easycloudapi.gcp.gcp_oauth package

Submodules

easycloudapi.gcp.gcp_oauth.gcp_oauth module

GCP Authentication

How to access GCP projects using best auth

  1. Reference:

    1. Google Documentation: https://cloud.google.com/iam/docs/overview

    2. OpenID Connect: https://developers.google.com/identity/openid-connect/openid-connect

  2. Code Ref:

    1. https://googleapis.github.io/google-api-python-client/docs/oauth.html

    2. https://google-auth.readthedocs.io/en/stable/user-guide.html

Different Ways/Methods To Access GCP Cloud Resources:

  1. With User Consent

  2. By Service Account Json Key

  3. By Default Access if application running on GCP ComputeEngine, CloudFunction, CloudRun, AppEngine, Kubernetes

  4. With impersonate Service Account

class src.easycloudapi.gcp.gcp_oauth.gcp_oauth.GCP_Authentication(project_id: str)[source]

Bases: object

A class for GCP Authentication …

Parameters:

project_id (str) – Google Project ID

oauth_withUserConsent_googleURI(client_secret_file_path,

scopes)

Oauth method using user consent

oauth_withUserConsent_googleURI(client_secret_file_path: str, scopes: list = ['openid']) bool[source]

GCP resources authentication By User Consent …

User will give consent by clicking on the link provided and after approving the consent, user will get token which he/She will pass to the application manually

Parameters:
Returns:

credentials – return credential object

Return type:

google.oauth2.credentials.Credentials

Notes

  1. To Create Client Access Secret and TokenID follow below steps:

    1. Open GCP Project and open

    2. First, create “OAuth consent screen”

      #. provide app name, scopes(”https://www.googleapis.com/auth/cloud-platform”, “openid”) and add test users and developer email id

    3. Second, go to “”APIs & Services” -> “Credentials” -> “Create OAuth client ID”

      1. select Application Type as “Desktop app”

      2. store the client ID and secret_file