Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 3450743

Browse filesBrowse files
author
Jon Wayne Parrott
committed
Merge branch 'master' of github.com:GoogleCloudPlatform/python-docs-samples
2 parents 3f71bfc + 5e41d03 commit 3450743
Copy full SHA for 3450743

File tree

Expand file treeCollapse file tree

2 files changed

+8
-9
lines changed
Filter options
Expand file treeCollapse file tree

2 files changed

+8
-9
lines changed

‎endpoints/getting-started/clients/service_to_service_google_id_token/main.py

Copy file name to clipboardExpand all lines: endpoints/getting-started/clients/service_to_service_google_id_token/main.py
+6-7Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -24,9 +24,9 @@
2424
from google.appengine.api import app_identity
2525
import webapp2
2626

27-
DEFAUTL_SERVICE_ACCOUNT = "YOUR-CLIENT-PROJECT-ID@appspot.gserviceaccount.com"
27+
SERVICE_ACCOUNT_EMAIL = "YOUR-CLIENT-PROJECT-ID@appspot.gserviceaccount.com"
2828
HOST = "YOUR-SERVER-PROJECT-ID.appspot.com"
29-
TARGET_AUD = "YOUR-SERVER-PROJECT-ID@appspot.gserviceaccount.com"
29+
TARGET_AUD = "https://YOUR-SERVER-PROJECT-ID.appspot.com"
3030

3131

3232
def generate_jwt():
@@ -42,11 +42,10 @@ def generate_jwt():
4242
"iat": now,
4343
# expires after one hour.
4444
"exp": now + 3600,
45-
# iss is the Google App Engine default service account email.
46-
"iss": DEFAUTL_SERVICE_ACCOUNT,
47-
# scope must match 'audience' for google_id_token in the security
48-
# configuration in your swagger spec.
49-
"scope": TARGET_AUD,
45+
# iss is the service account email.
46+
"iss": SERVICE_ACCOUNT_EMAIL,
47+
# target_audience is the URL of the target service.
48+
"target_audience": TARGET_AUD,
5049
# aud must be Google token endpoints URL.
5150
"aud": "https://www.googleapis.com/oauth2/v4/token"
5251
})

‎endpoints/getting-started/openapi.yaml

Copy file name to clipboardExpand all lines: endpoints/getting-started/openapi.yaml
+2-2Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -141,8 +141,8 @@ securityDefinitions:
141141
authorizationUrl: ""
142142
flow: "implicit"
143143
type: "oauth2"
144-
x-google-issuer: "accounts.google.com"
145-
x-google-jwks_uri: "https://www.googleapis.com/oauth2/v1/certs"
144+
x-google-issuer: "https://accounts.google.com"
145+
x-google-jwks_uri: "https://www.googleapis.com/oauth2/v3/certs"
146146
# Your OAuth2 client's Client ID must be added here. You can add multiple client IDs to accept tokens form multiple clients.
147147
x-google-audiences: "YOUR-CLIENT-ID"
148148
# This section configures authentication using Firebase Auth.

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.