Expand description
Google Cloud Client Libraries for Rust - Authentication Components
This crate contains types and functions used to authenticate applications on Google Cloud. The SDK clients consume an implementation of credentials::Credentials and use these credentials to authenticate RPCs issued by the application.
Authentication methods at Google is a good introduction on the topic of authentication for Google Cloud services and other Google products. The guide also describes the common terminology used with authentication, such as Principals, Tokens, and Credentials.
§Features
default-rustls-provider: enabled by default. Use the default rustls crypto provider (aws-lc-rs) for TLS and authentication. Applications with specific requirements for cryptography (such as exclusively using the ring crate) should disable this default and callrustls::CryptoProvider::install_default().idtoken: disabled by default, this feature enables support to create and verify OIDC ID Tokens.default-idtoken-backend: enabled by default, this feature enables a default backend for theidtokenfeature. Currently the feature is implemented using the jsonwebtoken crate and usesaws-lc-rsas its default backend. We may change the default backend at any time, applications that have specific needs for this backend should not rely on the current default. To control the backend selection:- Configure this crate with
default-features = false, andfeatures = ["idtoken"] - Select the desired backend for
jsonwebtoken.
- Configure this crate with
Modules§
- build_
errors - Errors created during credentials construction.
- credentials
- Types and functions to work with Google Cloud authentication Credentials.
- errors
- Common errors generated by the components in this crate.
- signer
- Abstraction for signing arbitrary bytes using Google Cloud Credentials.