File tree Expand file tree Collapse file tree 2 files changed +12
-21
lines changed
run/markdown-preview/editor Expand file tree Collapse file tree 2 files changed +12
-21
lines changed Original file line number Diff line number Diff line change 1414
1515# [START run_secure_request]
1616import os
17- import sys
1817import urllib
1918
19+ import google .auth .transport .requests
20+ import google .oauth2 .id_token
21+
2022
2123def new_request (data ):
2224 """
@@ -33,28 +35,15 @@ def new_request(data):
3335
3436 req = urllib .request .Request (url , data = data .encode ())
3537
38+ credentials , project = google .auth .default ()
39+
3640 if not unauthenticated :
37- token = get_token ( url )
38- req . add_header ( "Authorization" , f"Bearer { token } " )
41+ auth_req = google . auth . transport . requests . Request ( )
42+ target_audience = url
3943
40- sys .stdout .flush ()
44+ id_token = google .oauth2 .id_token .fetch_id_token (auth_req , target_audience )
45+ req .add_header ("Authorization" , f"Bearer { id_token } )
4146
4247 response = urllib .request .urlopen (req )
4348 return response .read ()
44-
45-
46- def get_token (url ):
47- """
48- Retrieves the IAM ID Token credential for the url.
49- """
50- token_url = (
51- f"http://metadata.google.internal/computeMetadata/v1/instance/"
52- f"service-accounts/default/identity?audience={ url }
53- )
54- token_req = urllib .request .Request (
55- token_url , headers = {"Metadata-Flavor" : "Google" }
56- )
57- token_response = urllib .request .urlopen (token_req )
58- token = token_response .read ()
59- return token .decode ()
6049# [END run_secure_request]
Original file line number Diff line number Diff line change 11Flask == 1.1.1
2- gunicorn == 20.0.4
2+ gunicorn == 20.0.4
3+ google-auth == 1.20.0
4+ requests == 2.24.0
You can’t perform that action at this time.
0 commit comments