This repository has been archived by the owner on Jul 13, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 37
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: Add sample codes for cloud-iot-token-service generateAccessToke…
…n API
- Loading branch information
1 parent
567a6fb
commit 1e69787
Showing
9 changed files
with
2,019 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| resources/* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,35 @@ | ||
| <img src="https://avatars2.githubusercontent.com/u/2810941?v=3&s=96" alt="Google Cloud Platform logo" title="Google Cloud Platform" align="right" height="96" width="96"/> | ||
|
|
||
| # Google Cloud IoT Core NodeJS Device Federated Authentication example | ||
|
|
||
| This sample app demonstrates the capabilites of Google Cloud IoT Core device federated authentication feature. | ||
|
|
||
| Devices authenticated to Cloud IoT Core can use the [Token Service](https://cloud.google.com/iot/alpha/docs/reference/cloudiottoken/rest) federated authentication to request [OAuth 2.0 access tokens](https://developers.google.com/identity/protocols/oauth2) in exchange for their [Cloud IoT Core JWTs](https://cloud.google.com/iot/docs/how-tos/credentials/jwts). | ||
|
|
||
| The OAuth 2.0 credentials can be used to call different [Google Cloud APIs](https://developers.google.com/identity/protocols/oauth2/scopes) with fine-grained permissions and access control using [Workload Identity Federation](https://cloud.google.com/iam/docs/workload-identity-federation). | ||
|
|
||
| For more information, see https://cloud.google.com/iot/alpha/docs/how-tos/federated_auth | ||
|
|
||
| # Setup | ||
|
|
||
| Run the following command to install the library dependencies for NodeJS: | ||
|
|
||
| npm install | ||
|
|
||
| # Running the sample | ||
|
|
||
| Commands: | ||
| generateAccessToken Generates OAuth 2.0 Google Access Token. | ||
| exchangeDeviceAccessTokenToServiceAccountToken Exchanges device access token to service account access token. | ||
| publishPubSubMessage Publishes a message to Cloud Pub/Sub topic. | ||
| downloadCloudStorageFile Downloads a file from Cloud Storage bucket. | ||
| sendCommandToIoTDevice Sends a command to an IoT device. | ||
|
|
||
| Examples: | ||
| node access_token.js generateAccessToken --cloudRegion=us-central1 --projectId=my-project my-registry my-device https://www.googleapis.com/auth/cloud-platform RS256 ../resources/rsa_private.pem | ||
| node access_token.js publishPubSubMessage --cloudRegion=us-central1 --projectId=my-project my-registry my-device RS256 ../resources/rsa_private.pem my-pubsub-topic | ||
| node access_token.js downloadCloudStorageFile --cloudRegion=us-central1 --projectId=my-project my-registry my-device RS256 ../resources/rsa_private.pem my-storage-bucket ../resources/logo.png | ||
| node access_token.js sendCommandToIoTDevice --cloudRegion=us-central1 --projectId=my-project my-registry my-device RS256 ../resources/rsa_private.pem my-service-account@my-project.iam.gserviceaccount.com | ||
| node access_token.js exchangeDeviceAccessTokenToServiceAccountToken device-access-token my-service-account@my-project.iam.gserviceaccount.com | ||
|
|
||
| For more information, see https://cloud.google.com/iot-core/docs |
Oops, something went wrong.