in core/src/main/java/com/google/cloud/sql/core/DefaultConnectionInfoRepository.java [187:218]
private static ConnectionInfo createConnectionInfo(
CloudSqlInstanceName instanceName,
AuthType authType,
Optional<AccessToken> token,
InstanceMetadata metadata,
Certificate ephemeralCertificate,
SslData sslContext) {
// Get expiration value for new cert
X509Certificate x509Certificate = (X509Certificate) ephemeralCertificate;
Instant expiration = x509Certificate.getNotAfter().toInstant();
if (authType == AuthType.IAM) {
expiration =
DefaultAccessTokenSupplier.getTokenExpirationTime(token)
.filter(
tokenExpiration ->
x509Certificate.getNotAfter().toInstant().isAfter(tokenExpiration))
.orElse(x509Certificate.getNotAfter().toInstant());
}
logger.debug(
"[{}] INSTANCE DATA DONE - Ephemeral cert id: {} cert expiration: {} token expiration: {}",
instanceName,
Base64.getEncoder().encodeToString(((X509Certificate) ephemeralCertificate).getSignature()),
token
.map(tok -> tok.getExpirationTime())
.filter(time -> time != null)
.map(time -> time.toInstant().toString())
.orElse("(none)"));
return new ConnectionInfo(metadata, sslContext, expiration);
}