Closed Zat42 closed 2 years ago
To generate an ID token from a service account key file, I setup Goth like this :
credentials = "GOOGLE_APPLICATION_CREDENTIALS_JSON" |> System.fetch_env!() |> Jason.decode!() source = {:service_account, credentials, ["xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com"]}
This is working fine and I can get an ID token that can be decoded and used for authentication. But if I deploy this instance to Cloud Run and use the default service account :
source = {:metadata, scopes: ["xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com"]}
I can't get the ID token anymore and it always return an access token instead of an ID token
Also, :metadata is working fine for PubSub but not for ID token / audience. Any idea?
:metadata
PubSub
ID token
audience
Edit: After checking deeper into code, this is actually not possible. I'll try to make a pull request to handle this if not out of scope.
Pull request : #121
To generate an ID token from a service account key file, I setup Goth like this :
This is working fine and I can get an ID token that can be decoded and used for authentication. But if I deploy this instance to Cloud Run and use the default service account :
I can't get the ID token anymore and it always return an access token instead of an ID token
Also,
:metadata
is working fine forPubSub
but not forID token
/audience
. Any idea?