AppIdentityService (Google App Engine API for Java)

com.google.appengine.api.appidentity

Interface AppIdentityService



  • public interface AppIdentityService
    The AppIdentityService allows you to sign an arbitrary byte array using a per app private key maintained by App Engine, and to retrieve a list of public certificates which can be used to verify the signature.

    App Engine is responsible for maintaining the per application private key. App Engine will rotate private keys periodically. App Engine never gives these private keys to the outside.

    Since private keys are rotated periodically, getPublicCertificatesForApp() could return a list of public certificates. It is the caller's responsibility to try these certificates one by one when doing signature verification.

    • Method Detail

      • getServiceAccountName

        java.lang.String getServiceAccountName()
        Gets service account name of the app.
        Returns:
        service account name of the app.
      • getDefaultGcsBucketName

        java.lang.String getDefaultGcsBucketName()
        Gets the default GS bucket name for the app.
        Returns:
        default GS bucket name for the app.
      • getAccessTokenUncached

        AppIdentityService.GetAccessTokenResult getAccessTokenUncached(java.lang.Iterable<java.lang.String> scopes)
        OAuth2 access token to act on behalf of the application, uncached. Most developers should use getAccessToken instead.
        Parameters:
        scopes - iterable of scopes to request.
        Returns:
        a GetAccessTokenResult object with the access token and expiration time.
        Throws:
        AppIdentityServiceFailureException
      • getAccessToken

        AppIdentityService.GetAccessTokenResult getAccessToken(java.lang.Iterable<java.lang.String> scopes)
        OAuth2 access token to act on behalf of the application. Generates and caches an OAuth2 access token for the service account for the appengine application. Each application has an associated Google account. This function returns OAuth2 access token corresponding to the running app. Access tokens are safe to cache and reuse until their expiry time as returned. This method will do that using memcache.
        Parameters:
        scopes - iterable of scopes to request.
        Returns:
        a GetAccessTokenResult object with the access token and expiration time.
        Throws:
        AppIdentityServiceFailureException