Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 693c97e

Browse filesBrowse files
Ace Nassridandhlee
Ace Nassri
and
dandhlee
authored
fix(serverless): clean up ID token example (GoogleCloudPlatform#7559)
* fix(serverless): clean up ID token example * Address comments * Rearrange * Fix lint Co-authored-by: Dan Lee <71398022+dandhlee@users.noreply.github.com>
1 parent c1a1224 commit 693c97e
Copy full SHA for 693c97e

File tree

Expand file treeCollapse file tree

2 files changed

+15
-9
lines changed
Filter options
Expand file treeCollapse file tree

2 files changed

+15
-9
lines changed

‎auth/service-to-service/auth.py

Copy file name to clipboardExpand all lines: auth/service-to-service/auth.py
+14-8Lines changed: 14 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -16,33 +16,39 @@
1616
Demonstrates how to send authenticated service-to-service requests, eg
1717
for Cloud Run or Cloud Functions"""
1818

19-
# [START google_auth_idtoken_serverless]
2019
# [START functions_bearer_token]
2120
# [START cloudrun_service_to_service_auth]
22-
# [START run_service_to_service_auth]
2321
import urllib
2422

2523
import google.auth.transport.requests
2624
import google.oauth2.id_token
2725

2826

29-
def make_authorized_get_request(service_url):
27+
def make_authorized_get_request(service_url, audience):
3028
"""
3129
make_authorized_get_request makes a GET request to the specified HTTP endpoint
32-
in service_url (must be a complete URL) by authenticating with the
33-
ID token obtained from the google-auth client library.
30+
by authenticating with the ID token obtained from the google-auth client library
31+
using the specified audience value.
3432
"""
3533

34+
# [END functions_bearer_token]
35+
# Cloud Run uses your service's hostname as the `audience` value
36+
# audience = 'https://my-cloud-run-service.run.app/'
37+
# [END cloudrun_service_to_service_auth]
38+
39+
# [START functions_bearer_token]
40+
# Cloud Functions uses your function's URL as the `audience` value
41+
# audience = https://project-region-projectid.cloudfunctions.net/myFunction
42+
# [START cloudrun_service_to_service_auth]
43+
3644
req = urllib.request.Request(service_url)
3745

3846
auth_req = google.auth.transport.requests.Request()
39-
id_token = google.oauth2.id_token.fetch_id_token(auth_req, service_url)
47+
id_token = google.oauth2.id_token.fetch_id_token(auth_req, audience)
4048

4149
req.add_header("Authorization", f"Bearer {id_token}")
4250
response = urllib.request.urlopen(req)
4351

4452
return response.read()
45-
# [END run_service_to_service_auth]
4653
# [END cloudrun_service_to_service_auth]
4754
# [END functions_bearer_token]
48-
# [END google_auth_idtoken_serverless]

‎auth/service-to-service/main.py

Copy file name to clipboardExpand all lines: auth/service-to-service/main.py
+1-1Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@ def get_authorized(request):
2323
# Makes an authenticated request to URL set in environment variables
2424
try:
2525
url = os.environ.get("URL")
26-
response = auth.make_authorized_get_request(url)
26+
response = auth.make_authorized_get_request(url, url)
2727
return response
2828

2929
except Exception as e:

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.