-
Notifications
You must be signed in to change notification settings - Fork 1.8k
/
Copy pathsnippets.go
130 lines (113 loc) · 3.32 KB
/
snippets.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
// Copyright 2019 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Package snippets contains Google Cloud authentication snippets.
package snippets
import (
"context"
"fmt"
"log"
"cloud.google.com/go/storage"
"golang.org/x/oauth2/google"
cloudkms "google.golang.org/api/cloudkms/v1"
"google.golang.org/api/iterator"
"google.golang.org/api/option"
)
// [START auth_cloud_implicit]
// implicit uses Application Default Credentials to authenticate.
func implicit() {
ctx := context.Background()
// For API packages whose import path is starting with "cloud.google.com/go",
// such as cloud.google.com/go/storage in this case, if there are no credentials
// provided, the client library will look for credentials in the environment.
storageClient, err := storage.NewClient(ctx)
if err != nil {
log.Fatal(err)
}
defer storageClient.Close()
it := storageClient.Buckets(ctx, "project-id")
for {
bucketAttrs, err := it.Next()
if err == iterator.Done {
break
}
if err != nil {
log.Fatal(err)
}
fmt.Println(bucketAttrs.Name)
}
// For packages whose import path is starting with "google.golang.org/api",
// such as google.golang.org/api/cloudkms/v1, use NewService to create the client.
kmsService, err := cloudkms.NewService(ctx)
if err != nil {
log.Fatal(err)
}
_ = kmsService
}
// [END auth_cloud_implicit]
// [START auth_cloud_explicit]
// explicit reads credentials from the specified path.
func explicit(jsonPath, projectID string) {
ctx := context.Background()
client, err := storage.NewClient(ctx, option.WithCredentialsFile(jsonPath))
if err != nil {
log.Fatal(err)
}
defer client.Close()
fmt.Println("Buckets:")
it := client.Buckets(ctx, projectID)
for {
battrs, err := it.Next()
if err == iterator.Done {
break
}
if err != nil {
log.Fatal(err)
}
fmt.Println(battrs.Name)
}
}
// [END auth_cloud_explicit]
// [START auth_cloud_explicit_compute_engine]
// [START auth_cloud_explicit_app_engine]
// explicitDefault finds the default credentials.
//
// It is very uncommon to need to explicitly get the default credentials in Go.
// Most of the time, client libraries can use Application Default Credentials
// without having to pass the credentials in directly. See implicit above.
func explicitDefault(projectID string) {
ctx := context.Background()
creds, err := google.FindDefaultCredentials(ctx, storage.ScopeReadOnly)
if err != nil {
log.Fatal(err)
}
client, err := storage.NewClient(ctx, option.WithCredentials(creds))
if err != nil {
log.Fatal(err)
}
defer client.Close()
fmt.Println("Buckets:")
it := client.Buckets(ctx, projectID)
for {
battrs, err := it.Next()
if err == iterator.Done {
break
}
if err != nil {
log.Fatal(err)
}
fmt.Println(battrs.Name)
}
}
// [END auth_cloud_explicit_compute_engine]
// [END auth_cloud_explicit_app_engine]