Spaces:
Sleeping
Sleeping
File size: 1,530 Bytes
d93884d |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 |
import os
from dotenv import load_dotenv
from google.oauth2 import service_account
from google.cloud.security.publicca import PublicCertificateAuthorityServiceClient as productionclient
from google.cloud.security.publicca_v1beta1 import PublicCertificateAuthorityServiceClient as testingclient
def gen_google_eab_data():
load_dotenv()
data = {
"type": "service_account",
"project_id": os.getenv("PROJECT_ID"),
"private_key_id": os.getenv("PRIVATE_KEY_ID"),
"private_key": os.getenv("PRIVATE_KEY"),
"client_email": os.getenv("CLIENT_EMAIL"),
"client_id": os.getenv("CLIENT_ID"),
"auth_uri": os.getenv("AUTH_URI"),
"token_uri": os.getenv("TOKEN_URI"),
"auth_provider_x509_cert_url": os.getenv("AUTH_PROVIDER_X509_CERT_URL"),
"client_x509_cert_url": os.getenv("CLIENT_X509_CERT_URL"),
"universe_domain": os.getenv("UNIVERSE_DOMAIN")
}
return data
def gen_google_eab(test:bool):
service_account_info = gen_google_eab_data()
credentials = service_account.Credentials.from_service_account_info(service_account_info)
if test:
client = testingclient(credentials=credentials)
else:
client = productionclient(credentials=credentials)
project_id = service_account_info['project_id']
parent = f"projects/{project_id}"
response = client.create_external_account_key(parent=parent)
kid = response.key_id
hmac = response.b64_mac_key
return kid, hmac |