cloud_storage/resources/
service_account.rs

1/// A deserialized `service-account-********.json`-file.
2#[derive(serde::Deserialize, Debug)]
3pub struct ServiceAccount {
4    /// The type of authentication, this should always be `service_account`.
5    #[serde(rename = "type")]
6    pub r#type: String,
7    /// The name of the current project.
8    pub project_id: String,
9    /// A unqiue identifier for the private key.
10    pub private_key_id: String,
11    /// The private key in RSA format.
12    pub private_key: String,
13    /// The email address associated with the service account.
14    pub client_email: String,
15    /// The unique identifier for this client.
16    pub client_id: String,
17    /// The endpoint where authentication happens.
18    pub auth_uri: String,
19    /// The endpoint where OAuth2 tokens are issued.
20    pub token_uri: String,
21    /// The url of the cert provider.
22    pub auth_provider_x509_cert_url: String,
23    /// The url of a static file containing metadata for this certificate.
24    pub client_x509_cert_url: String,
25}
26
27impl ServiceAccount {
28    pub(crate) fn get() -> Self {
29        dotenv::dotenv().ok();
30        let credentials_json = std::env::var("SERVICE_ACCOUNT")
31            .or_else(|_| std::env::var("GOOGLE_APPLICATION_CREDENTIALS"))
32            .map(|path| std::fs::read_to_string(path).expect("SERVICE_ACCOUNT file not found"))
33            .or_else(|_| std::env::var("SERVICE_ACCOUNT_JSON"))
34            .or_else(|_| std::env::var("GOOGLE_APPLICATION_CREDENTIALS_JSON"))
35            .expect(
36                "SERVICE_ACCOUNT(_JSON) or GOOGLE_APPLICATION_CREDENTIALS(_JSON) environment parameter required",
37            );
38        let account: Self =
39            serde_json::from_str(&credentials_json).expect("SERVICE_ACCOUNT file not valid");
40        assert_eq!(
41            account.r#type, "service_account",
42            "`type` parameter of `SERVICE_ACCOUNT` variable is not 'service_account'"
43        );
44        account
45    }
46}