droyo · December 26, 2019 23:19
diff --git a/grpc-generate-access-token.go b/grpc-generate-access-token.go
 package main

 import (
 	"log"
 	"flag"
 	"path"
 	"time"
 	"context"

 	"github.com/kr/pretty"

 	pb "google.golang.org/genproto/googleapis/iam/credentials/v1"
 //	"google.golang.org/grpc"
 //	"google.golang.org/grpc/codes"
 	"google.golang.org/api/option"
 	"github.com/golang/protobuf/ptypes"
 	gtransport "google.golang.org/api/transport/grpc"
 )

 var (
 	credentialsFile = flag.String("c", "credentials.json", "Path to credentials file")
 	svcAccount = flag.String("a", "", "service account email or unique ID to obtain token for")
 	lifetime = flag.Duration("d", time.Minute, "lifetime of token")
 )

 func main() {
 	flag.Parse()
 	if *svcAccount == "" {
 		log.Fatal("-a option required")
 	}
 	ctx := context.Background()
 	conn, err := gtransport.Dial(ctx,
 		option.WithEndpoint("iamcredentials.googleapis.com:443"),
 		option.WithScopes("https://www.googleapis.com/auth/cloud-platform"),
 		option.WithCredentialsFile(*credentialsFile))

 	if err != nil {
 		log.Fatal("Failed to dial API: ", err)
 	}
 	client := pb.NewIAMCredentialsClient(conn)
 	req := pb.GenerateAccessTokenRequest{
 		Name: path.Join("projects/-/serviceAccounts", *svcAccount),
 		Scope: []string{"https://www.googleapis.com/auth/cloud-platform"},
 		Lifetime: ptypes.DurationProto(*lifetime),
 	}
 	log.Print("request: ", pretty.Sprint(req))
 	rsp, err := client.GenerateAccessToken(ctx, &req)
 	if err != nil {
 		log.Fatal("Failed to call GenerateAccessToken: ", err)
 	}
 	pretty.Print(rsp)
 }
	package main

	import (
	"log"
	"flag"
	"path"
	"time"
	"context"

	"github.com/kr/pretty"

	pb "google.golang.org/genproto/googleapis/iam/credentials/v1"
	// "google.golang.org/grpc"
	// "google.golang.org/grpc/codes"
	"google.golang.org/api/option"
	"github.com/golang/protobuf/ptypes"
	gtransport "google.golang.org/api/transport/grpc"
	)

	var (
	credentialsFile = flag.String("c", "credentials.json", "Path to credentials file")
	svcAccount = flag.String("a", "", "service account email or unique ID to obtain token for")
	lifetime = flag.Duration("d", time.Minute, "lifetime of token")
	)

	func main() {
	flag.Parse()
	if *svcAccount == "" {
	log.Fatal("-a option required")
	}
	ctx := context.Background()
	conn, err := gtransport.Dial(ctx,
	option.WithEndpoint("iamcredentials.googleapis.com:443"),
	option.WithScopes("https://www.googleapis.com/auth/cloud-platform"),
	option.WithCredentialsFile(*credentialsFile))

	if err != nil {
	log.Fatal("Failed to dial API: ", err)
	}
	client := pb.NewIAMCredentialsClient(conn)
	req := pb.GenerateAccessTokenRequest{
	Name: path.Join("projects/-/serviceAccounts", *svcAccount),
	Scope: []string{"https://www.googleapis.com/auth/cloud-platform"},
	Lifetime: ptypes.DurationProto(*lifetime),
	}
	log.Print("request: ", pretty.Sprint(req))
	rsp, err := client.GenerateAccessToken(ctx, &req)
	if err != nil {
	log.Fatal("Failed to call GenerateAccessToken: ", err)
	}
	pretty.Print(rsp)
	}