Source File
jwt.go
Belonging Package
golang.org/x/oauth2/google
Copyright 2015 The Go Authors. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file.
package google
import (
)
JWTAccessTokenSourceFromJSON uses a Google Developers service account JSON key file to read the credentials that authorize and authenticate the requests, and returns a TokenSource that does not use any OAuth2 flow but instead creates a JWT and sends that as the access token. The audience is typically a URL that specifies the scope of the credentials. Note that this is not a standard OAuth flow, but rather an optimization supported by a few Google services. Unless you know otherwise, you should use JWTConfigFromJSON instead.
func ( []byte, string) (oauth2.TokenSource, error) {
, := JWTConfigFromJSON()
if != nil {
return nil, fmt.Errorf("google: could not parse JSON key: %v", )
}
, := internal.ParseKey(.PrivateKey)
if != nil {
return nil, fmt.Errorf("google: could not parse key: %v", )
}
:= &jwtAccessTokenSource{
email: .Email,
audience: ,
pk: ,
pkID: .PrivateKeyID,
}
, := .Token()
if != nil {
return nil,
}
return oauth2.ReuseTokenSource(, ), nil
}
type jwtAccessTokenSource struct {
email, audience string
pk *rsa.PrivateKey
pkID string
}
func ( *jwtAccessTokenSource) () (*oauth2.Token, error) {
:= time.Now()
:= .Add(time.Hour)
:= &jws.ClaimSet{
Iss: .email,
Sub: .email,
Aud: .audience,
Iat: .Unix(),
Exp: .Unix(),
}
:= &jws.Header{
Algorithm: "RS256",
Typ: "JWT",
KeyID: string(.pkID),
}
, := jws.Encode(, , .pk)
if != nil {
return nil, fmt.Errorf("google: could not encode JWT: %v", )
}
return &oauth2.Token{AccessToken: , TokenType: "Bearer", Expiry: }, nil
 |
The pages are generated with Golds v0.3.2-preview. (GOOS=darwin GOARCH=amd64) Golds is a Go 101 project developed by Tapir Liu. PR and bug reports are welcome and can be submitted to the issue list. Please follow @Go100and1 (reachable from the left QR code) to get the latest news of Golds. |