Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authentication examples #24

Open
gmosx opened this issue May 17, 2020 · 7 comments
Open

Authentication examples #24

gmosx opened this issue May 17, 2020 · 7 comments

Comments

@gmosx
Copy link

gmosx commented May 17, 2020

First of all, thank you, this is an extremely useful project!

I am wondering if there are any examples to demonstrate how to use the generated libraries. E.g. a small cli app that lists events from a Google calendar or something similar. 🙏
@gmosx
Copy link
Author

gmosx commented May 17, 2020

I see there are some CLI apps in the generated repository, but it's not obvious how to setup authentication/authorization.

@mwilliammyers
Copy link
Member

mwilliammyers commented May 17, 2020
edited
Loading

Yeah authentication is a tricky part of the setup. I can see if I can add an example, but in the meantime, we use version ^3 of yup-oauth2. Most likely you want to use a service account file to authenticate.

It should look something like:

[dependencies]
google_api_auth = { git = "https://github.com/google-apis-rs/generator.git", features = ["with-yup-oauth2"] }
google_storage = { git = "https://github.com/google-apis-rs/generated.git", package = "google-storage1" }
yup-oauth2 = "3"
let creds_file = env::var("GOOGLE_APPLICATION_CREDENTIALS")
    .expect("GOOGLE_APPLICATION_CREDENTIALS environment variable");
let credentials = yup_oauth2::service_account_key_from_file(creds_file)
    .expect("valid GOOGLE_APPLICATION_CREDENTIALS");

let auth = google_api_auth::yup_oauth2::from_authenticator(
    yup_oauth2::ServiceAccountAccess::new(credentials).build(),
    vec!["https://www.googleapis.com/auth/devstorage.full_control"],
);

let storage_client = google_storage::Client::new(auth);

Finding the scopes (e.g. "https://www.googleapis.com/auth/devstorage.full_control") is kinda tricky, but you can find a full list of Google OAuth2 scopes here. I will look into adding them somewhere in the docs so that you can see them if you run cargo doc, because they are also listed somewhere in the discovery doc (which is used to generate the Rust code) e.g. https://www.googleapis.com/discovery/v1/apis/storage/v1/rest

FYI I have had trouble pinning the dependencies to a specific git SHA, which I am pretty sure has to do with the fact that auth uses (dynamic) trait objects.

Obviously this is a little rough around the edges right now and should get easier in the future. Specifically, I want to try to add support for Google Application Default Credentials auth flow (dermesser/yup-oauth2#110)

Also, the API will probably change slightly as we move to async because v4 of yup-oauth2 adds async support.

@mwilliammyers mwilliammyers pinned this issue May 17, 2020
@mwilliammyers
Copy link
Member

mwilliammyers commented May 17, 2020
edited
Loading

All that being said, I just noticed you wanted a Google calendar app example, which isn't a Google Cloud API so the auth flow will be different. My bad! 🙃

You will probably want to do an oauth2 flow for authenticating https://developers.google.com/identity/protocols/oauth2. This yup-oauth2 example might be what you are looking for?

I have only used Google Cloud APIs, so I might not be a ton of help, but I can try to help you if you get stuck.

@mwilliammyers mwilliammyers changed the title Examples Authentication examples May 17, 2020
@gmosx
Copy link
Author

gmosx commented May 18, 2020

Hey William, thank you for the information. Will check it. Google Calendar was just an example, even though I think it is a Google API. In any case, will check yup-oauth2 as you suggested.

@Michael-F-Bryan Michael-F-Bryan mentioned this issue Jun 24, 2020
Merged
@braincow
Copy link

This example no longer compiles:

error[E0308]: mismatched types
   --> src/main.rs:11:9
    |
11  |         yup_oauth2::ServiceAccountAccess::new(credentials).build(),
    |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ expected struct `yup_oauth2::authenticator::Authenticator`, found opaque type
    | 
   ::: /home/bcow/.cargo/registry/src/github.com-1ecc6299db9ec823/yup-oauth2-3.1.1/src/service_account.rs:234:27
    |
234 |     pub fn build(self) -> impl GetToken {
    |                           ------------- the found opaque type
    |
    = note:   expected struct `yup_oauth2::authenticator::Authenticator<_>`
            found opaque type `impl yup_oauth2::types::GetToken`

error: aborting due to previous error

For more information about this error, try `rustc --explain E0308`.
error: could not compile `gcp-test`.

@kotx
Copy link

kotx commented Oct 31, 2021
edited
Loading

How would an API that only needs an API key be used?

@DazWilkin DazWilkin mentioned this issue Nov 6, 2021
Open
@DazWilkin
Copy link

It would be very useful to have a reference implementation of one of the generated (e.g. Cloud) APIs to provide guidance to those of us noobs who struggle to use this repo.

I'm also affected by the auth example in this issue no longer compiling.

I tried to understand how drmesser's example here

It appears that yup_oauth2 no longer provides access_token but access and ... IIUC... this borks google_api_auth's GetAccessToken trait.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@gmosx @DazWilkin @mwilliammyers @braincow @kotx