public class ExternalAccountAuthorizedUserCredentials extends GoogleCredentialsOAuth2 credentials sourced using external identities through Workforce Identity Federation.
Obtaining the initial access and refresh token can be done through the Google Cloud CLI.
Example credentials file: { "type": "external_account_authorized_user", "audience": "//iam.googleapis.com/locations/global/workforcePools/$WORKFORCE_POOL_ID/providers/$PROVIDER_ID", "refresh_token": "refreshToken", "token_url": "https://sts.googleapis.com/v1/oauthtoken", "token_info_url": "https://sts.googleapis.com/v1/introspect", "client_id": "clientId", "client_secret": "clientSecret" }
Inheritance
Object > Credentials > OAuth2Credentials > GoogleCredentials > ExternalAccountAuthorizedUserCredentialsStatic Methods
fromStream(InputStream credentialsStream)
public static ExternalAccountAuthorizedUserCredentials fromStream(InputStream credentialsStream)Returns external account authorized user credentials defined by a JSON file stream.
| Parameter | |
|---|---|
| Name | Description |
credentialsStream |
InputStreamthe stream with the credential definition |
| Returns | |
|---|---|
| Type | Description |
ExternalAccountAuthorizedUserCredentials |
the credential defined by the credentialsStream |
| Exceptions | |
|---|---|
| Type | Description |
IOException |
if the credential cannot be created from the stream |
fromStream(InputStream credentialsStream, HttpTransportFactory transportFactory)
public static ExternalAccountAuthorizedUserCredentials fromStream(InputStream credentialsStream, HttpTransportFactory transportFactory)Returns external account authorized user credentials defined by a JSON file stream.
| Parameters | |
|---|---|
| Name | Description |
credentialsStream |
InputStreamthe stream with the credential definition |
transportFactory |
HttpTransportFactorythe HTTP transport factory used to create the transport to get access tokens |
| Returns | |
|---|---|
| Type | Description |
ExternalAccountAuthorizedUserCredentials |
the credential defined by the credentialsStream |
| Exceptions | |
|---|---|
| Type | Description |
IOException |
if the credential cannot be created from the stream |
newBuilder()
public static ExternalAccountAuthorizedUserCredentials.Builder newBuilder()| Returns | |
|---|---|
| Type | Description |
ExternalAccountAuthorizedUserCredentials.Builder |
|
Methods
equals(Object obj)
public boolean equals(Object obj)| Parameter | |
|---|---|
| Name | Description |
obj |
Object |
| Returns | |
|---|---|
| Type | Description |
boolean |
|
getAudience()
public String getAudience()| Returns | |
|---|---|
| Type | Description |
String |
|
getClientId()
public String getClientId()| Returns | |
|---|---|
| Type | Description |
String |
|
getClientSecret()
public String getClientSecret()| Returns | |
|---|---|
| Type | Description |
String |
|
getRefreshToken()
public String getRefreshToken()| Returns | |
|---|---|
| Type | Description |
String |
|
getRevokeUrl()
public String getRevokeUrl()| Returns | |
|---|---|
| Type | Description |
String |
|
getTokenInfoUrl()
public String getTokenInfoUrl()| Returns | |
|---|---|
| Type | Description |
String |
|
getTokenUrl()
public String getTokenUrl()| Returns | |
|---|---|
| Type | Description |
String |
|
hashCode()
public int hashCode()| Returns | |
|---|---|
| Type | Description |
int |
|
refreshAccessToken()
public AccessToken refreshAccessToken()Method to refresh the access token according to the specific type of credentials.
Throws IllegalStateException if not overridden since direct use of OAuth2Credentials is only for temporary or non-refreshing access tokens.
| Returns | |
|---|---|
| Type | Description |
AccessToken |
|
| Exceptions | |
|---|---|
| Type | Description |
IOException |
|
toBuilder()
public ExternalAccountAuthorizedUserCredentials.Builder toBuilder()| Returns | |
|---|---|
| Type | Description |
ExternalAccountAuthorizedUserCredentials.Builder |
|
toString()
public String toString()| Returns | |
|---|---|
| Type | Description |
String |
|