We use cookies to ensure you get the best experience on our website
首頁 探索 說明
註冊 登入
0ct0pu5
/
moby
1
0
複刻 0
檔案 問題管理 0 合併請求 0 Wiki
目錄樹: 6be521ccb8
分支列表 標籤列表
moby
/
vendor
/
golang.org
/
x
/
oauth2
/
google
/
doc.go

doc.go 4.2 KB
文件歷史 原始文件

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879 
  1. // Copyright 2018 The Go Authors. All rights reserved.
    2. 

  2. // Use of this source code is governed by a BSD-style
    3. 

  3. // license that can be found in the LICENSE file.
    4. 

  4. 

  5. // Package google provides support for making OAuth2 authorized and authenticated
    6. 

  6. // HTTP requests to Google APIs. It supports the Web server flow, client-side
    7. 

  7. // credentials, service accounts, Google Compute Engine service accounts,
    8. 

  8. // Google App Engine service accounts and workload identity federation
    9. 

  9. // from non-Google cloud platforms.
    10. 

  10. //
    11. 

  11. // A brief overview of the package follows. For more information, please read
    12. 

  12. // https://developers.google.com/accounts/docs/OAuth2
    13. 

  13. // and
    14. 

  14. // https://developers.google.com/accounts/docs/application-default-credentials.
    15. 

  15. // For more information on using workload identity federation, refer to
    16. 

  16. // https://cloud.google.com/iam/docs/how-to#using-workload-identity-federation.
    17. 

  17. //
    18. 

  18. // OAuth2 Configs
    19. 

  19. //
    20. 

  20. // Two functions in this package return golang.org/x/oauth2.Config values from Google credential
    21. 

  21. // data. Google supports two JSON formats for OAuth2 credentials: one is handled by ConfigFromJSON,
    22. 

  22. // the other by JWTConfigFromJSON. The returned Config can be used to obtain a TokenSource or
    23. 

  23. // create an http.Client.
    24. 

  24. //
    25. 

  25. // Workload Identity Federation
    26. 

  26. //
    27. 

  27. // Using workload identity federation, your application can access Google Cloud
    28. 

  28. // resources from Amazon Web Services (AWS), Microsoft Azure or any identity
    29. 

  29. // provider that supports OpenID Connect (OIDC).
    30. 

  30. // Traditionally, applications running outside Google Cloud have used service
    31. 

  31. // account keys to access Google Cloud resources. Using identity federation,
    32. 

  32. // you can allow your workload to impersonate a service account.
    33. 

  33. // This lets you access Google Cloud resources directly, eliminating the
    34. 

  34. // maintenance and security burden associated with service account keys.
    35. 

  35. //
    36. 

  36. // Follow the detailed instructions on how to configure Workload Identity Federation
    37. 

  37. // in various platforms:
    38. 

  38. //
    39. 

  39. //   Amazon Web Services (AWS): https://cloud.google.com/iam/docs/access-resources-aws
    40. 

  40. //   Microsoft Azure: https://cloud.google.com/iam/docs/access-resources-azure
    41. 

  41. //   OIDC identity provider: https://cloud.google.com/iam/docs/access-resources-oidc
    42. 

  42. //
    43. 

  43. // For OIDC providers, the library can retrieve OIDC tokens either from a
    44. 

  44. // local file location (file-sourced credentials) or from a local server
    45. 

  45. // (URL-sourced credentials).
    46. 

  46. // For file-sourced credentials, a background process needs to be continuously
    47. 

  47. // refreshing the file location with a new OIDC token prior to expiration.
    48. 

  48. // For tokens with one hour lifetimes, the token needs to be updated in the file
    49. 

  49. // every hour. The token can be stored directly as plain text or in JSON format.
    50. 

  50. // For URL-sourced credentials, a local server needs to host a GET endpoint to
    51. 

  51. // return the OIDC token. The response can be in plain text or JSON.
    52. 

  52. // Additional required request headers can also be specified.
    53. 

  53. //
    54. 

  54. //
    55. 

  55. // Credentials
    56. 

  56. //
    57. 

  57. // The Credentials type represents Google credentials, including Application Default
    58. 

  58. // Credentials.
    59. 

  59. //
    60. 

  60. // Use FindDefaultCredentials to obtain Application Default Credentials.
    61. 

  61. // FindDefaultCredentials looks in some well-known places for a credentials file, and
    62. 

  62. // will call AppEngineTokenSource or ComputeTokenSource as needed.
    63. 

  63. //
    64. 

  64. // Application Default Credentials also support workload identity federation to
    65. 

  65. // access Google Cloud resources from non-Google Cloud platforms including Amazon
    66. 

  66. // Web Services (AWS), Microsoft Azure or any identity provider that supports
    67. 

  67. // OpenID Connect (OIDC). Workload identity federation is recommended for
    68. 

  68. // non-Google Cloud environments as it avoids the need to download, manage and
    69. 

  69. // store service account private keys locally.
    70. 

  70. //
    71. 

  71. // DefaultClient and DefaultTokenSource are convenience methods. They first call FindDefaultCredentials,
    72. 

  72. // then use the credentials to construct an http.Client or an oauth2.TokenSource.
    73. 

  73. //
    74. 

  74. // Use CredentialsFromJSON to obtain credentials from either of the two JSON formats
    75. 

  75. // described in OAuth2 Configs, above. The TokenSource in the returned value is the
    76. 

  76. // same as the one obtained from the oauth2.Config returned from ConfigFromJSON or
    77. 

  77. // JWTConfigFromJSON, but the Credentials may contain additional information
    78. 

  78. // that is useful is some circumstances.
    79. 

  79. package google // import "golang.org/x/oauth2/google"
    80.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5