Reference documentation and code samples for the googleauth class Google::Auth::ExternalAccount::PluggableAuthCredentials.
This module handles the retrieval of credentials from Google Cloud by utilizing the any 3PI provider then exchanging the credentials for a short-lived Google Cloud access token.
Inherits
- Object
Extended By
Includes
Methods
#client_id
def client_id()Will always be nil, but method still gets used.
#initialize
def initialize(options = {}) -> PluggableAuthCredentialsInitialize from options map.
Parameter
- options (Hash) — Configuration options
Returns
- (PluggableAuthCredentials) — a new instance of PluggableAuthCredentials
Raises
- (Google::Auth::InitializationError) — If executable source, command is missing, or timeout is invalid
#retrieve_subject_token!
def retrieve_subject_token!() -> StringRetrieves the subject token using the credential_source object.
Returns
- (String) — The retrieved subject token
Raises
- (Google::Auth::CredentialsError) — If executables are not allowed, if token retrieval fails, or if the token is invalid
Constants
ENABLE_PLUGGABLE_ENV
value: "GOOGLE_EXTERNAL_ACCOUNT_ALLOW_EXECUTABLES".freeze
constant for pluggable auth enablement in environment variable.
EXECUTABLE_SUPPORTED_MAX_VERSION
value: 1
EXECUTABLE_TIMEOUT_MILLIS_DEFAULT
value: 30 * 1000
EXECUTABLE_TIMEOUT_MILLIS_LOWER_BOUND
value: 5 * 1000
EXECUTABLE_TIMEOUT_MILLIS_UPPER_BOUND
value: 120 * 1000
ID_TOKEN_TYPE
value: ["urn:ietf:params:oauth:token-type:jwt", "urn:ietf:params:oauth:token-type:id_token"].freeze