[−][src]Struct firestore_db_and_auth::credentials::Credentials
Service account credentials
Especially the service account email is required to retrieve the public java web key set (jwks) for verifying Google Firestore tokens.
The api_key is necessary for interacting with the Firestore REST API.
Internals:
The private key is used for signing JWTs (javascript web token). A signed jwt, encoded as a base64 string, can be exchanged into a refresh and access token.
Fields
project_id: String
private_key_id: String
private_key: String
client_email: String
client_id: String
api_key: String
Methods
impl Credentials
[src]
pub fn new(
credentials_file_content: &str,
jwks_files: &[&str]
) -> Result<Credentials, FirebaseError>
[src]
credentials_file_content: &str,
jwks_files: &[&str]
) -> Result<Credentials, FirebaseError>
Create a Credentials
object by parsing a google-service-account json string
and public-key JWKs strings.
This method will also verify that the given JWKs files are matching
Example:
Assuming that your credentials file is called "firebase-service-account.json" and a downloaded jwk-set file is called "service-account-for-tests.jwks" this example embeds the file content during compile time. This avoids and http or io calls.
use firestore_db_and_auth::credentials::Credentials; let c : Credentials = Credentials::new(include_str!("../firebase-service-account.json"), &[include_str!("../tests/service-account-for-tests.jwks")])?;
You need two JWKS files for this crate to work:
- https://www.googleapis.com/service_accounts/v1/jwk/securetoken@system.gserviceaccount.com
- https://www.googleapis.com/service_accounts/v1/jwk/{your-service-account-email}
pub fn verify(&self) -> Result<(), FirebaseError>
[src]
pub fn from_file(credential_file: &str) -> Result<Self, FirebaseError>
[src]
Create a Credentials
object by reading and parsing a google-service-account json file.
The public keys to verify generated tokens will be downloaded, for the given service account as well as for "securetoken@system.gserviceaccount.com".
Do not use this method if this is not desired, for example in cloud functions that require fast cold start times.
See Credentials::add_jwks_public_keys
and Credentials::new
as alternatives.
pub fn decode_secret(&self, kid: &str) -> Option<Arc<Secret>>
[src]
Find the secret in the jwt set that matches the given key id, if any. Used for jws validation
pub fn add_jwks_public_keys(&mut self, jwkset: JWKSetDTO)
[src]
Add a JSON Web Key Set (JWKS) to allow verification of Google access tokens.
Example:
use firestore_db_and_auth::credentials::Credentials; let mut c : Credentials = serde_json::from_str(include_str!("../firebase-service-account.json")).unwrap(); c.add_jwks_public_keys(serde_json::from_str(include_str!("../tests/service-account-for-tests.jwks")).unwrap()); c.compute_secret().unwrap();
pub fn compute_secret(&mut self) -> Result<(), FirebaseError>
[src]
Compute the Rsa keypair by using the private_key of the credentials file. You must call this if you have manually created a credentials object.
This is automatically invoked if you use Credentials::new
or Credentials::from_file
.
pub fn download_google_jwks(&mut self) -> Result<(), FirebaseError>
[src]
If you haven't called Credentials::add_jwks_public_keys
to manually add public keys,
this method will download one for your google service account and one for the oauth related
securetoken@system.gserviceaccount.com service account.
Trait Implementations
impl Default for Credentials
[src]
fn default() -> Credentials
[src]
impl Clone for Credentials
[src]
fn clone(&self) -> Credentials
[src]
fn clone_from(&mut self, source: &Self)
1.0.0[src]
impl Serialize for Credentials
[src]
fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error> where
__S: Serializer,
[src]
__S: Serializer,
impl<'de> Deserialize<'de> for Credentials
[src]
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error> where
__D: Deserializer<'de>,
[src]
__D: Deserializer<'de>,
Auto Trait Implementations
impl Unpin for Credentials
impl Sync for Credentials
impl Send for Credentials
impl UnwindSafe for Credentials
impl RefUnwindSafe for Credentials
Blanket Implementations
impl<T> ToOwned for T where
T: Clone,
[src]
T: Clone,
type Owned = T
The resulting type after obtaining ownership.
fn to_owned(&self) -> T
[src]
fn clone_into(&self, target: &mut T)
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T> From<T> for T
[src]
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,
type Error = <U as TryFrom<T>>::Error
The type returned in the event of a conversion error.
fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>
[src]
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> DeserializeOwned for T where
T: Deserialize<'de>,
[src]
T: Deserialize<'de>,
impl<T> Erased for T
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
U: TryFrom<T>,
impl<T> Typeable for T where
T: Any,
T: Any,
impl<T> IntoCollection<T> for T
fn into_collection<A>(self) -> SmallVec<A> where
A: Array<Item = T>,
A: Array<Item = T>,
fn mapped<U, F, A>(self, f: F) -> SmallVec<A> where
A: Array<Item = U>,
F: FnMut(T) -> U,
A: Array<Item = U>,
F: FnMut(T) -> U,
impl<T, I> AsResult<T, I> for T where
I: Input,
I: Input,