Service account authentication without JSON file

[RafiGreenberg]

Is it possible to authenticate without using a JSON file? We store/retrieve all of our secrets as environment variables (API keys, passwords, etc) It would be much more convenient if we could pass in the fields found in the service account JSON file (specifically the fields that ought to be kept secret: private_key_id and private_key).

[fiboknacky]

It's not supported by this library right now, although the ServiceAccountCredentials that this library relies on actually supports that.

The only workaround for now is to use build() and pass the Configuration object instead. You can pass an associative array containing your private key to jsonKeyFilePath (although the name seems misleading).

[RafiGreenberg]

Thanks. Could you give an example?

[RafiGreenberg]

Also, is it possible to authenticate via Application Default Credentials? We are running in GKE If we authorize the compute engine service account in DFP/Ad Manager, will it authenticate without specifying a jsonKeyFilePath?

Apparently not, I get this error:

In OAuth2TokenBuilder.php line 217:

  Both 'jsonKeyFilePath' and 'scopes' must be set when using service account flow.

Seems like I ought to be able to use ADC

[thangduo]

Hi,

When you authenticate the service account in Ad Manager, you let Ad Manager servers know of the service account. Later, when an application presents a credential of the same service account, the application is accepted by the API.

Here's how to build an AdManagerSession from an associative array:

        $configuration = new Configuration([
            'networkCode' => '12345678',
            'applicationName' => 'your_application_name',
            'OAUTH2' => [
                'client_id' => '123aBC456-xYz.apps.googleusercontent.com',
                'client_secret' => '1abC-456Xyz'
            ]
        ]);

        $sessionBuilder = new AdManagerSessionBuilder();
        $session = $sessionBuilder->from($configuration)->build();

        $serviceFactory = new ServiceFactory();
        $lineItemService = $serviceFactory->createLineItemService($session);

Thanks, Thang Duong

[thangduo]

You can also see our src/Google/AdsApi/Common/Testing/API-Project-abc123xyz.json test file for the associative array example.