Struct reqsign::GoogleSigner

source ·

pub struct GoogleSigner { /* private fields */ }

Expand description

Singer that implement Google OAuth2 Authentication.

Reference

Authenticating as a service account

Implementations§

source §

impl Signer

source

pub fn new(service: &str) -> Self

Create a builder of Signer.

source

pub fn region(&mut self, region: &str) -> &mut Self

Set the region name that used for google v4 signing.

Default to auto

source

pub fn sign(&self, req: &mut impl SignableRequest, token: &Token) -> Result<()>

Signing request.

Example

use anyhow::Result;
use reqsign::GoogleSigner;
use reqwest::Client;
use reqwest::Request;
use reqwest::Url;

#[tokio::main]
async fn main() -> Result<()> {
    // Signer will load region and credentials from environment by default.
    let signer = GoogleSigner::builder()
        .scope("https://www.googleapis.com/auth/devstorage.read_only")
        .build()?;

    // Construct request
    let url = Url::parse("https://storage.googleapis.com/storage/v1/b/test")?;
    let mut req = reqwest::Request::new(http::Method::GET, url);

    // Signing request with Signer
    signer.sign(&mut req)?;

    // Sending already signed request.
    let resp = Client::new().execute(req).await?;
    println!("resp got status: {}", resp.status());
    Ok(())
}

TODO

we can also send API via signed JWT: Addendum: Service account authorization without OAuth

source

pub fn sign_query( &self, req: &mut impl SignableRequest, duration: Duration, cred: &Credential ) -> Result<()>

Sign the query with a duration.

Example

use anyhow::Result;
use reqsign::GoogleSigner;
use reqwest::Client;
use reqwest::Url;
use time::Duration;

#[tokio::main]
async fn main() -> Result<()> {
    // Signer will load region and credentials from environment by default.
    let signer = GoogleSigner::builder()
        .credential_path("/Users/wolfv/Downloads/noted-throne-361708-bf95cdbf3fea.json")
        .scope("storage")
        .build()?;

    // Construct request
    let url = Url::parse("https://storage.googleapis.com/testbucket-reqsign/CONTRIBUTING.md")?;
    let mut req = reqwest::Request::new(http::Method::GET, url);

    // Signing request with Signer
    signer.sign_query(&mut req, Duration::hours(1))?;

    println!("signed request: {:?}", req);
    // Sending already signed request.
    let resp = Client::new().execute(req).await?;
    println!("resp got status: {}", resp.status());
    println!("resp got body: {}", resp.text().await?);
    Ok(())
}