Gemini.Auth.VertexStrategy (GeminiEx v0.0.1)

View Source

Authentication strategy for Google Vertex AI using OAuth2/Service Account.

This strategy supports multiple authentication methods:

  • Service Account JSON file (via VERTEX_JSON_FILE environment variable)
  • OAuth2 access tokens
  • Application Default Credentials (ADC)

Based on the Vertex AI documentation, this strategy can generate self-signed JWTs for authenticated endpoints and standard Bearer tokens for regular API calls.

Summary

Functions

Authenticate with Vertex AI using various methods.

Create a signed JWT for authenticated Vertex AI endpoints.

Get authentication headers for Vertex AI requests.

Functions

authenticate(arg1)

Authenticate with Vertex AI using various methods.

Supports the following authentication methods:

  • OAuth2 with project_id and location
  • Service Account with key file path
  • Service Account with key data
  • Direct access token

create_signed_jwt(service_account_email, audience, credentials, opts \\ [])

@spec create_signed_jwt(String.t(), String.t(), map(), keyword()) ::
  {:ok, String.t()} | {:error, term()}

Create a signed JWT for authenticated Vertex AI endpoints.

This is used for Vector Search endpoints with JWT authentication as described in v1.md.

Parameters

  • service_account_email: The service account email (issuer)
  • audience: The audience specified during index deployment
  • credentials: The credentials map containing authentication info
  • opts: Additional options for JWT creation

Examples

iex> credentials = %{service_account_key: "/path/to/key.json"}
iex> {:ok, jwt} = Gemini.Auth.VertexStrategy.create_signed_jwt(
...>   "my-service@project.iam.gserviceaccount.com",
...>   "my-app-audience",
...>   credentials
...> )

headers(credentials)

Get authentication headers for Vertex AI requests.

Supports multiple credential types:

  • %{access_token: token} - Direct access token
  • %{service_account_key: path} - Service account JSON file path
  • %{service_account_data: data} - Service account JSON data
  • %{jwt_token: token} - Pre-signed JWT token