static void Main(string[] args) { var t = GoogleCredential.GetApplicationDefaultAsync(); t.Wait(); var credential = t.Result; WriteLine($"Google default application credential is null? {credential == null}"); ReadKey(); }
private async Task <ChannelCredentials> CreateChannelCredentialsUncached() { var appDefaultCredentials = await GoogleCredential.GetApplicationDefaultAsync().ConfigureAwait(false); if (appDefaultCredentials.IsCreateScopedRequired) { appDefaultCredentials = appDefaultCredentials.CreateScoped(_scopes); } return(appDefaultCredentials.ToChannelCredentials()); }
private async Task <GoogleCredential> GetCredentialAsync() { var credential = await GoogleCredential.GetApplicationDefaultAsync(); if (credential.IsCreateScopedRequired) { credential = credential.CreateScoped(_configuration["vm_conf:credential_url"]); } return(credential); }
public DlpTestFixture() { ProjectId = Environment.GetEnvironmentVariable("GOOGLE_PROJECT_ID"); // Authorize the client using Application Default Credentials. // See: https://developers.google.com/identity/protocols/application-default-credentials GoogleCredential credential = GoogleCredential.GetApplicationDefaultAsync().Result; // Fetch the test key from an environment variable KeyName = Environment.GetEnvironmentVariable("DLP_DEID_KEY_NAME"); WrappedKey = Environment.GetEnvironmentVariable("DLP_DEID_WRAPPED_KEY"); }
private IConfigurableHttpClientInitializer GetApplicationDefaultCredentials() { // Loads credentials from file pointed to by GOOGLE_APPLICATION_CREDENTIALS environmental variable. var credential = GoogleCredential.GetApplicationDefaultAsync().Result; if (credential.IsCreateScopedRequired) { credential = credential.CreateScoped(StorageService.Scope.DevstorageReadWrite); } return(credential); }
/// <summary> /// Attempts to load the application default credentials /// </summary> /// <returns>The application default credentials, or null if none were found.</returns> private static ICredential LoadApplicationDefaultCredentials() { try { GoogleCredential credential = GoogleCredential.GetApplicationDefaultAsync().Result; return(credential.CreateScoped(scopes)); } catch (Exception) { // No application default credentials, continue to try other options. } return(null); }
public async Task SignedURLPut() { var bucketName = _fixture.BucketName; var credential = (await GoogleCredential.GetApplicationDefaultAsync()).UnderlyingCredential as ServiceAccountCredential; var httpClient = new HttpClient(); // Sample: SignedURLPut // Create a signed URL which allows the requester to PUT data with the text/plain content-type. UrlSigner urlSigner = UrlSigner.FromServiceAccountCredential(credential); var destination = "places/world.txt"; string url = urlSigner.Sign( bucketName, destination, TimeSpan.FromHours(1), HttpMethod.Put, contentHeaders: new Dictionary <string, IEnumerable <string> > { { "Content-Type", new[] { "text/plain" } } }); // Upload the content into the bucket using the signed URL. string source = "world.txt"; ByteArrayContent content; using (FileStream stream = File.OpenRead(source)) { byte[] data = new byte[stream.Length]; stream.Read(data, 0, data.Length); content = new ByteArrayContent(data) { Headers = { ContentType = new MediaTypeHeaderValue("text/plain") } }; } HttpResponseMessage response = await httpClient.PutAsync(url, content); // End sample Assert.True(response.IsSuccessStatusCode); var client = StorageClient.Create(); var result = new MemoryStream(); await client.DownloadObjectAsync(bucketName, destination, result); using (var stream = File.OpenRead(source)) { var data = new byte[stream.Length]; stream.Read(data, 0, data.Length); Assert.Equal(result.ToArray(), data); } await client.DeleteObjectAsync(bucketName, destination); }
public async Task SignedUrlWithIamServiceBlobSigner() { _fixture.SkipIf(Platform.Instance().Type == PlatformType.Unknown); var bucketName = _fixture.BucketName; var objectName = _fixture.HelloStorageObjectName; var credential = (await GoogleCredential.GetApplicationDefaultAsync()).UnderlyingCredential as ServiceAccountCredential; var httpClient = new HttpClient(); // Sample: IamServiceBlobSignerUsage // First obtain the email address of the default service account for this instance from the metadata server. HttpRequestMessage serviceAccountRequest = new HttpRequestMessage { // Note: you could use 169.254.169.254 as the address to avoid a DNS lookup. RequestUri = new Uri("http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/email"), Headers = { { "Metadata-Flavor", "Google" } } }; HttpResponseMessage serviceAccountResponse = await httpClient.SendAsync(serviceAccountRequest).ConfigureAwait(false); serviceAccountResponse.EnsureSuccessStatusCode(); string serviceAccountId = await serviceAccountResponse.Content.ReadAsStringAsync(); // Create an IAM service client object using the default application credentials. GoogleCredential iamCredential = await GoogleCredential.GetApplicationDefaultAsync(); iamCredential = iamCredential.CreateScoped(IamService.Scope.CloudPlatform); IamService iamService = new IamService(new BaseClientService.Initializer { HttpClientInitializer = iamCredential }); // Create a URL signer that will use the IAM service for signing. This signer is thread-safe, // and would typically occur as a dependency, e.g. in an ASP.NET Core controller, where the // same instance can be reused for each request. IamServiceBlobSigner blobSigner = new IamServiceBlobSigner(iamService, serviceAccountId); UrlSigner urlSigner = UrlSigner.FromBlobSigner(blobSigner); // Use the URL signer to sign a request for the test object for the next hour. string url = await urlSigner.SignAsync( bucketName, objectName, TimeSpan.FromHours(1), HttpMethod.Get); // Prove we can fetch the content of the test object with a simple unauthenticated GET request. HttpResponseMessage response = await httpClient.GetAsync(url); string content = await response.Content.ReadAsStringAsync(); // End sample Assert.Equal(_fixture.HelloWorldContent, content); }
public async ValueTask <string> GetAccessTokenAsync(HashSet <string> scopes, CancellationToken cancellationToken) { if (null == _googleCredential) { _googleCredential = await GoogleCredential.GetApplicationDefaultAsync(); } var scopedCredentials = _scopedCredentials.GetOrAdd(scopes, _scopedFactory); return(await scopedCredentials .UnderlyingCredential .GetAccessTokenForRequestAsync(cancellationToken : cancellationToken)); }
GetApplicationDefaultCredentials() { GoogleCredential credential = GoogleCredential.GetApplicationDefaultAsync().Result; if (credential.IsCreateScopedRequired) { credential = credential.CreateScoped(new[] { StorageService.Scope.DevstorageReadWrite }); } return(credential); }
private async Task Run() { // 1. no basic auth, with usercredentials // need to set export http_proxy=http://localhost:3128 for Pubsub // need to set ProxySupportedHttpClientFactory for GCS and oauth2 // auth Y // gcs Y // pubsub Y // 1638323879.659 693 192.168.9.1 TCP_TUNNEL/200 45147 CONNECT storage.googleapis.com:443 - HIER_DIRECT/172.253.63.128 - // 1638323879.659 884 192.168.9.1 TCP_TUNNEL/200 7349 CONNECT oauth2.googleapis.com:443 - HIER_DIRECT/142.251.45.10 - // 1638323879.659 372 192.168.9.1 TCP_TUNNEL/200 7878 CONNECT pubsub.googleapis.com:443 - HIER_DIRECT/172.217.13.234 - // 2. no basic auth, with service account credentials // export GOOGLE_APPLICATION_CREDENTIALS=/path/to/svc_account.json // auth N // gcs N // pubsub Y // 3. no basicauth, with ServiceAccountCredential //var stream = new FileStream("/path/to/svc_account.json", FileMode.Open, FileAccess.Read); //ServiceAccountCredential sacredential = ServiceAccountCredential.FromServiceAccountData(stream); GoogleCredential credential = await GoogleCredential.GetApplicationDefaultAsync(); credential = credential.CreateWithHttpClientFactory(new ProxySupportedHttpClientFactory()); StorageService service = new StorageService(new BaseClientService.Initializer { HttpClientInitializer = credential, ApplicationName = StorageClientImpl.ApplicationName, HttpClientFactory = new ProxySupportedHttpClientFactory(), }); var client = new StorageClientImpl(service, null); foreach (var b in client.ListBuckets(projectID)) { Console.WriteLine(b.Name); } PublisherServiceApiClient publisher = PublisherServiceApiClient.Create(); ProjectName projectName = ProjectName.FromProject(projectID); foreach (Topic t in publisher.ListTopics(projectName)) { Console.WriteLine(t.Name); } }
private async Task <GoogleCredential> GetGoogleSheetCredentials(string credentialFilePath) { var credentialAsJson = Environment.GetEnvironmentVariable(GoogleApplicationCredentialsAsJson); if (credentialAsJson != null) { return(GoogleCredential.FromJson(credentialAsJson)); } return(credentialFilePath switch { null or "" => await GoogleCredential.GetApplicationDefaultAsync(), _ => await GoogleCredential.FromFileAsync(credentialFilePath, CancellationToken.None) });
private async Task <GoogleCredential> AuthorizedAsync(dynamic secureOptions) { switch (secureOptions.CloudSecure) { case CloudSecureOptions.defualt: return(await GoogleCredential.GetApplicationDefaultAsync()); case CloudSecureOptions.file: return(await GoogleCredential.FromJson(secureOptions.SecureFileLocation)); default: return(await GoogleCredential.GetApplicationDefaultAsync()); } }
public static VisionService CreateDefaultAuthorizedClient() { var credential = GoogleCredential.GetApplicationDefaultAsync().Result; if (credential.IsCreateScopedRequired) { credential = credential.CreateScoped(new[] { VisionService.Scope.CloudPlatform }); } return(new VisionService(new BaseClientService.Initializer() { HttpClientInitializer = credential, GZipEnabled = false })); }
/// <summary> /// Helper to create a channel from a host, port and optional credentials. /// </summary> /// <param name="host">The host to connect to.</param> /// <param name="port">The port to connect to.</param> /// <param name="credentials">The credentials to use, or null to use application default credentials.</param> /// <returns></returns> internal static async Task <Channel> CreateChannelAsync(string host, int port, ChannelCredentials credentials) { if (credentials == null) { var appDefaultCredentials = await GoogleCredential.GetApplicationDefaultAsync().ConfigureAwait(false); if (appDefaultCredentials.IsCreateScopedRequired) { appDefaultCredentials = appDefaultCredentials.CreateScoped(SpannerClient.DefaultScopes); } credentials = appDefaultCredentials.ToChannelCredentials(); } return(new Channel(host, port, credentials)); }
/// <summary> /// Uses GOOGLE_APPLICATION_CREDENTIALS to locate key file. /// </summary> /// <returns></returns> public static async Task <BigtableCredentials> UseEnvironmentAsync() { // Hookup .pem file SetDefaultSslKeyFilePath(); // Make sure user did it right! EnsureEnvironmentVariableExists(BigtableConstants.EnvironmentVariables.ApplicationCredentialsFilePath); EnsureEnvironmentVariableExists(BigtableConstants.EnvironmentVariables.SslRootFilePath); // Get credential var credentials = await GoogleCredential.GetApplicationDefaultAsync(); // Return results return(new BigtableCredentials(credentials)); }
/// <summary> /// Synchronously creates a <see cref="StorageClient"/>, using application default credentials if /// no credentials are specified. /// </summary> /// <remarks> /// The credentials are scoped as necessary. /// </remarks> /// <param name="credential">Optional <see cref="GoogleCredential"/>.</param> /// <returns>The created <see cref="StorageClient"/>.</returns> public static StorageClient Create(GoogleCredential credential = null) { credential = credential ?? Task.Run(() => GoogleCredential.GetApplicationDefaultAsync()).Result; if (credential.IsCreateScopedRequired) { credential = credential.CreateScoped(StorageService.Scope.DevstorageFullControl); } var service = new StorageService(new BaseClientService.Initializer { HttpClientInitializer = credential, ApplicationName = StorageClientImpl.ApplicationName, }); return(new StorageClientImpl(service)); }
async Task <GmailService> GetService() { var cred = await GoogleCredential.GetApplicationDefaultAsync(); cred = cred.CreateScoped(Scopes) .CreateWithUser(_config.FromEmailAddress); var svc = new GmailService(new BaseClientService.Initializer() { HttpClientInitializer = cred, ApplicationName = _config.ApplicationName }); return(svc); }
public static GoogleCredential FetchCredential(IConfiguration configuration) { // Use the default credentials if the environment variable is set. if (Environment.GetEnvironmentVariable("GOOGLE_APPLICATION_CREDENTIALS") != null) { return(GoogleCredential.GetApplicationDefaultAsync().Result); } string secretUri = configuration["APPSETTING_SecretUri"]; string clientId = configuration["APPSETTING_ClientId"]; string clientSecret = configuration["APPSETTING_ClientSecret"]; ClientCredential credential = new ClientCredential(clientId, clientSecret); var secret = GetKeyVaultSecret(credential, secretUri); return(GoogleCredential.FromStream(new MemoryStream(Encoding.UTF8.GetBytes(secret)))); }
public async static Task Run() { string CRED_PATH = new Factory.FileFactory().GetFolder() + @"\api_key\My First Project-ca909aeb1219.json"; Environment.SetEnvironmentVariable("GOOGLE_APPLICATION_CREDENTIALS", CRED_PATH); GoogleCredential credential = await GoogleCredential.GetApplicationDefaultAsync(); var service = new Oauth2Service(new BaseClientService.Initializer() { HttpClientInitializer = credential, ApplicationName = "Oauth2 Sample", } ); }
public async Task AuthImplicit(string projectId) { // If you don't specify credentials when constructing the client, the // client library will look for credentials in the environment. var credential = await GoogleCredential.GetApplicationDefaultAsync(); // var storage = StorageClient.Create(credential); // Make an authenticated API request. // var buckets = storage.ListBuckets(projectId); // foreach (var bucket in buckets) // { // Console.WriteLine(bucket.Name); // } await Task.FromResult(0); }
public static async Task RunPerRpcCredsAsync(TestService.TestServiceClient client, string oauthScope) { Console.WriteLine("running per_rpc_creds"); ITokenAccess googleCredential = await GoogleCredential.GetApplicationDefaultAsync(); var credentials = googleCredential.ToCallCredentials(); var request = new SimpleRequest { FillUsername = true, }; var response = client.UnaryCall(request, new CallOptions(credentials: credentials)); Assert.AreEqual(GetEmailFromServiceAccountFile(), response.Username); Console.WriteLine("Passed!"); }
public PubsubFixture() { GrpcInfo.EnableSubchannelCounting(); _projectNumber = new Lazy <Task <string> >(async() => { var cred = await GoogleCredential.GetApplicationDefaultAsync().ConfigureAwait(false); cred = cred.CreateScoped(CloudResourceManagerService.Scope.CloudPlatformReadOnly); var crm = new CloudResourceManagerService(new BaseClientService.Initializer { HttpClientInitializer = cred, ApplicationName = "pubsub integration test", }); var project = await crm.Projects.Get(ProjectId).ExecuteAsync().ConfigureAwait(false); return(project.ProjectNumber.ToString()); }); }
/// <summary> /// Create the Error Reporting service (<seealso cref="ClouderrorreportingService"/>) /// with the Application Default Credentials and the proper scopes. /// See: https://developers.google.com/identity/protocols/application-default-credentials. /// </summary> private static ClouderrorreportingService CreateErrorReportingClient() { // Get the Application Default Credentials. GoogleCredential credential = GoogleCredential.GetApplicationDefaultAsync().Result; // Add the needed scope to the credentials. credential.CreateScoped(ClouderrorreportingService.Scope.CloudPlatform); // Create the Error Reporting Service. ClouderrorreportingService service = new ClouderrorreportingService(new BaseClientService.Initializer { HttpClientInitializer = credential, }); return(service); }
private async Task Run() { // export GOOGLE_APPLICATION_CREDENTIALS=/path/to/svc_account.json GoogleCredential credential = await GoogleCredential.GetApplicationDefaultAsync(); //var stream = new FileStream("/path/to/svc_account.json", FileMode.Open, FileAccess.Read); //ServiceAccountCredential credential = ServiceAccountCredential.FromServiceAccountData(stream); var client = StorageClient.Create(); string project_id = "your-project"; foreach (var obj in client.ListObjects(project_id, "")) { Console.WriteLine(obj.Name); } }
//TODO: ASync private void CallCloudVision(Android.Graphics.Bitmap bitmap) { mImageDetails.SetText(Resource.String.loading_message); GoogleCredential credential = GoogleCredential.GetApplicationDefaultAsync().Result; if (credential.IsCreateScopedRequired) { credential = credential.CreateScoped(new[] { VisionService.Scope.CloudPlatform }); } var vision = new VisionService(new BaseClientService.Initializer { HttpClientInitializer = credential, GZipEnabled = false }); var byteArrayOutputStream = new MemoryStream(); bitmap.Compress(Bitmap.CompressFormat.Png, 100, byteArrayOutputStream); var byteArray = byteArrayOutputStream.ToArray(); var imageData = Convert.ToBase64String(byteArray); var responses = vision.Images.Annotate( new BatchAnnotateImagesRequest() { Requests = new[] { new AnnotateImageRequest() { Features = new [] { new Feature() { Type = "LABEL_DETECTION" } }, Image = new Image() { Content = imageData } } } }).Execute(); }
public async Task PostPolicyAcl() { var bucketName = _fixture.BucketName; var objectName = "places/world.txt"; var credential = (await GoogleCredential.GetApplicationDefaultAsync()).UnderlyingCredential as ServiceAccountCredential; // Sample: PostPolicyAcl // Create a signed post policy which can be used to upload a specific object and // expires in 10 seconds after creation. // It also sets a starts-with condition on the acl form element, that should be met // by the actual form used for posting. UrlSigner urlSigner = UrlSigner .FromServiceAccountCredential(credential); UrlSigner.Options options = UrlSigner.Options .FromDuration(TimeSpan.FromHours(1)) .WithSigningVersion(SigningVersion.V4) .WithScheme("https"); UrlSigner.PostPolicy postPolicy = UrlSigner.PostPolicy.ForBucketAndKey(bucketName, objectName); postPolicy.SetStartsWith(UrlSigner.PostPolicyStandardElement.Acl, "public"); UrlSigner.SignedPostPolicy signedPostPolicy = await urlSigner.SignAsync(postPolicy, options); // Create an HTML form including all the fields in the signed post policy. StringBuilder form = new StringBuilder(); form.AppendLine($"<form action=\"{signedPostPolicy.PostUrl}\" method=\"post\" enctype=\"multipart/form-data\">"); foreach (var field in signedPostPolicy.Fields) { form.AppendLine($"<input type=\"hidden\" name=\"{field.Key}\" value=\"{field.Value}\">"); } // Include also an acl element with a value that meets the condition set in the policy. form.AppendLine("<input type=\"hidden\" name=\"acl\" value=\"public-read\">"); // Include the file element. It should always be the last element in the form. form.AppendLine("<input name=\"file\" type=\"file\">"); form.AppendLine("<input type=\"submit\" value=\"Upload\">"); form.AppendLine("</form>"); // You can now save the form to file and serve it as static content // or send it as the response to a request made to your application. File.WriteAllText("PostPolicyAcl.html", form.ToString()); //// End sample Assert.Contains(signedPostPolicy.PostUrl.ToString(), form.ToString()); File.Delete("PostPolicyAcl.html"); }
/// <summary> /// Asynchronously creates a new <see cref="StorageClient"/> from the default application credentials. /// </summary> /// <remarks> /// The application credentials are available to developers by running <c>gcloud auth</c> from the /// command line, and are available automatically on Google Cloud Platform hosts. /// </remarks> /// <param name="applicationName">The name of the application to create a client for. Must not be null.</param> /// <returns>A client configured with the application-default credentials.</returns> public static async Task <StorageClient> FromApplicationCredentials(string applicationName) { Preconditions.CheckNotNull(applicationName, nameof(applicationName)); var credentials = await GoogleCredential.GetApplicationDefaultAsync(); if (credentials.IsCreateScopedRequired) { credentials = credentials.CreateScoped(StorageService.Scope.DevstorageFullControl); } var initializer = new BaseClientService.Initializer { HttpClientInitializer = credentials, ApplicationName = applicationName, }; return(new StorageClient(initializer)); }
/// <summary> /// Obtains channel credentials asynchronously. Override this method in a concrete builder type if more /// credential mechanisms are supported. /// </summary> protected async virtual Task <ChannelCredentials> GetChannelCredentialsAsync(CancellationToken cancellationToken) { if (ChannelCredentials != null) { return(ChannelCredentials); } if (TokenAccessMethod != null) { return(new DelegatedTokenAccess(TokenAccessMethod).ToChannelCredentials()); } GoogleCredential unscoped = CredentialsPath != null?GoogleCredential.FromFile(CredentialsPath) : // TODO: Use an async method when one is available JsonCredentials != null?GoogleCredential.FromJson(JsonCredentials) : await GoogleCredential.GetApplicationDefaultAsync().ConfigureAwait(false); return(unscoped.CreateScoped(Scopes ?? GetDefaultScopes()).ToChannelCredentials()); }
public static async Task RunPerRpcCredsAsync(IChannelWrapper channel, ClientOptions options) { var client = CreateClient <TestService.TestServiceClient>(channel); var oauthScope = options.OAuthScope !; var googleCredential = await GoogleCredential.GetApplicationDefaultAsync(); var credentials = googleCredential.ToCallCredentials(); var request = new SimpleRequest { FillUsername = true, }; var response = await client.UnaryCallAsync(request, new CallOptions(credentials : credentials)); Assert.AreEqual(GetEmailFromServiceAccountFile(), response.Username); }