class Google::Auth::APIKeyCredentials
Implementation of Google
API Key authentication.
API Keys are text strings. They don’t have an associated JSON file.
The end-user is managing their API Keys directly, not via an authentication library.
API Keys provide project information for an API request. API Keys don’t reference an IAM principal, they do not expire, and cannot be refreshed.
Constants
- API_KEY_HEADER
-
@private Authorization header key
- API_KEY_VAR
-
@private Environment variable containing API key
Attributes
@return [String] The API key
@return [String] The universe domain of the universe
this API key is for
Public Class Methods
Source
# File lib/googleauth/api_key.rb, line 60 def from_env _scope = nil, options = {} api_key = ENV[API_KEY_VAR] return nil if api_key.nil? || api_key.empty? new options.merge(api_key: api_key) end
Creates an APIKeyCredentials
from the environment. Checks the ENV variable.
@param [String] _scope
The scope to use for OAuth. Not used by API key auth.
@param [Hash] options
The options to pass to the credentials instance
@return [Google::Auth::APIKeyCredentials, nil]
Credentials if the API key environment variable is present, nil otherwise
Source
# File lib/googleauth/api_key.rb, line 75 def make_creds options = {} new options end
Create the APIKeyCredentials
.
@param [Hash] options The credentials options @option options [String] :api_key
The API key to use for authentication
@option options [String] :universe_domain
The universe domain of the universe this API key belongs to (defaults to googleapis.com)
@return [Google::Auth::APIKeyCredentials]
Source
# File lib/googleauth/api_key.rb, line 88 def initialize options = {} raise ArgumentError, "API key must be provided" if options[:api_key].nil? || options[:api_key].empty? @api_key = options[:api_key] @universe_domain = options[:universe_domain] || "googleapis.com" end
Initialize the APIKeyCredentials
.
@param [Hash] options The credentials options @option options [String] :api_key
The API key to use for authentication
@option options [String] :universe_domain
The universe domain of the universe this API key belongs to (defaults to googleapis.com)
Public Instance Methods
Source
# File lib/googleauth/api_key.rb, line 133 def apply! a_hash, _opts = {} a_hash[API_KEY_HEADER] = @api_key logger&.debug do hash = Digest::SHA256.hexdigest @api_key Google::Logging::Message.from message: "Sending API key auth token. (sha256:#{hash})" end a_hash end
Updates the provided hash with the API Key header.
The ‘apply!` method modifies the provided hash in place, adding the `x-goog-api-key` header with the API Key value.
The API Key is hashed before being logged for security purposes.
NB: this method typically would be called through ‘updater_proc`. Some older clients call it directly though, so it has to be public.
@param [Hash] a_hash The hash to which the API Key header should be added.
This is typically a hash representing the request headers. This hash will be modified in place.
@param [Hash] _opts Additional options (currently not used). Included
for consistency with the `BaseClient` interface.
@return [Hash] The modified hash (the same hash passed as the ‘a_hash`
argument).
Source
# File lib/googleauth/api_key.rb, line 109 def duplicate options = {} self.class.new( api_key: options[:api_key] || @api_key, universe_domain: options[:universe_domain] || @universe_domain ) end
Creates a duplicate of these credentials.
@param [Hash] options Additional options for configuring the credentials @return [Google::Auth::APIKeyCredentials]
Source
# File lib/googleauth/api_key.rb, line 101 def expires_within? _seconds false end
Determines if the credentials object has expired. Since API keys don’t expire, this always returns false.
@param [Fixnum] _seconds
The optional timeout in seconds since the last refresh
@return [Boolean]
True if the token has expired, false otherwise.
Protected Instance Methods
Source
# File lib/googleauth/api_key.rb, line 150 def fetch_access_token! _options = {} nil end
We don’t need to fetch access tokens for API key auth
Source
# File lib/googleauth/api_key.rb, line 145 def token_type :api_key end
The token type should be :api_key