doug
Reputation: 4060
Google service account authorization with JWT in Go
How do I authorize a service account with JWT in Go?
Upvotes: 3
Views: 2207
Answers (1)
doug
Reputation: 4060
Use https://code.google.com/p/goauth2/
go get code.google.com/p/goauth2/oauth
Get your service email and your p12 private key from the Google API Console. For now it can't read p12 files so strip them to just the rsa key with openssl
openssl pkcs12 -in file.p12 -nocerts -out key.pem -nodes then delete the extra text
Then:
package main
import (
"code.google.com/p/goauth2/oauth/jwt"
"flag"
"fmt"
"http"
"io/ioutil"
)
var (
serviceEmail = flag.String("service_email", "", "OAuth service email.")
keyPath = flag.String("key_path", "key.pem", "Path to unencrypted RSA private key file.")
scope = flag.String("scope", "", "Space separated scopes.")
)
func fetchToken() (string, error) {
// Read the pem file bytes for the private key.
keyBytes, err := ioutil.ReadFile(*keyPath)
if err != nil {
return "", err
}
t := jwt.NewToken(*serviceEmail, *scope, keyBytes)
c := &http.Client{}
// Get the access token.
o, err := t.Assert(c)
if err != nil {
return "", err
}
return o.AccessToken, nil
}
func main() {
flag.Parse()
token, err := fetchToken()
if err != nil {
fmt.Printf("ERROR: %v\n", err)
} else {
fmt.Printf("SUCCESS: %v\n", token)
}
Upvotes: 7
Related Questions
- Getting `Request had invalid authentication credentials` when using service account json key file in Go app
- Get access token for a google cloud service account in Golang?
- Google Cloud Authentication Service-to-service with JWT token
- how to verify JWT signature?
- Service Authentication with Google APIs in Nodejs
- Creating a Google authentication service with users stored in own database in Golang
- Providing Google service account credentials manually in Golang
- Endpoints Google ID JWT, and Golang oauth2: have id_token, need access_token?
- Authorization/Authentication with Google account in GWT
- Google Account access token