// Copyright 2023 Google LLC // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. package auth_test import ( "log" "cloud.google.com/go/auth" "cloud.google.com/go/auth/httptransport" ) func ExampleNew2LOTokenProvider() { // Your credentials should be obtained from the Google // Developer Console (https://console.developers.google.com). opts := &auth.Options2LO{ Email: "xxx@developer.gserviceaccount.com", // The contents of your RSA private key or your PEM file // that contains a private key. // If you have a p12 file instead, you // can use `openssl` to export the private key into a pem file. // // $ openssl pkcs12 -in key.p12 -passin pass:notasecret -out key.pem -nodes // // The field only supports PEM containers with no passphrase. // The openssl command will convert p12 keys to passphrase-less PEM containers. PrivateKey: []byte("-----BEGIN RSA PRIVATE KEY-----..."), Scopes: []string{ "https://www.googleapis.com/auth/bigquery", "https://www.googleapis.com/auth/blogger", }, TokenURL: "https://oauth2.googleapis.com/token", // If you would like to impersonate a user, you can // create a transport with a subject. The following GET // request will be made on the behalf of user@example.com. // Optional. Subject: "user@example.com", } tp, err := auth.New2LOTokenProvider(opts) if err != nil { log.Fatal(err) } client, err := httptransport.NewClient(&httptransport.Options{ Credentials: auth.NewCredentials(&auth.CredentialsOptions{ TokenProvider: tp, }), }) if err != nil { log.Fatal(err) } client.Get("...") _ = tp }