Buckets.Adapters.GCS.Auth (buckets v1.0.0-rc.2)

Google Cloud Storage authentication using service account credentials.

Handles JWT token generation and OAuth2 token exchange without external dependencies.

Summary

Functions

Exchanges a JWT token for an access token via Google's OAuth2 endpoint.

Generates a JWT token for Google service account authentication.

Gets an access token for GCS API access.

Get service account credentials from a location config.

Loads service account credentials from a file path.

Parse service account credentials from a JSON string.

Validates that service account credentials contain required fields.

Functions

Link to this function

exchange_jwt_for_token(jwt)

@spec exchange_jwt_for_token(String.t()) :: {:ok, String.t()} | {:error, term()}

Exchanges a JWT token for an access token via Google's OAuth2 endpoint.

Link to this function

generate_jwt(credentials)

@spec generate_jwt(map()) :: {:ok, String.t()} | {:error, term()}

Generates a JWT token for Google service account authentication.

Link to this function

get_access_token(credentials)

@spec get_access_token(map()) :: {:ok, String.t()} | {:error, term()}

Gets an access token for GCS API access.

Examples

iex> credentials = %{
...>   "client_email" => "test@example.com",
...>   "private_key" => "-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----"
...> }
iex> Buckets.GCS.Auth.get_access_token(credentials)
{:ok, "ya29.c.Ko8..."}
Link to this function

get_credentials(config)

@spec get_credentials(Keyword.t()) :: {:ok, map()} | {:error, term()}

Get service account credentials from a location config.

Link to this function

load_credentials(path)

@spec load_credentials(String.t()) :: {:ok, map()} | {:error, term()}

Loads service account credentials from a file path.

Link to this function

parse_credentials(credentials_json)

@spec parse_credentials(String.t()) :: {:ok, map()} | {:error, term()}

Parse service account credentials from a JSON string.

Link to this function

validate_credentials(credentials)

@spec validate_credentials(map()) :: :ok | {:error, term()}

Validates that service account credentials contain required fields.