Support for GCP Service Account authentication?
jakebiesinger opened this issue · 3 comments
Hi!
New to Bravado. We use GCP service accounts extensively and I'd like to combine them with Bravado. Is this currently possible?
GCP provides a client library that's also based on Requests, but you have to use their AuthenticatedSession object to do so, which seems at odds with your direct usage of requests.Request.
Thoughts?
At first blush, it looks like we could simply provide an optional requests.Session object, one which we'd generate from Google's client library. We could provide the session to the RequestsClient constructor:
bravado/bravado/requests_client.py
Line 106 in 627f6c9
Checking https://cloud.google.com/compute/docs/tutorials/python-guide looks like the GCP python client exposes Google Cloud Platform apis via methods and not Swagger specs, so it shouldn't be usable with bravado.
@jakebiesinger: I'm probably misunderstanding your request, so I would ask if you could describe (maybe with a snippet) what are you trying to achieve.
Sorry this was unclear.
I'm not trying to call Google APIs as if they were Swagger endpoints. Rather, I'm trying to call one of our own APIs (which is a Swagger endpoint), but to have that call authenticated as a GCP Service Account.
The way non-swagger APIs would normally do this is to grab credentials for the service account and make POST or GETs using Google's own requests-based client library. https://google-auth.readthedocs.io/en/latest/user-guide.html#requests
Since you generate a fresh Session there in the linked line 106, I'm suggesting that you instead let us optionally pass in Google's AuthorizedSession, which is, after all, just a subclass of requests.Session (instead of creating a new one).
I'll try this out in a PR if I get a chance in the next day or two.