search

peburrows / goth

Elixir package for Oauth authentication via Google Cloud APIs
http://hexdocs.pm/goth
MIT License
289 stars 111 forks source link

Skipping auth with PUBSUB_EMULATOR_HOST #56

Closed arilaen closed 5 years ago

arilaen commented 5 years ago

Could authentication/credential logic be skipped when $PUBSUB_EMULATOR_HOST is defined, so that just the project_id key is included in the Goth config module? Other google cloud clients also use that environment variable: https://cloud.google.com/pubsub/docs/emulator#accessing_environment_variables

Alternatively, the Kane pubsub library could be updated to use a mock Goth module in that case.

I was running an elixir app in docker against the emulator locally, and was running into an nxdomain error when goth tried to fetch metadata before creating a topic. It took a while for me to figure out that goth uses the default location of application credentials on my machine to authenticate when :json is absent (https://github.com/peburrows/goth/blob/master/lib/goth/config.ex#L142), which was why the library worked locally but not on the docker container.

If emulator support won't be added here, it may be helpful to handle that error with a more informative message ("Credentials missing" etc.)

arilaen commented 5 years ago

I got around this by using volumes with docker-compose:

    volumes:
      # If your credentials location is not this default location for UNIX
      # (i.e. you're on Windows), update source to your default credentials location
      - ~/.config/gcloud/application_default_credentials.json:/root/.config/gcloud/application_default_credentials.json

Since there's a workaround I'll close this issue. If there's time it might still be nice to have more detailed docs/error logging around finding/missing the default credentials file when GOOGLE_APPLICATION_CREDENTIALS is not defined.

matehat commented 4 years ago

For anyone arriving here while googling a solution to use pubsub emulator with Broadway's PubSub client, in addition to provide a dummy token generator like this:

Broadway.start_link(__MODULE__,
  name: __MODULE__,
  producer: [
    module: {BroadwayCloudPubSub.Producer, [token_generator: {__MODULE__, emulator, []}]}
  ],

# further down

def emulator() do
  {:ok, "dummy token"}
end

you also need to override the default pubsub connection url:

Application.put_env(:google_api_pub_sub, :base_url, System.get_env("PUBSUB_EMULATOR_HOST"))

Of course, that's a simplified solution. You'd normally detect if you're dealing with an emulator, then provide these configurations.