Package com.google.auth.oauth2

Class IdentityPoolCredentialSource

java.lang.Object

com.google.auth.oauth2.IdentityPoolCredentialSource

All Implemented Interfaces:

Serializable

public class IdentityPoolCredentialSource
extends Object

The IdentityPool credential source. Dictates the retrieval method of the external credential, which can either be through a metadata server or a local file.

See Also:

• Serialized Form

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	IdentityPoolCredentialSource.CertificateConfig	Represents the configuration options for X.509-based workload credentials (mTLS).

Constructor Summary

Constructors

Constructor	Description
IdentityPoolCredentialSource(Map<String,Object> credentialSourceMap)	The source of the 3P credential.

Method Summary

Modifier and Type	Method	Description
IdentityPoolCredentialSource.CertificateConfig	getCertificateConfig()	Gets the configuration for X.509-based workload credentials (mTLS), if configured.
String	getCredentialLocation()	Gets the location of the credential source.
void	setCredentialLocation(String credentialLocation)	Sets the location of the credential source.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

IdentityPoolCredentialSource

public IdentityPoolCredentialSource(Map<String,Object> credentialSourceMap)

The source of the 3P credential.

If this is a file based 3P credential, the credentials file can be retrieved using the `file` key.

If this is URL-based 3p credential, the metadata server URL can be retrieved using the `url` key.

The third party credential can be provided in different formats, such as text or JSON. The format can be specified using the `format` header, which returns a map with keys `type` and `subject_token_field_name`. If the `type` is json, the `subject_token_field_name` must be provided. If no format is provided, we expect the token to be in the raw text format.

Optional headers can be present, and should be keyed by `headers`.

Method Details

getCredentialLocation

public String getCredentialLocation()

Gets the location of the credential source. This could be a file path or a URL, depending on the IdentityPoolCredentialSource.IdentityPoolCredentialSourceType.

Returns:

The location of the credential source.

setCredentialLocation

public void setCredentialLocation(String credentialLocation)

Sets the location of the credential source. This method should be used to update the credential location.

Parameters:

credentialLocation - The new location of the credential source.

getCertificateConfig

@Nullable
public IdentityPoolCredentialSource.CertificateConfig getCertificateConfig()

Gets the configuration for X.509-based workload credentials (mTLS), if configured.

Returns:

The IdentityPoolCredentialSource.CertificateConfig object, or null if not configured for certificate-based credentials.