1+ /*
2+ * Copyright 2020 Google LLC
3+ *
4+ * Licensed under the Apache License, Version 2.0 (the "License");
5+ * you may not use this file except in compliance with the License.
6+ * You may obtain a copy of the License at
7+ *
8+ * http://www.apache.org/licenses/LICENSE-2.0
9+ *
10+ * Unless required by applicable law or agreed to in writing, software
11+ * distributed under the License is distributed on an "AS IS" BASIS,
12+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+ * See the License for the specific language governing permissions and
14+ * limitations under the License.
15+ */
16+
17+ package com .example .functions ;
18+
19+ // [START functions_bearer_token]
20+
21+ import com .google .cloud .functions .HttpFunction ;
22+ import com .google .cloud .functions .HttpRequest ;
23+ import com .google .cloud .functions .HttpResponse ;
24+ import java .io .BufferedWriter ;
25+ import java .io .IOException ;
26+ import java .net .URI ;
27+ import java .net .http .HttpClient ;
28+ import java .time .Duration ;
29+ import java .util .logging .Logger ;
30+
31+ public class BearerTokenHttp implements HttpFunction {
32+ private static final Logger LOGGER = Logger .getLogger (BearerTokenHttp .class .getName ());
33+
34+ // TODO<developer> specify values for these environment variables
35+ private static String REGION = System .getenv ("TARGET_REGION" );
36+ private static String PROJECT_ID = System .getenv ("GCP_PROJECT" );
37+ private static String RECEIVING_FUNCTION_NAME = "myFunction" ;
38+
39+ private static String receivingFunctionUrl = String .format (
40+ "https://%s-%s.cloudfunctions.net/%s" , REGION , PROJECT_ID , RECEIVING_FUNCTION_NAME );
41+ private static String metadataTokenEndpoint =
42+ "http://metadata/computeMetadata/v1/instance/service-accounts/default/identity?audience=" ;
43+
44+ private static HttpClient client =
45+ HttpClient .newBuilder ().connectTimeout (Duration .ofSeconds (10 )).build ();
46+
47+ @ Override
48+ public void service (HttpRequest request , HttpResponse response )
49+ throws IOException , InterruptedException {
50+
51+ // Set up metadata server request
52+ // See https://cloud.google.com/compute/docs/instances/verifying-instance-identity#request_signature
53+ java .net .http .HttpRequest tokenRequest = java .net .http .HttpRequest .newBuilder ()
54+ .uri (URI .create (metadataTokenEndpoint + receivingFunctionUrl ))
55+ .GET ()
56+ .header ("Metadata-Flavor" , "Google" )
57+ .build ();
58+
59+ // Fetch the bearer token
60+ java .net .http .HttpResponse <String > tokenReponse =
61+ client .send (tokenRequest , java .net .http .HttpResponse .BodyHandlers .ofString ());
62+ String token = tokenReponse .body ();
63+
64+ // Pass the token along to receiving function
65+ java .net .http .HttpRequest functionRequest = java .net .http .HttpRequest .newBuilder ()
66+ .uri (URI .create (receivingFunctionUrl ))
67+ .GET ()
68+ .header ("Authorization" , "Bearer " + token )
69+ .build ();
70+ java .net .http .HttpResponse <String > functionResponse =
71+ client .send (functionRequest , java .net .http .HttpResponse .BodyHandlers .ofString ());
72+
73+ // Write the results to the output:
74+ BufferedWriter writer = response .getWriter ();
75+ writer .write (functionResponse .body ());
76+ }
77+ }
78+ // [END functions_bearer_token]
0 commit comments