Sample code for 30+ languages & platforms
Delphi ActiveX

Get Google Cloud SQL Access Token using Service Account JSON Private Key

See more Google Cloud SQL Examples

Demonstrates how to get a Google Cloud SQL access token using a JSON service account private key. Obtaining an access token for a service account requires no user interaction (it does not require a browser, nor callback URI's, etc.).

When an access token expires, an application can be (and should be) designed to automatically fetch a new access token.

Chilkat Delphi ActiveX Downloads

Delphi ActiveX
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Chilkat_TLB;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Integer;
fac: TCkFileAccess;
jsonKey: WideString;
gAuth: TChilkatAuthGoogle;
tlsSock: TChilkatSocket;
sbToken: TChilkatStringBuilder;

begin
success := 0;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// First load the JSON key into a string.
fac := TCkFileAccess.Create(Self);
jsonKey := fac.ReadEntireTextFile('qa_data/googleApi/ChilkatCloud-13a07a2e8b3f.json','utf-8');
if (fac.LastMethodSuccess <> 1) then
  begin
    Memo1.Lines.Add(fac.LastErrorText);
    Exit;
  end;

// A JSON private key should look something like this:

// 	{
// 	  "type": "service_account",
// 	  "project_id": "chilkattest-1350",
// 	  "private_key_id": "fa2e36ee26986eab628b59868af8bec1d1c64c38",
// 	  "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvgIjFa...28N64N2n1E4FYzBZjSdy\n-----END PRIVATE KEY-----\n",
// 	  "client_email": "598922945226-00rb0ppfg0sndajo6bhvd4v17jtj2d3a@developer.gserviceaccount.com",
// 	  "client_id": "598922945226-00rb0ppfg0snd9jo7bhvd4v17jtj2d3a.apps.googleusercontent.com",
// 	  "auth_uri": "https://accounts.google.com/o/oauth2/auth",
// 	  "token_uri": "https://accounts.google.com/o/oauth2/token",
// 	  "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
// 	  "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/598922945226-00rb0ppfg0sndajo6bhvd4v17jtj2d3a%40developer.gserviceaccount.com"
// 	}

gAuth := TChilkatAuthGoogle.Create(Self);
gAuth.JsonKey := jsonKey;

// Choose a scope.
// Here's the OAuth 2.0 scope information for the Cloud SQL Admin API:
// https://www.googleapis.com/auth/sqlservice.admin 	(Read/write access to Cloud SQL.)
// https://www.googleapis.com/auth/cloud-platform 	(Instances.import and Instances.export need this additional scope.)
gAuth.Scope := 'https://www.googleapis.com/auth/sqlservice.admin';

// Request an access token that is valid for this many seconds.
gAuth.ExpireNumSeconds := 3600;

// If the application is requesting delegated access:
// The email address of the user for which the application is requesting delegated access,
// then set the email address here. (Otherwise leave it empty.)
gAuth.SubEmailAddress := '';

// Connect to www.googleapis.com using TLS (TLS 1.2 is the default.)
// The Chilkat socket object is used so that the connection can be established
// through proxies or an SSH tunnel if desired.
tlsSock := TChilkatSocket.Create(Self);
success := tlsSock.Connect('www.googleapis.com',443,1,5000);
if (success <> 1) then
  begin
    Memo1.Lines.Add(tlsSock.LastErrorText);
    Exit;
  end;

// Send the request to obtain the access token.
success := gAuth.ObtainAccessToken(tlsSock.ControlInterface);
if (success <> 1) then
  begin
    Memo1.Lines.Add(gAuth.LastErrorText);
    Exit;
  end;

// Examine the access token:
Memo1.Lines.Add('Access Token: ' + gAuth.AccessToken);

// Access token looks like this:  ya29.c.Ko4Bwwe3nG5rUvoBmJwadi ... Br4Ogz0B6qLAjg

// We're going to save this access token to a file to be used
// by other examples.
sbToken := TChilkatStringBuilder.Create(Self);
sbToken.Append(gAuth.AccessToken);
sbToken.WriteFile('qa_data/tokens/google_cloud_sql_access_token.txt','utf-8',0);
end;