Expand description
§dtokenz
Thedtokenz crate adds a higher level abstraction over google-cloud-auth that makes configuration and use simpler.
The goal of this rust library is to make retrieving an authentication token for use in other binaries as simple as possible, regardless of the environment that it is being called in, and with as little interactivity as possible. This simplification of the API is a key advantage over other tools like gcloud and oauth2l, where each type of account (service account, MDS client, etc) have different interfaces, and have to be taken into account for every client application. At the same time, this library also makes it so that the GCP rust library can still be used with its own native authentication types.
This library supports fetching both access tokens, and id tokens for:
- Authorized Users (individuals in a GCP organization)
- Service Accounts via private key
- Service Accounts via Google Metadata Service for hosts running in GCP.
The main entry point to this library is the auto_detect/auto_detect_singleton method. See its documentation for more details about how dtokenz decides to authenticate.
The only configuration needed is an instance of oauth_config::OAuthConfig
§Example
use dtokenz::{TokenSource, CLOUD_SDK_CONFIG, auto_detect_singleton, DtokenzConfig};
#[tokio::main]
async fn main() -> anyhow::Result<()> {
let interactive_auth_message = "Opening browser to %url%";
let token_source = auto_detect_singleton(
CLOUD_SDK_CONFIG.clone(),
&CLOUD_SDK_CONFIG.web.default_scopes,
DtokenzConfig {
interactive: true,
interactive_auth_message: Some(interactive_auth_message.to_owned()),
..DtokenzConfig::default()
}
).await?;
let access_token = token_source.get_access_token().await?;
let id_token = token_source.get_id_token().await?;
eprintln!("Got access token {}, id token {}", access_token.token, id_token.token);
Ok(())
}Re-exports§
pub use authorized_user::AuthorizedUser;pub use config::DtokenzConfig;pub use metadata_service::MetadataService;pub use oauth_config::CLOUD_SDK_CONFIG;pub use oauth_config::OAuthConfig;pub use service_account::ServiceAccount;pub use token_source::TokenSource;pub use token_source::auto_detect;pub use token_source::auto_detect_singleton;