oauth2client.contrib.gce module

Utilities for Google Compute Engine

Utilities for making it easier to use OAuth 2.0 on Google Compute Engine.

class oauth2client.contrib.gce.AppAssertionCredentials(*args, **kwargs)[source]

Bases: oauth2client.client.AssertionCredentials

Credentials object for Compute Engine Assertion Grants

This object will allow a Compute Engine instance to identify itself to Google and other OAuth 2.0 servers that can verify assertions. It can be used for the purpose of accessing data stored under an account assigned to the Compute Engine instance itself.

This credential does not require a flow to instantiate because it represents a two legged flow, and therefore has all of the required information to generate and refresh its own access tokens.

create_scoped(scopes)[source]
create_scoped_required()[source]
classmethod from_json(json_data)[source]
serialization_data
service_account_email

Get the email for the current service account.

Uses the Google Compute Engine metadata service to retrieve the email of the default service account.

Returns:

string, The email associated with the Google Compute Engine service account.

Raises:
  • AttributeError, if the email can not be retrieved from the Google
  • Compute Engine metadata service.
sign_blob(blob)[source]

Cryptographically sign a blob (of bytes).

This method is provided to support a common interface, but the actual key used for a Google Compute Engine service account is not available, so it can’t be used to sign content.

Parameters:blob – bytes, Message to be signed.
Raises:NotImplementedError, always.