Class IdentityPoolCredentials
java.lang.Object
com.google.auth.Credentials
com.google.auth.oauth2.OAuth2Credentials
com.google.auth.oauth2.GoogleCredentials
com.google.auth.oauth2.ExternalAccountCredentials
com.google.auth.oauth2.IdentityPoolCredentials
- All Implemented Interfaces:
QuotaProjectIdProvider, Serializable
Url-sourced, file-sourced, or user provided supplier method-sourced external account credentials.
By default, attempts to exchange the external credential for a GCP access token.
- See Also:
-
Nested Class Summary
Nested ClassesNested classes/interfaces inherited from class ExternalAccountCredentials
ExternalAccountCredentials.CredentialSource, ExternalAccountCredentials.ServiceAccountImpersonationOptions, ExternalAccountCredentials.SubjectTokenTypesNested classes/interfaces inherited from class OAuth2Credentials
OAuth2Credentials.AsyncRefreshResult, OAuth2Credentials.CacheState, OAuth2Credentials.CredentialsChangedListener, OAuth2Credentials.FutureCallbackToMetadataCallbackAdapter, OAuth2Credentials.OAuthValue, OAuth2Credentials.RefreshTask, OAuth2Credentials.RefreshTaskListener -
Field Summary
FieldsModifier and TypeFieldDescription(package private) static final Stringprivate final Stringprivate static final longprivate final IdentityPoolSubjectTokenSupplierprivate final ExternalAccountSupplierContext(package private) static final StringFields inherited from class ExternalAccountCredentials
DEFAULT_TOKEN_URL, EXECUTABLE_SOURCE_KEY, EXTERNAL_ACCOUNT_FILE_TYPE, impersonatedCredentials, PROGRAMMATIC_METRICS_HEADER_VALUE, transportFactoryFields inherited from class GoogleCredentials
GDCH_SERVICE_ACCOUNT_FILE_TYPE, QUOTA_PROJECT_ID_HEADER_KEY, quotaProjectId, SERVICE_ACCOUNT_FILE_TYPE, USER_FILE_TYPEFields inherited from class OAuth2Credentials
clock, DEFAULT_EXPIRATION_MARGIN, DEFAULT_REFRESH_MARGIN, lock, refreshTaskFields inherited from class Credentials
GOOGLE_DEFAULT_UNIVERSE -
Constructor Summary
ConstructorsConstructorDescriptionInternal constructor. -
Method Summary
Modifier and TypeMethodDescriptioncreateScoped(Collection<String> newScopes) Clones the IdentityPoolCredentials with the specified scopes.(package private) String(package private) IdentityPoolSubjectTokenSuppliernewBuilder(IdentityPoolCredentials identityPoolCredentials) Method to refresh the access token according to the specific type of credentials.Retrieves the external subject token to be exchanged for a Google Cloud access token.Methods inherited from class ExternalAccountCredentials
buildImpersonatedCredentials, exchangeExternalCredentialForAccessToken, fromJson, fromStream, fromStream, getAudience, getClientId, getClientSecret, getCredentialSource, getEnvironmentProvider, getRequestMetadata, getRequestMetadata, getScopes, getServiceAccountEmail, getServiceAccountImpersonationOptions, getServiceAccountImpersonationUrl, getSubjectTokenType, getTokenInfoUrl, getTokenUrl, getUniverseDomain, getWorkforcePoolUserProject, isWorkforcePoolConfiguration, validateServiceAccountImpersonationInfoUrl, validateTokenUrlMethods inherited from class GoogleCredentials
addQuotaProjectIdToRequestMetadata, create, create, createDelegated, createScoped, createScoped, createScopedRequired, createWithCustomRetryStrategy, createWithQuotaProject, equals, getAdditionalHeaders, getApplicationDefault, getApplicationDefault, getQuotaProjectId, hashCode, isDefaultUniverseDomain, isExplicitUniverseDomain, toBuilder, toString, toStringHelperMethods inherited from class OAuth2Credentials
addChangeListener, getAccessToken, getAuthenticationType, getExpirationMargin, getFromServiceLoader, getRefreshMargin, getRequestMetadataInternal, hasRequestMetadata, hasRequestMetadataOnly, newInstance, refresh, refreshIfExpired, removeChangeListenerMethods inherited from class Credentials
blockingGetToCallback, getMetricsCredentialType, getRequestMetadata
-
Field Details
-
FILE_METRICS_HEADER_VALUE
- See Also:
-
URL_METRICS_HEADER_VALUE
- See Also:
-
serialVersionUID
private static final long serialVersionUID- See Also:
-
subjectTokenSupplier
-
supplierContext
-
metricsHeaderValue
-
-
Constructor Details
-
IdentityPoolCredentials
IdentityPoolCredentials(IdentityPoolCredentials.Builder builder) Internal constructor. SeeIdentityPoolCredentials.Builder.
-
-
Method Details
-
refreshAccessToken
Description copied from class:OAuth2CredentialsMethod to refresh the access token according to the specific type of credentials.Throws IllegalStateException if not overridden since direct use of OAuth2Credentials is only for temporary or non-refreshing access tokens.
- Overrides:
refreshAccessTokenin classOAuth2Credentials- Returns:
- never
- Throws:
IOException
-
retrieveSubjectToken
Description copied from class:ExternalAccountCredentialsRetrieves the external subject token to be exchanged for a Google Cloud access token.Must be implemented by subclasses as the retrieval method is dependent on the credential source.
- Specified by:
retrieveSubjectTokenin classExternalAccountCredentials- Returns:
- the external subject token
- Throws:
IOException- if the subject token cannot be retrieved
-
getCredentialSourceType
String getCredentialSourceType()- Overrides:
getCredentialSourceTypein classExternalAccountCredentials
-
getIdentityPoolSubjectTokenSupplier
IdentityPoolSubjectTokenSupplier getIdentityPoolSubjectTokenSupplier() -
createScoped
Clones the IdentityPoolCredentials with the specified scopes.- Overrides:
createScopedin classGoogleCredentials- Parameters:
newScopes- Collection of scopes to request.- Returns:
- GoogleCredentials with requested scopes.
-
newBuilder
-
newBuilder
public static IdentityPoolCredentials.Builder newBuilder(IdentityPoolCredentials identityPoolCredentials)
-