# Copyright 2016 Google Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # Example of calling a Google Cloud Endpoint API with an ID token obtained # using the Google OAuth2 flow. require "optparse" require "rest-client" require "json" require "signet/oauth_2/client" require "openssl" options = {} optparse = OptionParser.new do |opts| opts.on("-h", "--host HOST", "Your API host, e.g. https://your-project.appspot.com.") do |host| options[:host] = host end opts.on "-k", "--api_key KEY", "Your API key." do |api_key| options[:api_key] = api_key end opts.on("-s", "--client_secrets_file FILE", "The path to your service account json file.") do |file_path| options[:client_secrets_file] = file_path end opts.on "-m", "--message MESSAGE", "Message to echo." do |message| options[:message] = message end end optparse.parse! unless options[:host] puts optparse puts "Missing argument: host" exit end unless options[:api_key] puts optparse puts "Missing argument: api_key" exit end unless options[:client_secrets_file] puts optparse puts "Missing argument: client_secrets_file" exit end client_secrets = JSON.parse File.read(options[:client_secrets_file]) oauth = Signet::OAuth2::Client.new( issuer: "jwt-client.endpoints.sample.google.com", audience: "echo.endpoints.sample.google.com", scope: "email", authorization_uri: "https://accounts.google.com/o/oauth2/auth", token_credential_uri: "https://www.googleapis.com/oauth2/v4/token", client_id: client_secrets["installed"]["client_id"], client_secret: client_secrets["installed"]["client_secret"], redirect_uri: "urn:ietf:wg:oauth:2.0:oob" ) puts "Open the following URI in your browser to get the authorization code:" puts oauth.authorization_uri print "Enter authorization code: " oauth.code = gets.chomp puts oauth.code oauth.fetch_access_token! puts oauth.id_token # Makes a request to the auth info endpoint for Google ID tokens. url = "#{options[:host]}/auth/info/googleidtoken?key=#{options[:api_key]}" begin response = RestClient.get url, Authorization: "Bearer #{oauth.id_token}" puts response.code puts response.body rescue StandardError => e if e.respond_to? :response puts e.response.code puts e.response.body else puts e end end