arvados-google-api-client 0.8.7.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/CHANGELOG.md +178 -0
- data/Gemfile +9 -0
- data/LICENSE +202 -0
- data/README.md +218 -0
- data/Rakefile +41 -0
- data/google-api-client.gemspec +43 -0
- data/lib/cacerts.pem +2183 -0
- data/lib/compat/multi_json.rb +19 -0
- data/lib/google/api_client.rb +750 -0
- data/lib/google/api_client/auth/compute_service_account.rb +28 -0
- data/lib/google/api_client/auth/file_storage.rb +59 -0
- data/lib/google/api_client/auth/installed_app.rb +126 -0
- data/lib/google/api_client/auth/jwt_asserter.rb +126 -0
- data/lib/google/api_client/auth/key_utils.rb +93 -0
- data/lib/google/api_client/auth/pkcs12.rb +41 -0
- data/lib/google/api_client/auth/storage.rb +102 -0
- data/lib/google/api_client/auth/storages/file_store.rb +58 -0
- data/lib/google/api_client/auth/storages/redis_store.rb +54 -0
- data/lib/google/api_client/batch.rb +326 -0
- data/lib/google/api_client/charset.rb +33 -0
- data/lib/google/api_client/client_secrets.rb +179 -0
- data/lib/google/api_client/discovery.rb +19 -0
- data/lib/google/api_client/discovery/api.rb +310 -0
- data/lib/google/api_client/discovery/media.rb +77 -0
- data/lib/google/api_client/discovery/method.rb +363 -0
- data/lib/google/api_client/discovery/resource.rb +156 -0
- data/lib/google/api_client/discovery/schema.rb +117 -0
- data/lib/google/api_client/environment.rb +42 -0
- data/lib/google/api_client/errors.rb +65 -0
- data/lib/google/api_client/gzip.rb +28 -0
- data/lib/google/api_client/logging.rb +32 -0
- data/lib/google/api_client/media.rb +259 -0
- data/lib/google/api_client/railtie.rb +18 -0
- data/lib/google/api_client/reference.rb +27 -0
- data/lib/google/api_client/request.rb +350 -0
- data/lib/google/api_client/result.rb +255 -0
- data/lib/google/api_client/service.rb +233 -0
- data/lib/google/api_client/service/batch.rb +110 -0
- data/lib/google/api_client/service/request.rb +144 -0
- data/lib/google/api_client/service/resource.rb +40 -0
- data/lib/google/api_client/service/result.rb +162 -0
- data/lib/google/api_client/service/simple_file_store.rb +151 -0
- data/lib/google/api_client/service/stub_generator.rb +61 -0
- data/lib/google/api_client/service_account.rb +21 -0
- data/lib/google/api_client/version.rb +26 -0
- data/spec/google/api_client/auth/storage_spec.rb +122 -0
- data/spec/google/api_client/auth/storages/file_store_spec.rb +40 -0
- data/spec/google/api_client/auth/storages/redis_store_spec.rb +70 -0
- data/spec/google/api_client/batch_spec.rb +248 -0
- data/spec/google/api_client/client_secrets_spec.rb +53 -0
- data/spec/google/api_client/discovery_spec.rb +708 -0
- data/spec/google/api_client/gzip_spec.rb +98 -0
- data/spec/google/api_client/media_spec.rb +178 -0
- data/spec/google/api_client/request_spec.rb +29 -0
- data/spec/google/api_client/result_spec.rb +207 -0
- data/spec/google/api_client/service_account_spec.rb +169 -0
- data/spec/google/api_client/service_spec.rb +618 -0
- data/spec/google/api_client/simple_file_store_spec.rb +133 -0
- data/spec/google/api_client_spec.rb +352 -0
- data/spec/spec_helper.rb +66 -0
- metadata +339 -0
@@ -0,0 +1,28 @@
|
|
1
|
+
# Copyright 2013 Google Inc.
|
2
|
+
#
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
4
|
+
# you may not use this file except in compliance with the License.
|
5
|
+
# You may obtain a copy of the License at
|
6
|
+
#
|
7
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
8
|
+
#
|
9
|
+
# Unless required by applicable law or agreed to in writing, software
|
10
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
11
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
12
|
+
# See the License for the specific language governing permissions and
|
13
|
+
# limitations under the License.
|
14
|
+
|
15
|
+
require 'faraday'
|
16
|
+
require 'signet/oauth_2/client'
|
17
|
+
|
18
|
+
module Google
|
19
|
+
class APIClient
|
20
|
+
class ComputeServiceAccount < Signet::OAuth2::Client
|
21
|
+
def fetch_access_token(options={})
|
22
|
+
connection = options[:connection] || Faraday.default_connection
|
23
|
+
response = connection.get 'http://metadata/computeMetadata/v1beta1/instance/service-accounts/default/token'
|
24
|
+
Signet::OAuth2.parse_credentials(response.body, response.headers['content-type'])
|
25
|
+
end
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
@@ -0,0 +1,59 @@
|
|
1
|
+
# Copyright 2013 Google Inc.
|
2
|
+
#
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
4
|
+
# you may not use this file except in compliance with the License.
|
5
|
+
# You may obtain a copy of the License at
|
6
|
+
#
|
7
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
8
|
+
#
|
9
|
+
# Unless required by applicable law or agreed to in writing, software
|
10
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
11
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
12
|
+
# See the License for the specific language governing permissions and
|
13
|
+
# limitations under the License.
|
14
|
+
|
15
|
+
require 'signet/oauth_2/client'
|
16
|
+
require_relative 'storage'
|
17
|
+
require_relative 'storages/file_store'
|
18
|
+
|
19
|
+
module Google
|
20
|
+
class APIClient
|
21
|
+
|
22
|
+
##
|
23
|
+
# Represents cached OAuth 2 tokens stored on local disk in a
|
24
|
+
# JSON serialized file. Meant to resemble the serialized format
|
25
|
+
# http://google-api-python-client.googlecode.com/hg/docs/epy/oauth2client.file.Storage-class.html
|
26
|
+
#
|
27
|
+
# @deprecated
|
28
|
+
# Use {Google::APIClient::Storage} and {Google::APIClient::FileStore} instead
|
29
|
+
#
|
30
|
+
class FileStorage
|
31
|
+
|
32
|
+
attr_accessor :storage
|
33
|
+
|
34
|
+
def initialize(path)
|
35
|
+
store = Google::APIClient::FileStore.new(path)
|
36
|
+
@storage = Google::APIClient::Storage.new(store)
|
37
|
+
@storage.authorize
|
38
|
+
end
|
39
|
+
|
40
|
+
def load_credentials
|
41
|
+
storage.authorize
|
42
|
+
end
|
43
|
+
|
44
|
+
def authorization
|
45
|
+
storage.authorization
|
46
|
+
end
|
47
|
+
|
48
|
+
##
|
49
|
+
# Write the credentials to the specified file.
|
50
|
+
#
|
51
|
+
# @param [Signet::OAuth2::Client] authorization
|
52
|
+
# Optional authorization instance. If not provided, the authorization
|
53
|
+
# already associated with this instance will be written.
|
54
|
+
def write_credentials(auth=nil)
|
55
|
+
storage.write_credentials(auth)
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
@@ -0,0 +1,126 @@
|
|
1
|
+
# Copyright 2010 Google Inc.
|
2
|
+
#
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
4
|
+
# you may not use this file except in compliance with the License.
|
5
|
+
# You may obtain a copy of the License at
|
6
|
+
#
|
7
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
8
|
+
#
|
9
|
+
# Unless required by applicable law or agreed to in writing, software
|
10
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
11
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
12
|
+
# See the License for the specific language governing permissions and
|
13
|
+
# limitations under the License.
|
14
|
+
|
15
|
+
require 'webrick'
|
16
|
+
require 'launchy'
|
17
|
+
|
18
|
+
module Google
|
19
|
+
class APIClient
|
20
|
+
|
21
|
+
# Small helper for the sample apps for performing OAuth 2.0 flows from the command
|
22
|
+
# line or in any other installed app environment.
|
23
|
+
#
|
24
|
+
# @example
|
25
|
+
#
|
26
|
+
# client = Google::APIClient.new
|
27
|
+
# flow = Google::APIClient::InstalledAppFlow.new(
|
28
|
+
# :client_id => '691380668085.apps.googleusercontent.com',
|
29
|
+
# :client_secret => '...',
|
30
|
+
# :scope => 'https://www.googleapis.com/auth/drive'
|
31
|
+
# )
|
32
|
+
# client.authorization = flow.authorize
|
33
|
+
#
|
34
|
+
class InstalledAppFlow
|
35
|
+
|
36
|
+
RESPONSE_BODY = <<-HTML
|
37
|
+
<html>
|
38
|
+
<head>
|
39
|
+
<script>
|
40
|
+
function closeWindow() {
|
41
|
+
window.open('', '_self', '');
|
42
|
+
window.close();
|
43
|
+
}
|
44
|
+
setTimeout(closeWindow, 10);
|
45
|
+
</script>
|
46
|
+
</head>
|
47
|
+
<body>You may close this window.</body>
|
48
|
+
</html>
|
49
|
+
HTML
|
50
|
+
|
51
|
+
##
|
52
|
+
# Configure the flow
|
53
|
+
#
|
54
|
+
# @param [Hash] options The configuration parameters for the client.
|
55
|
+
# @option options [Fixnum] :port
|
56
|
+
# Port to run the embedded server on. Defaults to 9292
|
57
|
+
# @option options [String] :client_id
|
58
|
+
# A unique identifier issued to the client to identify itself to the
|
59
|
+
# authorization server.
|
60
|
+
# @option options [String] :client_secret
|
61
|
+
# A shared symmetric secret issued by the authorization server,
|
62
|
+
# which is used to authenticate the client.
|
63
|
+
# @option options [String] :scope
|
64
|
+
# The scope of the access request, expressed either as an Array
|
65
|
+
# or as a space-delimited String.
|
66
|
+
#
|
67
|
+
# @see Signet::OAuth2::Client
|
68
|
+
def initialize(options)
|
69
|
+
@port = options[:port] || 9292
|
70
|
+
@authorization = Signet::OAuth2::Client.new({
|
71
|
+
:authorization_uri => 'https://accounts.google.com/o/oauth2/auth',
|
72
|
+
:token_credential_uri => 'https://accounts.google.com/o/oauth2/token',
|
73
|
+
:redirect_uri => "http://localhost:#{@port}/"}.update(options)
|
74
|
+
)
|
75
|
+
end
|
76
|
+
|
77
|
+
##
|
78
|
+
# Request authorization. Opens a browser and waits for response.
|
79
|
+
#
|
80
|
+
# @param [Google::APIClient::Storage] storage
|
81
|
+
# Optional object that responds to :write_credentials, used to serialize
|
82
|
+
# the OAuth 2 credentials after completing the flow.
|
83
|
+
#
|
84
|
+
# @return [Signet::OAuth2::Client]
|
85
|
+
# Authorization instance, nil if user cancelled.
|
86
|
+
def authorize(storage=nil)
|
87
|
+
auth = @authorization
|
88
|
+
|
89
|
+
server = WEBrick::HTTPServer.new(
|
90
|
+
:Port => @port,
|
91
|
+
:BindAddress =>"localhost",
|
92
|
+
:Logger => WEBrick::Log.new(STDOUT, 0),
|
93
|
+
:AccessLog => []
|
94
|
+
)
|
95
|
+
begin
|
96
|
+
trap("INT") { server.shutdown }
|
97
|
+
|
98
|
+
server.mount_proc '/' do |req, res|
|
99
|
+
auth.code = req.query['code']
|
100
|
+
if auth.code
|
101
|
+
auth.fetch_access_token!
|
102
|
+
end
|
103
|
+
res.status = WEBrick::HTTPStatus::RC_ACCEPTED
|
104
|
+
res.body = RESPONSE_BODY
|
105
|
+
server.stop
|
106
|
+
end
|
107
|
+
|
108
|
+
Launchy.open(auth.authorization_uri.to_s)
|
109
|
+
server.start
|
110
|
+
ensure
|
111
|
+
server.shutdown
|
112
|
+
end
|
113
|
+
if @authorization.access_token
|
114
|
+
if storage.respond_to?(:write_credentials)
|
115
|
+
storage.write_credentials(@authorization)
|
116
|
+
end
|
117
|
+
return @authorization
|
118
|
+
else
|
119
|
+
return nil
|
120
|
+
end
|
121
|
+
end
|
122
|
+
end
|
123
|
+
|
124
|
+
end
|
125
|
+
end
|
126
|
+
|
@@ -0,0 +1,126 @@
|
|
1
|
+
# Copyright 2010 Google Inc.
|
2
|
+
#
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
4
|
+
# you may not use this file except in compliance with the License.
|
5
|
+
# You may obtain a copy of the License at
|
6
|
+
#
|
7
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
8
|
+
#
|
9
|
+
# Unless required by applicable law or agreed to in writing, software
|
10
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
11
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
12
|
+
# See the License for the specific language governing permissions and
|
13
|
+
# limitations under the License.
|
14
|
+
|
15
|
+
require 'jwt'
|
16
|
+
require 'signet/oauth_2/client'
|
17
|
+
require 'delegate'
|
18
|
+
|
19
|
+
module Google
|
20
|
+
class APIClient
|
21
|
+
##
|
22
|
+
# Generates access tokens using the JWT assertion profile. Requires a
|
23
|
+
# service account & access to the private key.
|
24
|
+
#
|
25
|
+
# @example Using Signet
|
26
|
+
#
|
27
|
+
# key = Google::APIClient::KeyUtils.load_from_pkcs12('client.p12', 'notasecret')
|
28
|
+
# client.authorization = Signet::OAuth2::Client.new(
|
29
|
+
# :token_credential_uri => 'https://accounts.google.com/o/oauth2/token',
|
30
|
+
# :audience => 'https://accounts.google.com/o/oauth2/token',
|
31
|
+
# :scope => 'https://www.googleapis.com/auth/prediction',
|
32
|
+
# :issuer => '123456-abcdef@developer.gserviceaccount.com',
|
33
|
+
# :signing_key => key)
|
34
|
+
# client.authorization.fetch_access_token!
|
35
|
+
# client.execute(...)
|
36
|
+
#
|
37
|
+
# @deprecated
|
38
|
+
# Service accounts are now supported directly in Signet
|
39
|
+
# @see https://developers.google.com/accounts/docs/OAuth2ServiceAccount
|
40
|
+
class JWTAsserter
|
41
|
+
# @return [String] ID/email of the issuing party
|
42
|
+
attr_accessor :issuer
|
43
|
+
# @return [Fixnum] How long, in seconds, the assertion is valid for
|
44
|
+
attr_accessor :expiry
|
45
|
+
# @return [Fixnum] Seconds to expand the issued at/expiry window to account for clock skew
|
46
|
+
attr_accessor :skew
|
47
|
+
# @return [String] Scopes to authorize
|
48
|
+
attr_reader :scope
|
49
|
+
# @return [String,OpenSSL::PKey] key for signing assertions
|
50
|
+
attr_writer :key
|
51
|
+
# @return [String] Algorithm used for signing
|
52
|
+
attr_accessor :algorithm
|
53
|
+
|
54
|
+
##
|
55
|
+
# Initializes the asserter for a service account.
|
56
|
+
#
|
57
|
+
# @param [String] issuer
|
58
|
+
# Name/ID of the client issuing the assertion
|
59
|
+
# @param [String, Array] scope
|
60
|
+
# Scopes to authorize. May be a space delimited string or array of strings
|
61
|
+
# @param [String,OpenSSL::PKey] key
|
62
|
+
# Key for signing assertions
|
63
|
+
# @param [String] algorithm
|
64
|
+
# Algorithm to use, either 'RS256' for RSA with SHA-256
|
65
|
+
# or 'HS256' for HMAC with SHA-256
|
66
|
+
def initialize(issuer, scope, key, algorithm = "RS256")
|
67
|
+
self.issuer = issuer
|
68
|
+
self.scope = scope
|
69
|
+
self.expiry = 60 # 1 min default
|
70
|
+
self.skew = 60
|
71
|
+
self.key = key
|
72
|
+
self.algorithm = algorithm
|
73
|
+
end
|
74
|
+
|
75
|
+
##
|
76
|
+
# Set the scopes to authorize
|
77
|
+
#
|
78
|
+
# @param [String, Array] new_scope
|
79
|
+
# Scopes to authorize. May be a space delimited string or array of strings
|
80
|
+
def scope=(new_scope)
|
81
|
+
case new_scope
|
82
|
+
when Array
|
83
|
+
@scope = new_scope.join(' ')
|
84
|
+
when String
|
85
|
+
@scope = new_scope
|
86
|
+
when nil
|
87
|
+
@scope = ''
|
88
|
+
else
|
89
|
+
raise TypeError, "Expected Array or String, got #{new_scope.class}"
|
90
|
+
end
|
91
|
+
end
|
92
|
+
|
93
|
+
##
|
94
|
+
# Request a new access token.
|
95
|
+
#
|
96
|
+
# @param [String] person
|
97
|
+
# Email address of a user, if requesting a token to act on their behalf
|
98
|
+
# @param [Hash] options
|
99
|
+
# Pass through to Signet::OAuth2::Client.fetch_access_token
|
100
|
+
# @return [Signet::OAuth2::Client] Access token
|
101
|
+
#
|
102
|
+
# @see Signet::OAuth2::Client.fetch_access_token!
|
103
|
+
def authorize(person = nil, options={})
|
104
|
+
authorization = self.to_authorization(person)
|
105
|
+
authorization.fetch_access_token!(options)
|
106
|
+
return authorization
|
107
|
+
end
|
108
|
+
|
109
|
+
##
|
110
|
+
# Builds a Signet OAuth2 client
|
111
|
+
#
|
112
|
+
# @return [Signet::OAuth2::Client] Access token
|
113
|
+
def to_authorization(person = nil)
|
114
|
+
return Signet::OAuth2::Client.new(
|
115
|
+
:token_credential_uri => 'https://accounts.google.com/o/oauth2/token',
|
116
|
+
:audience => 'https://accounts.google.com/o/oauth2/token',
|
117
|
+
:scope => self.scope,
|
118
|
+
:issuer => @issuer,
|
119
|
+
:signing_key => @key,
|
120
|
+
:signing_algorithm => @algorithm,
|
121
|
+
:person => person
|
122
|
+
)
|
123
|
+
end
|
124
|
+
end
|
125
|
+
end
|
126
|
+
end
|
@@ -0,0 +1,93 @@
|
|
1
|
+
# Copyright 2010 Google Inc.
|
2
|
+
#
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
4
|
+
# you may not use this file except in compliance with the License.
|
5
|
+
# You may obtain a copy of the License at
|
6
|
+
#
|
7
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
8
|
+
#
|
9
|
+
# Unless required by applicable law or agreed to in writing, software
|
10
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
11
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
12
|
+
# See the License for the specific language governing permissions and
|
13
|
+
# limitations under the License.
|
14
|
+
|
15
|
+
module Google
|
16
|
+
class APIClient
|
17
|
+
##
|
18
|
+
# Helper for loading keys from the PKCS12 files downloaded when
|
19
|
+
# setting up service accounts at the APIs Console.
|
20
|
+
#
|
21
|
+
module KeyUtils
|
22
|
+
##
|
23
|
+
# Loads a key from PKCS12 file, assuming a single private key
|
24
|
+
# is present.
|
25
|
+
#
|
26
|
+
# @param [String] keyfile
|
27
|
+
# Path of the PKCS12 file to load. If not a path to an actual file,
|
28
|
+
# assumes the string is the content of the file itself.
|
29
|
+
# @param [String] passphrase
|
30
|
+
# Passphrase for unlocking the private key
|
31
|
+
#
|
32
|
+
# @return [OpenSSL::PKey] The private key for signing assertions.
|
33
|
+
def self.load_from_pkcs12(keyfile, passphrase)
|
34
|
+
load_key(keyfile, passphrase) do |content, pass_phrase|
|
35
|
+
OpenSSL::PKCS12.new(content, pass_phrase).key
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
39
|
+
|
40
|
+
##
|
41
|
+
# Loads a key from a PEM file.
|
42
|
+
#
|
43
|
+
# @param [String] keyfile
|
44
|
+
# Path of the PEM file to load. If not a path to an actual file,
|
45
|
+
# assumes the string is the content of the file itself.
|
46
|
+
# @param [String] passphrase
|
47
|
+
# Passphrase for unlocking the private key
|
48
|
+
#
|
49
|
+
# @return [OpenSSL::PKey] The private key for signing assertions.
|
50
|
+
#
|
51
|
+
def self.load_from_pem(keyfile, passphrase)
|
52
|
+
load_key(keyfile, passphrase) do | content, pass_phrase|
|
53
|
+
OpenSSL::PKey::RSA.new(content, pass_phrase)
|
54
|
+
end
|
55
|
+
end
|
56
|
+
|
57
|
+
private
|
58
|
+
|
59
|
+
##
|
60
|
+
# Helper for loading keys from file or memory. Accepts a block
|
61
|
+
# to handle the specific file format.
|
62
|
+
#
|
63
|
+
# @param [String] keyfile
|
64
|
+
# Path of thefile to load. If not a path to an actual file,
|
65
|
+
# assumes the string is the content of the file itself.
|
66
|
+
# @param [String] passphrase
|
67
|
+
# Passphrase for unlocking the private key
|
68
|
+
#
|
69
|
+
# @yield [String, String]
|
70
|
+
# Key file & passphrase to extract key from
|
71
|
+
# @yieldparam [String] keyfile
|
72
|
+
# Contents of the file
|
73
|
+
# @yieldparam [String] passphrase
|
74
|
+
# Passphrase to unlock key
|
75
|
+
# @yieldreturn [OpenSSL::PKey]
|
76
|
+
# Private key
|
77
|
+
#
|
78
|
+
# @return [OpenSSL::PKey] The private key for signing assertions.
|
79
|
+
def self.load_key(keyfile, passphrase, &block)
|
80
|
+
begin
|
81
|
+
begin
|
82
|
+
content = File.open(keyfile, 'rb') { |io| io.read }
|
83
|
+
rescue
|
84
|
+
content = keyfile
|
85
|
+
end
|
86
|
+
block.call(content, passphrase)
|
87
|
+
rescue OpenSSL::OpenSSLError
|
88
|
+
raise ArgumentError.new("Invalid keyfile or passphrase")
|
89
|
+
end
|
90
|
+
end
|
91
|
+
end
|
92
|
+
end
|
93
|
+
end
|
@@ -0,0 +1,41 @@
|
|
1
|
+
# Copyright 2010 Google Inc.
|
2
|
+
#
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
4
|
+
# you may not use this file except in compliance with the License.
|
5
|
+
# You may obtain a copy of the License at
|
6
|
+
#
|
7
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
8
|
+
#
|
9
|
+
# Unless required by applicable law or agreed to in writing, software
|
10
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
11
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
12
|
+
# See the License for the specific language governing permissions and
|
13
|
+
# limitations under the License.
|
14
|
+
|
15
|
+
require 'google/api_client/auth/key_utils'
|
16
|
+
module Google
|
17
|
+
class APIClient
|
18
|
+
##
|
19
|
+
# Helper for loading keys from the PKCS12 files downloaded when
|
20
|
+
# setting up service accounts at the APIs Console.
|
21
|
+
#
|
22
|
+
module PKCS12
|
23
|
+
##
|
24
|
+
# Loads a key from PKCS12 file, assuming a single private key
|
25
|
+
# is present.
|
26
|
+
#
|
27
|
+
# @param [String] keyfile
|
28
|
+
# Path of the PKCS12 file to load. If not a path to an actual file,
|
29
|
+
# assumes the string is the content of the file itself.
|
30
|
+
# @param [String] passphrase
|
31
|
+
# Passphrase for unlocking the private key
|
32
|
+
#
|
33
|
+
# @return [OpenSSL::PKey] The private key for signing assertions.
|
34
|
+
# @deprecated
|
35
|
+
# Use {Google::APIClient::KeyUtils} instead
|
36
|
+
def self.load_key(keyfile, passphrase)
|
37
|
+
KeyUtils.load_from_pkcs12(keyfile, passphrase)
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|