientAsync( ITokenAccess credentials = null, ServiceEndpoint endpoint = null) { var key = new ClientCredentialKey(credentials, endpoint); var poolEntry = _clientPoolByCredential.GetOrAdd(key, k => new CredentialClientPool(k)); var result = await poolEntry.AcquireClientAsync(_clientFactory).ConfigureAwait(false); Logger.LogPerformanceCounter("SpannerClient.TotalCount", () => _clientPoolByCredential.Count); return(result); }
/// <inheritdoc /> /// <summary> /// Initializes a new instance of the <see cref="PlatformApiChannel" /> class with a given SpatialOS Platform API /// endpoint and credential. /// </summary> /// <exception cref="NoCredentialInSecureConnectionException"> /// Thrown when no credential is provided for a secure connection. /// </exception> /// <param name="apiEndpoint">The endpoint of the SpatialOS Platform API.</param> /// <param name="credential">The credential to authenticate with the API server.</param> public PlatformApiChannel(ITokenAccess credential, PlatformApiEndpoint apiEndpoint) : base( apiEndpoint.Host, apiEndpoint.Port, ConstructChannelCredentials(credential, apiEndpoint.Insecure), new List <ChannelOption> { new ChannelOption(ChannelOptions.PrimaryUserAgentString, AgentInfo) }) { }
/// <summary> /// Creates an <see cref="AsyncAuthInterceptor"/> that will obtain access token from any credential type that implements /// <c>ITokenAccess</c>. (e.g. <c>GoogleCredential</c>). /// </summary> /// <param name="credential">The credential to use to obtain access tokens.</param> /// <returns>The interceptor.</returns> public static AsyncAuthInterceptor FromCredential(ITokenAccess credential) { if (credential is ITokenAccessWithHeaders credentialWithHeaders) { return(FromCredential(credentialWithHeaders)); } return(new AsyncAuthInterceptor(async(context, metadata) => { var accessToken = await credential.GetAccessTokenForRequestAsync(context.ServiceUrl, CancellationToken.None).ConfigureAwait(false); metadata.Add(CreateBearerTokenHeader(accessToken)); })); }
private static ChannelCredentials ConstructChannelCredentials(ITokenAccess credential, bool insecure) { if (insecure) { return(ChannelCredentials.Insecure); } if (credential == null) { throw new NoCredentialInSecureConnectionException(); } return(ChannelCredentials.Create(new SslCredentials(), CallCredentials.FromInterceptor(GoogleAuthInterceptors.FromCredential(credential)))); }
public static async Task RunPerRpcCredsAsync(TestService.TestServiceClient client, string oauthScope) { Console.WriteLine("running per_rpc_creds"); ITokenAccess googleCredential = await GoogleCredential.GetApplicationDefaultAsync(); var credentials = googleCredential.ToCallCredentials(); var request = new SimpleRequest { FillUsername = true, }; var response = client.UnaryCall(request, new CallOptions(credentials: credentials)); Assert.AreEqual(GetEmailFromServiceAccountFile(), response.Username); Console.WriteLine("Passed!"); }
public void ReleaseClient(SpannerClient spannerClient, ITokenAccess credentials = null, ServiceEndpoint endpoint = null) { if (spannerClient != null) { var key = new ClientCredentialKey(credentials, endpoint); CredentialClientPool poolEntry; if (_clientPoolByCredential.TryGetValue(key, out poolEntry)) { poolEntry.ReleaseClient(spannerClient); } else { Logger.Error(() => "An attempt was made to release an unrecognized spanner client to the pool."); } } }
public static async Task RunOAuth2AuthTokenAsync(TestService.TestServiceClient client) { Console.WriteLine("running oauth2_auth_token"); ITokenAccess credential = (await GoogleCredential.GetApplicationDefaultAsync()).CreateScoped(new[] { AuthScope }); string oauth2Token = await credential.GetAccessTokenForRequestAsync(); client.HeaderInterceptor = OAuth2Interceptors.FromAccessToken(oauth2Token); var request = SimpleRequest.CreateBuilder() .SetFillUsername(true) .SetFillOauthScope(true) .Build(); var response = client.UnaryCall(request); Assert.AreEqual(AuthScopeResponse, response.OauthScope); Assert.AreEqual(ServiceAccountUser, response.Username); Console.WriteLine("Passed!"); }
public static async Task RunOAuth2AuthTokenAsync(TestService.TestServiceClient client, string oauthScope) { Console.WriteLine("running oauth2_auth_token"); ITokenAccess credential = (await GoogleCredential.GetApplicationDefaultAsync()).CreateScoped(new[] { oauthScope }); string oauth2Token = await credential.GetAccessTokenForRequestAsync(); var credentials = GoogleGrpcCredentials.FromAccessToken(oauth2Token); var request = new SimpleRequest { FillUsername = true, FillOauthScope = true }; var response = client.UnaryCall(request, new CallOptions(credentials: credentials)); Assert.False(string.IsNullOrEmpty(response.OauthScope)); Assert.True(oauthScope.Contains(response.OauthScope)); Assert.AreEqual(GetEmailFromServiceAccountFile(), response.Username); Console.WriteLine("Passed!"); }
public async Task <string> GetToken() { GoogleCredential credential; using (var stream = new System.IO.FileStream("serviceAccountKey.json", System.IO.FileMode.Open, System.IO.FileAccess.Read)) { credential = GoogleCredential.FromStream(stream).CreateScoped( new string[] { "https://www.googleapis.com/auth/firebase.database", "https://www.googleapis.com/auth/firebase.messaging", "https://www.googleapis.com/auth/identitytoolkit", "https://www.googleapis.com/auth/userinfo.email" } ); } ITokenAccess c = credential as ITokenAccess; return(await c.GetAccessTokenForRequestAsync()); }
public static async Task RunPerRpcCredsAsync(TestService.TestServiceClient client, string oauthScope) { #if !NETCOREAPP1_0 Console.WriteLine("running per_rpc_creds"); ITokenAccess googleCredential = await GoogleCredential.GetApplicationDefaultAsync(); var credentials = googleCredential.ToCallCredentials(); var request = new SimpleRequest { FillUsername = true, }; var response = client.UnaryCall(request, new CallOptions(credentials: credentials)); Assert.AreEqual(GetEmailFromServiceAccountFile(), response.Username); Console.WriteLine("Passed!"); #else // TODO(jtattermusch): implement this throw new NotImplementedException("Not supported on CoreCLR yet"); #endif }
public static async Task RunOAuth2AuthTokenAsync(IChannelWrapper channel, ClientOptions options) { var client = CreateClient <TestService.TestServiceClient>(channel); var oauthScope = options.OAuthScope !; ITokenAccess credential = (await GoogleCredential.GetApplicationDefaultAsync()).CreateScoped(new[] { oauthScope }); var oauth2Token = await credential.GetAccessTokenForRequestAsync(); var credentials = GoogleGrpcCredentials.FromAccessToken(oauth2Token); var request = new SimpleRequest { FillUsername = true, FillOauthScope = true }; var response = await client.UnaryCallAsync(request, new CallOptions(credentials : credentials)); Assert.IsFalse(string.IsNullOrEmpty(response.OauthScope)); Assert.IsTrue(oauthScope.Contains(response.OauthScope)); Assert.AreEqual(GetEmailFromServiceAccountFile(), response.Username); }
public static async Task RunPerRpcCredsAsync(TestService.TestServiceClient client) { Console.WriteLine("running per_rpc_creds"); ITokenAccess credential = (await GoogleCredential.GetApplicationDefaultAsync()).CreateScoped(new[] { AuthScope }); string oauth2Token = await credential.GetAccessTokenForRequestAsync(); var headerInterceptor = AuthInterceptors.FromAccessToken(oauth2Token); var request = SimpleRequest.CreateBuilder() .SetFillUsername(true) .SetFillOauthScope(true) .Build(); var headers = new Metadata(); headerInterceptor(null, "", headers); var response = client.UnaryCall(request, headers: headers); Assert.AreEqual(AuthScopeResponse, response.OauthScope); Assert.AreEqual(ServiceAccountUser, response.Username); Console.WriteLine("Passed!"); }
/// <summary> /// Convenience method to create a <see cref="ChannelCredentials"/> instance from /// <c>ITokenAccess</c> credential and <c>SslCredentials</c> instance. /// </summary> /// <param name="credential">The credential to use to obtain access tokens.</param> /// <param name="sslCredentials">The <c>SslCredentials</c> instance.</param> /// <returns>The channel credentials for access token based auth over a secure channel.</returns> public static ChannelCredentials Create(ITokenAccess credential, SslCredentials sslCredentials) { return(ChannelCredentials.Create(sslCredentials, Create(credential))); }
/// <summary> /// Converts a <c>ITokenAccess</c> object into a <see cref="MetadataCredentials"/> object supported /// by gRPC. /// </summary> /// <param name="credential"></param> /// <returns></returns> public static MetadataCredentials ToGrpcCredentials(this ITokenAccess credential) { return(GrpcCredentials.Create(credential)); }
public TokenService(ITokenAccess access) { _tokenAccess = access; }
/// <summary> /// Initialize a new instance of <see cref="OAuthTokenManager"/> /// </summary> /// <param name="credential">A <see cref="ITokenAccess"/></param> public OAuthTokenManager(ITokenAccess credential) { _credential = credential ?? throw new ArgumentNullException(nameof(credential)); }
public OAuth2Interceptor(ITokenAccess credential, IClock clock) { this.credential = credential; this.clock = clock; }
/// <summary> /// Convenience method to create a <see cref="ChannelCredentials"/> instance from /// <c>ITokenAccess</c> credential and <c>SslCredentials</c> instance. /// </summary> /// <param name="credential">The credential to use to obtain access tokens.</param> /// <param name="sslCredentials">The <c>SslCredentials</c> instance.</param> /// <returns>The channel credentials for access token based auth over a secure channel.</returns> public static ChannelCredentials Create(ITokenAccess credential, SslCredentials sslCredentials) { return ChannelCredentials.Create(sslCredentials, Create(credential)); }
/// <summary> /// Creates a <see cref="MetadataCredentials"/> instance that will obtain access tokens /// from any credential that implements <c>ITokenAccess</c>. (e.g. <c>GoogleCredential</c>). /// </summary> /// <param name="credential">The credential to use to obtain access tokens.</param> /// <returns>The <c>MetadataCredentials</c> instance.</returns> public static MetadataCredentials Create(ITokenAccess credential) { return new MetadataCredentials(AuthInterceptors.FromCredential(credential)); }
/// <inheritdoc /> public async Task <SpannerClient> CreateClientAsync(ServiceEndpoint endpoint, ITokenAccess credential, IDictionary additionalOptions) { ChannelCredentials channelCredentials; var allowImmediateTimeout = false; if (additionalOptions.Contains(nameof(SpannerSettings.AllowImmediateTimeouts))) { allowImmediateTimeout = Convert.ToBoolean(additionalOptions[nameof(SpannerSettings.AllowImmediateTimeouts)]); } if (credential == null) { channelCredentials = await CreateDefaultChannelCredentialsAsync().ConfigureAwait(false); } else { channelCredentials = credential.ToChannelCredentials(); } var channel = new Channel( endpoint.Host, endpoint.Port, channelCredentials); Logger.LogPerformanceCounterFn("SpannerClient.RawCreateCount", x => x + 1); //Pull the timeout from spanner options. //The option must be set before OpenAsync is called. var idempotentCallSettings = CallSettings.FromCallTiming( CallTiming.FromRetry( new RetrySettings( SpannerSettings.GetDefaultRetryBackoff(), SpannerSettings.GetDefaultTimeoutBackoff(), SpannerSettings.ConvertTimeoutToExpiration(SpannerOptions.Instance.Timeout, allowImmediateTimeout), SpannerSettings.IdempotentRetryFilter ))); return(SpannerClient.Create( channel, new SpannerSettings { CreateSessionSettings = idempotentCallSettings, GetSessionSettings = idempotentCallSettings, DeleteSessionSettings = idempotentCallSettings, ExecuteSqlSettings = idempotentCallSettings, ReadSettings = idempotentCallSettings, BeginTransactionSettings = idempotentCallSettings, CommitSettings = idempotentCallSettings, RollbackSettings = idempotentCallSettings, AllowImmediateTimeouts = allowImmediateTimeout })); }
public ClientPoolKey(ITokenAccess tokenAccess, ServiceEndpoint serviceEndpoint) : this() { Credential = tokenAccess; Endpoint = serviceEndpoint; }
/// <summary> /// Creates a <see cref="MetadataCredentials"/> instance that will obtain access tokens /// from any credential that implements <c>ITokenAccess</c>. (e.g. <c>GoogleCredential</c>). /// </summary> /// <param name="credential">The credential to use to obtain access tokens.</param> /// <returns>The <c>MetadataCredentials</c> instance.</returns> public static MetadataCredentials Create(ITokenAccess credential) { return(new MetadataCredentials(AuthInterceptors.FromCredential(credential))); }
/// <summary> /// Converts a <c>ITokenAccess</c> (e.g. <c>GoogleCredential</c>) object /// into a gRPC <see cref="CallCredentials"/> object. /// </summary> /// <param name="credential">The credential to use to obtain access tokens.</param> /// <returns>The <c>CallCredentials</c> instance.</returns> public static CallCredentials ToCallCredentials(this ITokenAccess credential) { return(CallCredentials.FromInterceptor(GoogleAuthInterceptors.FromCredential(credential))); }
public CredentialWrapper(ITokenAccess original) => _original = original;
/// <summary> /// Converts a <c>ITokenAccess</c> (e.g. <c>GoogleCredential</c>) object /// into a gRPC <see cref="ChannelCredentials"/> object. /// Default SSL credentials are used. /// </summary> /// <param name="googleCredential">The credential to use to obtain access tokens.</param> /// <returns>>The <c>ChannelCredentials</c> instance.</returns> public static ChannelCredentials ToChannelCredentials(this ITokenAccess googleCredential) { return(ChannelCredentials.Create(new SslCredentials(), googleCredential.ToCallCredentials())); }
public OAuth2Interceptor(ITokenAccess credential, IClock clock) { this.credential = credential; this.clock = clock; }
public ClientCredentialKey(ITokenAccess tokenAccess, ServiceEndpoint serviceEndpoint) : this() { Credential = tokenAccess; Endpoint = serviceEndpoint ?? SpannerClient.DefaultEndpoint; }