Reference documentation and code samples for the googleauth class Google::Auth::ExternalAccount::PluggableAuthCredentials.
This module handles the retrieval of credentials from Google Cloud by utilizing the any 3PI provider then exchanging the credentials for a short-lived Google Cloud access token.
Inherits
- Object
Extended By
Includes
Methods
#client_id
def client_id()Will always be nil, but method still gets used.
#initialize
def initialize(options = {}) -> PluggableAuthCredentialsInitialize from options map.
Parameters
- audience (string)
- credential_source (hash{symbol => value}) — credential_source is a hash that contains either source file or url. credential_source_format is either text or json. To define how we parse the credential response.
Returns
- (PluggableAuthCredentials) — a new instance of PluggableAuthCredentials
#retrieve_subject_token!
def retrieve_subject_token!()Constants
ENABLE_PLUGGABLE_ENV
value: "GOOGLE_EXTERNAL_ACCOUNT_ALLOW_EXECUTABLES".freeze
constant for pluggable auth enablement in environment variable.
EXECUTABLE_SUPPORTED_MAX_VERSION
value: 1
EXECUTABLE_TIMEOUT_MILLIS_DEFAULT
value: 30 * 1000
EXECUTABLE_TIMEOUT_MILLIS_LOWER_BOUND
value: 5 * 1000
EXECUTABLE_TIMEOUT_MILLIS_UPPER_BOUND
value: 120 * 1000
ID_TOKEN_TYPE
value: ["urn:ietf:params:oauth:token-type:jwt", "urn:ietf:params:oauth:token-type:id_token"].freeze