google_cloud_auth::credentials

Module user_account

Source
Expand description

User Account Credentials type.

User accounts represent a developer, administrator, or any other person who interacts with Google APIs and services. User accounts are managed as Google Accounts, either via Google Workspace or Cloud Identity.

This module provides Credentials derived from user account information, specifically utilizing an OAuth 2.0 refresh token.

This module is designed for refresh tokens obtained via the standard Authorization Code grant. Acquiring the initial refresh token (e.g., through user consent) is outside the scope of this library. See RFC 6749 Section 4.1 for flow details.

The Google Cloud client libraries for Rust will typically find and use these credentials automatically if a credentials file exists in the standard ADC search paths. This file is often created by running: gcloud auth application-default login. You might instantiate these credentials directly using the Builder if you need to:

  • Load credentials from a non-standard location or source.
  • Override the OAuth 2.0 scopes being requested for the access token.
  • Override the quota project ID for billing and quota management.
  • Override the token URI used to fetch access tokens.
  • Customize the retry behavior when fetching access tokens.

§Example: Creating credentials from a JSON object

let authorized_user = serde_json::json!({
    "client_id": "YOUR_CLIENT_ID.apps.googleusercontent.com", // Replace with your actual Client ID
    "client_secret": "YOUR_CLIENT_SECRET", // Replace with your actual Client Secret - LOAD SECURELY!
    "refresh_token": "YOUR_REFRESH_TOKEN", // Replace with the user's refresh token - LOAD SECURELY!
    "type": "authorized_user",
    // "quota_project_id": "your-billing-project-id", // Optional: Set if needed
    // "token_uri" : "test-token-uri", // Optional: Set if needed
});
let credentials: Credentials = Builder::new(authorized_user).build()?;
let headers = credentials.headers(Extensions::new()).await?;
println!("Headers: {headers:?}");

§Example: Creating credentials with custom retry behavior

use gax::retry_policy::{AlwaysRetry, RetryPolicyExt};
use gax::exponential_backoff::ExponentialBackoff;
let authorized_user = serde_json::json!({
    "client_id": "YOUR_CLIENT_ID.apps.googleusercontent.com",
    "client_secret": "YOUR_CLIENT_SECRET",
    "refresh_token": "YOUR_REFRESH_TOKEN",
    "type": "authorized_user",
});
let backoff = ExponentialBackoff::default();
let credentials: Credentials = Builder::new(authorized_user)
    .with_retry_policy(AlwaysRetry.with_attempt_limit(3))
    .with_backoff_policy(backoff)
    .build()?;
let headers = credentials.headers(Extensions::new()).await?;
println!("Headers: {headers:?}");

Structs§

Builder
A builder for constructing user_account Credentials instance.