class Google::Auth::GCECredentials
Extends Signet::OAuth2::Client so that the auth token is obtained from the GCE metadata server.
Constants
- COMPUTE_AUTH_TOKEN_URI
The IP Address is used in the URIs to speed up failures on non-GCE systems.
- COMPUTE_CHECK_URI
Public Class Methods
on_gce?(options = {})
click to toggle source
Detect if this appear to be a GCE instance, by checking if metadata is available.
# File lib/googleauth/compute_engine.rb, line 63 def on_gce? options = {} # TODO: This should use google-cloud-env instead. c = options[:connection] || Faraday.default_connection headers = { "Metadata-Flavor" => "Google" } resp = c.get COMPUTE_CHECK_URI, nil, headers do |req| req.options.timeout = 1.0 req.options.open_timeout = 0.1 end return false unless resp.status == 200 resp.headers["Metadata-Flavor"] == "Google" rescue Faraday::TimeoutError, Faraday::ConnectionFailed false end
Public Instance Methods
fetch_access_token(options = {})
click to toggle source
Overrides the super class method to change how access tokens are fetched.
# File lib/googleauth/compute_engine.rb, line 82 def fetch_access_token options = {} c = options[:connection] || Faraday.default_connection retry_with_error do headers = { "Metadata-Flavor" => "Google" } resp = c.get COMPUTE_AUTH_TOKEN_URI, nil, headers case resp.status when 200 Signet::OAuth2.parse_credentials(resp.body, resp.headers["content-type"]) when 404 raise Signet::AuthorizationError, NO_METADATA_SERVER_ERROR else msg = "Unexpected error code #{resp.status}" \ "#{UNEXPECTED_ERROR_SUFFIX}" raise Signet::AuthorizationError, msg end end end