Skip to content

Commit

Permalink
Apply suggestions from code review
Browse files Browse the repository at this point in the history
Co-authored-by: Marco Neumann <[email protected]>
  • Loading branch information
tustvold and crepererum authored Oct 16, 2023
1 parent 22f5e8c commit 07f1899
Showing 1 changed file with 18 additions and 7 deletions.
25 changes: 18 additions & 7 deletions object_store/src/gcp/credential.rs
Original file line number Diff line number Diff line change
Expand Up @@ -144,7 +144,10 @@ struct TokenResponse {
expires_in: u64,
}

/// <https://google.aip.dev/auth/4111>
/// Self-signed JWT (JSON Web Token).
///
/// # References
/// - <https://google.aip.dev/auth/4111>
#[derive(Debug)]
pub struct SelfSignedJwt {
issuer: String,
Expand Down Expand Up @@ -273,8 +276,9 @@ impl ServiceAccountCredentials {
/// We use a scope of [`DEFAULT_SCOPE`] as opposed to an audience
/// as GCS appears to not support audience
///
/// <https://stackoverflow.com/questions/63222450/service-account-authorization-without-oauth-can-we-get-file-from-google-cloud/71834557#71834557>
/// <https://www.codejam.info/2022/05/google-cloud-service-account-authorization-without-oauth.html>
/// # References
/// - <https://stackoverflow.com/questions/63222450/service-account-authorization-without-oauth-can-we-get-file-from-google-cloud/71834557#71834557>
/// - <https://www.codejam.info/2022/05/google-cloud-service-account-authorization-without-oauth.html>
pub fn token_provider(self) -> crate::Result<SelfSignedJwt> {
Ok(SelfSignedJwt::new(
self.private_key_id,
Expand Down Expand Up @@ -371,15 +375,22 @@ impl TokenProvider for InstanceCredentialProvider {

/// A deserialized `application_default_credentials.json`-file.
///
/// <https://cloud.google.com/docs/authentication/application-default-credentials#personal>
/// <https://google.aip.dev/auth/4110>
/// # References
/// - <https://cloud.google.com/docs/authentication/application-default-credentials#personal>
/// - <https://google.aip.dev/auth/4110>
#[derive(serde::Deserialize)]
#[serde(tag = "type")]
pub enum ApplicationDefaultCredentials {
/// <https://google.aip.dev/auth/4112>
/// Service Account.
///
/// # References
/// - <https://google.aip.dev/auth/4112>
#[serde(rename = "service_account")]
ServiceAccount(ServiceAccountCredentials),
/// <https://google.aip.dev/auth/4113>
/// Authorized user via "gcloud CLI Integration".
///
/// # References
/// - <https://google.aip.dev/auth/4113>
#[serde(rename = "authorized_user")]
AuthorizedUser(AuthorizedUserCredentials),
}
Expand Down

0 comments on commit 07f1899

Please sign in to comment.