|
|
(JavaScript) Get Google API Access Token using JSON Private Key using NIST Time Server Date/Time
Demonstrates how to get a Google API access token using a JSON service account private key, using the NIST time server date/time rather than the local system date/time.
var success = false;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// First, let's get the current date/time from time-c.nist.gov
var socket = new CkSocket();
// Connect to an NIST time server and read the current date/time
var maxWaitMs = 8000;
var useTls = false;
success = socket.Connect("time-c.nist.gov",37,useTls,maxWaitMs);
if (success !== true) {
console.log(socket.LastErrorText);
return;
}
// The time server will send a big-endian 32-bit integer representing
// the number of seconds since since 00:00 (midnight) 1 January 1900 GMT.
// The ReceiveInt32 method will receive a 4-byte integer, but returns
// true or false to indicate success. If successful, the integer
// is obtained via the ReceivedInt property.
var bigEndian = true;
success = socket.ReceiveInt32(bigEndian);
if (success !== true) {
console.log(socket.LastErrorText);
return;
}
var dt = new CkDateTime();
dt.SetFromNtpTime(socket.ReceivedInt);
// Show the current local date/time
var bLocalTime = true;
console.log("Current local date/time: " + dt.GetAsRfc822(bLocalTime));
maxWaitMs = 10;
socket.Close(maxWaitMs);
// ------------------------------------------------------------------------
// OK, we have the current date/time. We'll use it to set the IAT property
// in the code below.
// First load the JSON key into a string.
var fac = new CkFileAccess();
var jsonKey = fac.ReadEntireTextFile("qa_data/googleApi/ChilkatTest-ab2ecd52ef98.json","utf-8");
if (fac.LastMethodSuccess !== true) {
console.log(fac.LastErrorText);
return;
}
// A JSON private key should look like this:
// {
// "type": "service_account",
// "project_id": "chilkattest-1350",
// "private_key_id": "fa2e36ee26986eab628b59868af8bec1d1c64c38",
// "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvgIjFa...28N64N2n1E4FYzBZjSdy\n-----END PRIVATE KEY-----\n",
// "client_email": "598922945226-00rb0ppfg0sndajo6bhvd4v17jtj2d3a@developer.gserviceaccount.com",
// "client_id": "598922945226-00rb0ppfg0snd9jo7bhvd4v17jtj2d3a.apps.googleusercontent.com",
// "auth_uri": "https://accounts.google.com/o/oauth2/auth",
// "token_uri": "https://accounts.google.com/o/oauth2/token",
// "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
// "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/598922945226-00rb0ppfg0sndajo6bhvd4v17jtj2d3a%40developer.gserviceaccount.com"
// }
var gAuth = new CkAuthGoogle();
gAuth.JsonKey = jsonKey;
// Choose a scope.
gAuth.Scope = "https://www.googleapis.com/auth/cloud-platform";
// Request an access token that is valid for this many seconds.
gAuth.ExpireNumSeconds = 3600;
// If the application is requesting delegated access:
// The email address of the user for which the application is requesting delegated access,
// then set the email address here. (Otherwise leave it empty.)
gAuth.SubEmailAddress = "";
// ------------------------------------------------------------------------
// Set the IAT using the date/time from the NIST time server.
var unixTime = dt.GetAsUnixTime(false);
console.log("unixTime = " + unixTime);
gAuth.Iat = unixTime;
// Connect to www.googleapis.com using TLS (TLS 1.2 is the default.)
// The Chilkat socket object is used so that the connection can be established
// through proxies or an SSH tunnel if desired.
var tlsSock = new CkSocket();
success = tlsSock.Connect("www.googleapis.com",443,true,5000);
if (success !== true) {
console.log(tlsSock.LastErrorText);
return;
}
// Send the request to obtain the access token.
success = gAuth.ObtainAccessToken(tlsSock);
if (success !== true) {
console.log(gAuth.LastErrorText);
return;
}
// Examine the access token:
console.log("Access Token: " + gAuth.AccessToken);
|
