Last active
April 15, 2019 11:32
-
-
Save stephendarling/1f6de8d2327f245d0d85080c2961bee6 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import time | |
| import jwt | |
| import urllib | |
| ... | |
| # Create and return a signed JWT token to the designated service endpoint | |
| # credentials_json = a Python dictionary created by loading your local service account credentials json file | |
| # run_service_url = The https endpoint created automatically by your new Cloud Run service | |
| def create_signed_jwt(credentials_json, run_service_url): | |
| iat = time.time() | |
| exp = iat + 3600 | |
| payload = { | |
| 'iss': credentials_json['client_email'], | |
| 'sub': credentials_json['client_email'], | |
| 'target_audience': run_service_url, | |
| 'aud': 'https://www.googleapis.com/oauth2/v4/token', | |
| 'iat': iat, | |
| 'exp': exp | |
| } | |
| additional_headers = { | |
| 'kid': credentials_json['private_key_id'] | |
| } | |
| signed_jwt = jwt.encode( | |
| payload, | |
| credentials_json['private_key'], | |
| headers=additional_headers, | |
| algorithm='RS256' | |
| ) | |
| return signed_jwt |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment