Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
ENG-6645: GCP Extend overthere hosts to allow authentication using IA…
…M Token (#273) * ENG-6645: OVerthere GCP Token based authentication and Authorization * ENG-6645: GCP Extend overthere hosts to allow authentication using IAM tokens * ENG-6645: GCP Code Refractoring * ENG-6645: GCP Code Refractoring Next * Update Jenkinsfile * ENG-6645: GCP Overthere token Test Case * ENG-6645: GCP Overthere token Test Case Correction * ENG-6645: GCP Overthere Token based authentication Review comments * Update Jenkinsfile * Update GcpMetadataKeyManager.java Co-authored-by: Karthik Sonti <sonti.karthik2008@gmail.com>
- Loading branch information
1 parent
295d292
commit d32214a
Showing
8 changed files
with
131 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
51 changes: 51 additions & 0 deletions
51
...java/com/xebialabs/overthere/gcp/credentials/ServiceAccountTokenGcpCredentialFactory.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
package com.xebialabs.overthere.gcp.credentials; | ||
|
||
import com.google.api.client.auth.oauth2.BearerToken; | ||
import com.google.api.client.auth.oauth2.Credential; | ||
import com.google.api.client.auth.oauth2.TokenResponse; | ||
import com.google.api.client.http.GenericUrl; | ||
import com.google.api.client.http.HttpTransport; | ||
import com.google.api.client.json.JsonFactory; | ||
import com.google.api.client.json.jackson2.JacksonFactory; | ||
import com.google.api.client.googleapis.javanet.GoogleNetHttpTransport; | ||
|
||
import java.io.IOException; | ||
import java.security.GeneralSecurityException; | ||
/** | ||
* Returns credentials defined by a Service Account key in JSON format from the Google Developers Console. | ||
*/ | ||
class ServiceAccountTokenGcpCredentialFactory extends GcpCredentialFactory { | ||
|
||
private final String projectId; | ||
private final String apiToken; | ||
private static final JsonFactory JSON_FACTORY = JacksonFactory.getDefaultInstance(); | ||
private HttpTransport httpTransport; | ||
|
||
ServiceAccountTokenGcpCredentialFactory(final String projectId, final String apiToken) { | ||
this.projectId = projectId; | ||
this.apiToken = apiToken; | ||
} | ||
|
||
@Override | ||
protected ProjectCredentials doCreate() { | ||
try { | ||
this.httpTransport = GoogleNetHttpTransport.newTrustedTransport(); | ||
TokenResponse tokenResponse = new TokenResponse(); | ||
tokenResponse.setAccessToken(apiToken); | ||
return new ProjectCredentials(new Credential.Builder(BearerToken.authorizationHeaderAccessMethod()).setTransport( | ||
httpTransport) | ||
.setJsonFactory(JSON_FACTORY) | ||
.setTokenServerUrl( | ||
new GenericUrl("https://www.googleapis.com/auth/cloud-platform")) | ||
.build() | ||
.setFromTokenResponse(tokenResponse), projectId, ""); | ||
} catch (IOException | GeneralSecurityException e) { | ||
throw new IllegalArgumentException(String.format("Cannot use credentials from Token : %s", apiToken), e); | ||
} | ||
} | ||
|
||
@Override | ||
public String info() { | ||
return String.format("credentials Api Token : %s", apiToken); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters