10000 Merge branch 'master' of github.com:GoogleCloudPlatform/python-docs-s… · jbrendel/python-docs-samples@3450743 · GitHub
[go: up one dir, main page]
Skip to content

Commit 3450743

Browse files
author
Jon Wayne Parrott
committed
Merge branch 'master' of github.com:GoogleCloudPlatform/python-docs-samples
2 parents 3f71bfc + 5e41d03 commit 3450743

File tree

2 files changed

+8
-9
lines changed

2 files changed

+8
-9
lines changed

endpoints/getting-started/clients/service_to_service_google_id_token/main.py

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -24,9 +24,9 @@
2424
from google.appengine.api import app_identity
2525
import webapp2
2626

27-
DEFAUTL_SERVICE_ACCOUNT = "YOUR-CLIENT-PROJECT-ID@appspot.gserviceaccount.com"
27+
SERVICE_ACCOUNT_EMAIL = "YOUR-CLIENT-PROJECT-ID@appspot.gserviceaccount.com"
2828
HOST = "YOUR-SERVER-PROJECT-ID.appspot.com"
29-
TARGET_AUD = "YOUR-SERVER-PROJECT-ID@appspot.gserviceaccount.com"
29+
TARGET_AUD = "https://YOUR-SERVER-PROJECT-ID.appspot.com"
3030

3131

3232
def generate_jwt():
@@ -42,11 +42,10 @@ def generate_jwt():
4242
"iat": now,
4343
# expires after one hour.
4444
"exp": now + 3600,
45-
# iss is the Google App Engine default service account email.
46-
"iss": DEFAUTL_SERVICE_ACCOUNT,
47-
# scope must match 'audien C5A9 ce' for google_id_token in the security
48-
# configuration in your swagger spec.
49-
"scope": TARGET_AUD,
45+
# iss is the service account email.
46+
"iss": SERVICE_ACCOUNT_EMAIL,
47+
# target_audience is the URL of the target service.
48+
"target_audience": TARGET_AUD,
5049
# aud must be Google token endpoints URL.
5150
"aud": "https://www.googleapis.com/oauth2/v4/token"
5251
})

endpoints/getting-started/openapi.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -141,8 +141,8 @@ securityDefinitions:
141141
authorizationUrl: ""
142142
flow: "implicit"
143143
type: "oauth2"
144-
x-google-issuer: "accounts.google.com"
145-
x-google-jwks_uri: "https://www.googleapis.com/oauth2/v1/certs"
144+
x-google-issuer: "https://accounts.google.com"
145+
x-google-jwks_uri: "https://www.googleapis.com/oauth2/v3/certs"
146146
# Your OAuth2 client's Client ID must be added here. You can add multiple client IDs to accept tokens form multiple clients.
147147
x-google-audiences: "YOUR-CLIENT-ID"
148148
# This section configures authentication using Firebase Auth.

0 commit comments

Comments
 (0)
0