search

google-apis-rs / generator

A binding and CLI generator for all google APIs
Apache License 2.0
71 stars 14 forks source link

Authentication examples #24

Open gmosx opened 4 years ago

gmosx commented 4 years ago

First of all, thank you, this is an extremely useful project!

I am wondering if there are any examples to demonstrate how to use the generated libraries. E.g. a small cli app that lists events from a Google calendar or something similar. 🙏

gmosx commented 4 years ago

I see there are some CLI apps in the generated repository, but it's not obvious how to setup authentication/authorization.

mwilliammyers commented 4 years ago

Yeah authentication is a tricky part of the setup. I can see if I can add an example, but in the meantime, we use version ^3 of yup-oauth2. Most likely you want to use a service account file to authenticate.

It should look something like:

[dependencies]
google_api_auth = { git = "https://github.com/google-apis-rs/generator.git", features = ["with-yup-oauth2"] }
google_storage = { git = "https://github.com/google-apis-rs/generated.git", package = "google-storage1" }
yup-oauth2 = "3"
let creds_file = env::var("GOOGLE_APPLICATION_CREDENTIALS")
    .expect("GOOGLE_APPLICATION_CREDENTIALS environment variable");
let credentials = yup_oauth2::service_account_key_from_file(creds_file)
    .expect("valid GOOGLE_APPLICATION_CREDENTIALS");

let auth = google_api_auth::yup_oauth2::from_authenticator(
    yup_oauth2::ServiceAccountAccess::new(credentials).build(),
    vec!["https://www.googleapis.com/auth/devstorage.full_control"],
);

let storage_client = google_storage::Client::new(auth);

Finding the scopes (e.g. "https://www.googleapis.com/auth/devstorage.full_control") is kinda tricky, but you can find a full list of Google OAuth2 scopes here. I will look into adding them somewhere in the docs so that you can see them if you run cargo doc, because they are also listed somewhere in the discovery doc (which is used to generate the Rust code) e.g. https://www.googleapis.com/discovery/v1/apis/storage/v1/rest

FYI I have had trouble pinning the dependencies to a specific git SHA, which I am pretty sure has to do with the fact that auth uses (dynamic) trait objects.

Obviously this is a little rough around the edges right now and should get easier in the future. Specifically, I want to try to add support for Google Application Default Credentials auth flow (https://github.com/dermesser/yup-oauth2/issues/110)

Also, the API will probably change slightly as we move to async because v4 of yup-oauth2 adds async support.

mwilliammyers commented 4 years ago

All that being said, I just noticed you wanted a Google calendar app example, which isn't a Google Cloud API so the auth flow will be different. My bad! 🙃

You will probably want to do an oauth2 flow for authenticating https://developers.google.com/identity/protocols/oauth2. This yup-oauth2 example might be what you are looking for?

I have only used Google Cloud APIs, so I might not be a ton of help, but I can try to help you if you get stuck.

gmosx commented 4 years ago

Hey William, thank you for the information. Will check it. Google Calendar was just an example, even though I think it is a Google API. In any case, will check yup-oauth2 as you suggested.

braincow commented 3 years ago

This example no longer compiles:

error[E0308]: mismatched types
   --> src/main.rs:11:9
    |
11  |         yup_oauth2::ServiceAccountAccess::new(credentials).build(),
    |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ expected struct `yup_oauth2::authenticator::Authenticator`, found opaque type
    | 
   ::: /home/bcow/.cargo/registry/src/github.com-1ecc6299db9ec823/yup-oauth2-3.1.1/src/service_account.rs:234:27
    |
234 |     pub fn build(self) -> impl GetToken {
    |                           ------------- the found opaque type
    |
    = note:   expected struct `yup_oauth2::authenticator::Authenticator<_>`
            found opaque type `impl yup_oauth2::types::GetToken`

error: aborting due to previous error

For more information about this error, try `rustc --explain E0308`.
error: could not compile `gcp-test`.
kotx commented 2 years ago

How would an API that only needs an API key be used?

DazWilkin commented 2 years ago

It would be very useful to have a reference implementation of one of the generated (e.g. Cloud) APIs to provide guidance to those of us noobs who struggle to use this repo.

I'm also affected by the auth example in this issue no longer compiling.

I tried to understand how drmesser's example here

It appears that yup_oauth2 no longer provides access_token but access and ... IIUC... this borks google_api_auth's GetAccessToken trait.