// [END auth_cloud_explicit] // [START auth_cloud_explicit_compute_engine] // Some APIs, like Storage, accept a credential in their Create() // method. public object AuthExplicitComputeEngine(string projectId) { // Explicitly request service account credentials from the compute // engine instance. GoogleCredential credential = GoogleCredential.FromComputeCredential(); var storage = StorageClient.Create(credential); // Make an authenticated API request. var buckets = storage.ListBuckets(projectId); foreach (var bucket in buckets) { Console.WriteLine(bucket.Name); } return(null); }
// [END auth_cloud_explicit] // [START auth_cloud_explicit_compute_engine] public object AuthExplicitComputeEngine(string projectId) { // Explicitly use the credentials provided by the compute // engine instance on which this code is running. GoogleCredential credential = GoogleCredential.FromComputeCredential(); var storage = StorageClient.Create(credential); // Make an authenticated API request. var buckets = storage.ListBuckets(projectId); foreach (var bucket in buckets) { Console.WriteLine(bucket.Name); } return(null); }
public async Task FromComputeCredential_FetchesOidcToken() { var clock = new MockClock { UtcNow = new DateTime(2020, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc) }; var messageHandler = new OidcTokenSuccessMessageHandler(clock); var initializer = new ComputeCredential.Initializer("http://will.be.ignored", "http://will.be.ignored") { Clock = clock, HttpClientFactory = new MockHttpClientFactory(messageHandler) }; var computeCredential = new ComputeCredential(initializer); var googleCredential = GoogleCredential.FromComputeCredential(computeCredential); var oidcToken = await googleCredential.GetOidcTokenAsync(OidcTokenOptions.FromTargetAudience("audience")); Assert.Equal("very_fake_access_token_1", await oidcToken.GetAccessTokenAsync()); }
public async Task FromComputeCredential_FetchesOidcToken() { // A little bit after the tokens returned from OidcTokenFakes were issued. var clock = new MockClock(new DateTime(2020, 5, 21, 9, 20, 0, 0, DateTimeKind.Utc)); var messageHandler = new OidcComputeSuccessMessageHandler(); var initializer = new ComputeCredential.Initializer("http://will.be.ignored", "http://will.be.ignored") { Clock = clock, HttpClientFactory = new MockHttpClientFactory(messageHandler) }; var computeCredential = new ComputeCredential(initializer); var googleCredential = GoogleCredential.FromComputeCredential(computeCredential); // The fake Oidc server returns valid tokens (expired in the real world for safty) // but with a set audience that lets us know if the token was refreshed or not. var oidcToken = await googleCredential.GetOidcTokenAsync(OidcTokenOptions.FromTargetAudience("will.be.ignored")); var signedToken = SignedToken <Header, Payload> .FromSignedToken(await oidcToken.GetAccessTokenAsync()); Assert.Equal("https://first_call.test", signedToken.Payload.Audience); }
public void Create_InvalidSourceCredential() => Assert.Throws <InvalidOperationException>(() => ImpersonatedCredential.Create( GoogleCredential.FromComputeCredential(), new ImpersonatedCredential.Initializer("principal")));