Provide a DelegatingHandler for HttpClient for calling protected Cloud Run / Cloud Function instances
See original GitHub issueThanks for stopping by to let us know something could be better!
PLEASE READ: If you have a support contract with Google, please create an issue in the support console instead of filing on GitHub. This will ensure a timely response.
Is your feature request related to a problem? Please describe. We often have to call Cloud Run or Cloud Function instances that require authentication (An account with the invoker role).
Describe the solution you’d like
It’d be great if there was a DelegatingHandler
for the HttpClient
that would take care of getting the proper token for different account types (service account, user credentials) and setting the Authorization header accordingly.
Describe alternatives you’ve considered We wrote a custom handler that we copy in multiple projects, and it works, but we’re not sure if we’re following best practices with it comes to handling the tokens
Additional context Reference doc of what we’re trying to do https://cloud.google.com/run/docs/authenticating/service-to-service (note: This doc has no example for .NET unfortunately) https://cloud.google.com/run/docs/authenticating/developers
Issue Analytics
- State:
- Created 3 months ago
- Comments:6
Top GitHub Comments
@EricStG: If you could leave it with us for a few days to discuss internally, we can get back to you - I think the main question is whether this should be a standalone library (which would be better from a consumption perspective, but more work) or part of Google.Apis.Auth (which would probably be relatively straightforward, but come with baggage).
Great! Will adds tests, documentation etc next week. We may find we need to add creds-only retries at some point, but let’s start simple…