googleauth - Class Google::Auth::ExternalAccount::PluggableAuthCredentials (v1.12.1)

Reference documentation and code samples for the googleauth class Google::Auth::ExternalAccount::PluggableAuthCredentials.

This module handles the retrieval of credentials from Google Cloud by utilizing the any 3PI provider then exchanging the credentials for a short-lived Google Cloud access token.

Inherits

  • Object

Methods

#client_id

def client_id()

Will always be nil, but method still gets used.

#initialize

def initialize(options = {}) -> PluggableAuthCredentials

Initialize from options map.

Parameters
  • audience (string)
  • credential_source (hash{symbol => value}) — credential_source is a hash that contains either source file or url. credential_source_format is either text or json. To define how we parse the credential response.
Returns

#retrieve_subject_token!

def retrieve_subject_token!()

Constants

ENABLE_PLUGGABLE_ENV

value: "GOOGLE_EXTERNAL_ACCOUNT_ALLOW_EXECUTABLES".freeze
constant for pluggable auth enablement in environment variable.

EXECUTABLE_SUPPORTED_MAX_VERSION

value: 1

EXECUTABLE_TIMEOUT_MILLIS_DEFAULT

value: 30 * 1000

EXECUTABLE_TIMEOUT_MILLIS_LOWER_BOUND

value: 5 * 1000

EXECUTABLE_TIMEOUT_MILLIS_UPPER_BOUND

value: 120 * 1000

ID_TOKEN_TYPE

value: ["urn:ietf:params:oauth:token-type:jwt", "urn:ietf:params:oauth:token-type:id_token"].freeze