abdolence
commented
5 days ago Hey,
Seems you have everything needed available:
-
You need to creating an URL to sign (kind of rewrite this example for Python): https://cloud.google.com/storage/docs/access-control/signing-urls-manually#python-sample)
-
To sign you can use IAM client (or you can actually use any library that supports RSA signatures with SHA-256):
let client: GoogleApi<IamCredentialsClient<GoogleAuthMiddleware>> = GoogleApi::from_function( IamCredentialsClient::new, "https://iamcredentials.googleapis.com", None, ) .await?; let resp = client .get() .sign_blob( tonic::Request::new( gcloud_sdk::google::iam::credentials::v1::SignBlobRequest { name: "projects/-/serviceAccounts/<your-sa@email>".to_string(), delegates: vec![], payload: canonical_req.as_bytes().to_vec(), } ) ) .await?;
If you want to make an auxiliary function to help others, feel free to open PR for sure :)
grindarius
Hello and thank you for this amazing library.
I've been working with this library for quite a while and it's really good. I wanna ask is it possible to support signed url generation for google cloud storage with this crate? I am willing to contribute to make it happen. Thank you.