Saturday, January 22, 2022

[FIXED] Php equivalent for gcloud auth print-identity-token

      , , ,      No comments   

Issue

My goal is to trigger a google cloud function through my php code. For that I need an identity token as the Bearer, but my server does not have gcloud installed on it. I have a working service-account and I created an object through the Google_Client ("google/apiclient": "2.10.1"):

$this->setAuthConfig($serviceJson);
$scope = [Google_Service_Compute::CLOUD_PLATFORM, 'openid', 'email'];
$this->addScope($scope);
if ($this->isAccessTokenExpired()) {
  $this->fetchAccessTokenWithAssertion();
}
$this->getAccessToken()

Using this client I can fetch only the access_token (which is unauthorized to trigger a cloud function) but the id_token is always empty.

How can I get the id_token? Is there a php library that can help or do I need to do a separate POST request(s) to get the id_token?


Solution

The only way I found is like this:

  1. Generate a JWT manually (from the data that is in the service account)
  2. send it to https://www.googleapis.com/oauth2/v4/token and receive a token
  3. use the token in the CF call


Answered By - George7a

0 Comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Total Pageviews

Featured Post

Why Learn PHP Programming

Why Learn PHP Programming A widely-used open source scripting language PHP is one of the most popular programming languages in the world. It...