Skip to content

Instantly share code, notes, and snippets.

@tylertreat

tylertreat/GCPAuthenticationInterceptor.java

Created January 25, 2019 16:48
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save tylertreat/bd9e8ca26c6cd52a48263d3590d46980 to your computer and use it in GitHub Desktop.
Save tylertreat/bd9e8ca26c6cd52a48263d3590d46980 to your computer and use it in GitHub Desktop.
Download ZIP
Method to get a JWT signed by a GCP service account for OIDC
Raw
GCPAuthenticationInterceptor.java
private String getSignedJwt() {
long now = System.currentTimeMillis();
RSAPrivateKey privateKey = (RSAPrivateKey) credentials.getPrivateKey();
Algorithm algorithm = Algorithm.RSA256(null, privateKey);
return JWT.create()
.withKeyId(credentials.getPrivateKeyId())
.withIssuer(credentials.getClientEmail())
.withSubject(credentials.getClientEmail())
.withAudience(OAUTH_TOKEN_URI)
.withIssuedAt(new Date(now))
.withExpiresAt(new Date(now + EXPIRATION_TIME_IN_MILLIS))
.withClaim("target_audience", clientId)
.sign(algorithm);
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment