Package com.google.auth

Class Credentials

    • Constructor Detail

      • Credentials

        public Credentials()

    • Method Detail

      • getAuthenticationType

        public abstract String getAuthenticationType()
        A constant string name describing the authentication technology.

        E.g. “OAuth2”, “SSL”. For use by the transport layer to determine whether it supports the type of authentication in the case where hasRequestMetadataOnly() is false. Also serves as a debugging helper.

        Returns:
        The type of authentication used.

      • getRequestMetadata

        public Map<String,​List<String>> getRequestMetadata()
                                                  throws IOException
        Get the current request metadata, refreshing tokens if required.

        This should be called by the transport layer on each request, and the data should be populated in headers or other context. The operation can block and fail to complete and may do things such as refreshing access tokens.

        The convention for handling binary data is for the key in the returned map to end with "-bin" and for the corresponding values to be base64 encoded.

        Returns:
        The request metadata used for populating headers or other context.
        Throws:
        IOException - if there was an error getting up-to-date access.

      • getRequestMetadata

        public void getRequestMetadata​(URI uri,
                               Executor executor,
                               RequestMetadataCallback callback)
        Get the current request metadata without blocking.

        This should be called by the transport layer on each request, and the data should be populated in headers or other context. The implementation can either call the callback inline or asynchronously. Either way it should never block in this method. The executor is provided for tasks that may block.

        The default implementation will just call getRequestMetadata(URI) then the callback from the given executor.

        The convention for handling binary data is for the key in the returned map to end with "-bin" and for the corresponding values to be base64 encoded.

        Parameters:
        uri - URI of the entry point for the request.
        executor - Executor to perform the request.
        callback - Callback to execute when the request is finished.

      • blockingGetToCallback

        protected final void blockingGetToCallback​(URI uri,
                                           RequestMetadataCallback callback)
        Call getRequestMetadata(URI) and pass the result or error to the callback.
        Parameters:
        uri - URI of the entry point for the request.
        callback - Callback handler to execute when the metadata completes.

      • getRequestMetadata

        public abstract Map<String,​List<String>> getRequestMetadata​(URI uri)
                                                           throws IOException
        Get the current request metadata in a blocking manner, refreshing tokens if required.

        This should be called by the transport layer on each request, and the data should be populated in headers or other context. The operation can block and fail to complete and may do things such as refreshing access tokens.

        The convention for handling binary data is for the key in the returned map to end with "-bin" and for the corresponding values to be base64 encoded.

        Parameters:
        uri - URI of the entry point for the request.
        Returns:
        The request metadata used for populating headers or other context.
        Throws:
        IOException - if there was an error getting up-to-date access. The exception should implement Retryable and isRetryable() will return true if the operation may be retried.

      • hasRequestMetadata

        public abstract boolean hasRequestMetadata()
        Whether the credentials have metadata entries that should be added to each request.

        This should be called by the transport layer to see if getRequestMetadata() should be used for each request.

        Returns:
        Whether or not the transport layer should call getRequestMetadata()

      • hasRequestMetadataOnly

        public abstract boolean hasRequestMetadataOnly()
        Indicates whether or not the Auth mechanism works purely by including request metadata.

        This is meant for the transport layer. If this is true a transport does not need to take actions other than including the request metadata. If this is false, a transport must specifically know about the authentication technology to support it, and should fail to accept the credentials otherwise.

        Returns:
        Whether or not the Auth mechanism works purely by including request metadata.

      • refresh

        public abstract void refresh()
                      throws IOException
        Refresh the authorization data, discarding any cached state.

        For use by the transport to allow retry after getting an error indicating there may be invalid tokens or other cached state.

        Throws:
        IOException - if there was an error getting up-to-date access.