Skip to content

Instantly share code, notes, and snippets.

View salrashid123's full-sized avatar

salrashid123

245 followers · 1 following
View GitHub Profile
@salrashid123
salrashid123 / gettoken.sh
Created September 9, 2022 11:38
GCP Service Account authentication with bash curl openssl jq
#!/usr/bin/bash
# get gcp service account access token using curl, openssl, jq
# https://developers.google.com/identity/protocols/oauth2/service-account#authorizingrequests
# code below credited to
# https://gist.github.com/LindaLawton/cff75182aac5fa42930a09f58b63a309?permalink_comment_id=4232119#gistcomment-4232119
# usage:
# with svc_acount.json file
@salrashid123
salrashid123 / aws.java
Last active August 22, 2022 14:40
aws s3 client example for gcs
package com.test;
import java.util.List;
import java.util.logging.ConsoleHandler;
import java.util.logging.Level;
import java.util.logging.Logger;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.BasicAWSCredentials;
import com.amazonaws.client.builder.AwsClientBuilder;
@salrashid123
salrashid123 / jwk
Created August 15, 2022 16:25
just a jwk for https://gist.github.com/salrashid123/c8283cdd7155bae3fdf53f3fe3abcfd8
{"keys": [ {
"alg": "RS256",
"e": "AQAB",
"kid": "123456",
"kty": "RSA",
"n": "qqrpBHkLN4vT6g279KYTnnbKWHIEa-fK04wlamlrALQpV6QGfIrPwSgU_ElRFpsPJYWxCvEtYS01lBC70IeAhObR5DY9Z-jTvhk1tA-VrxyEhAHLuCuCsAPLow4ZSJ-aB0vZuUtaV9-qO-0gyJEG9y_5FKT51Tbr0INtjDASH43seoQtsPDG2tnKEj9r7jOLUNehj5j4Dgv-sJMGe3EyKlw7p6vsIhsU23v0VrTxdHGuelzplxCUQJoPRSxgepYyVmfrB12XJ5uJtLhYwuTbFb3BIUyswBtxtGcigvk_ftkuSQjubiXe8UtltBI7INfs7vmAVuQr7YN8Alni4Z3BeQ",
"use": "sig"
} ] }
@salrashid123
salrashid123 / main.go
Last active August 17, 2022 12:09
golang-jwt parserver and keyfunc
package main
import (
"crypto/x509"
"encoding/pem"
"errors"
"fmt"
"log"
"time"
@salrashid123
salrashid123 / main.py
Last active July 6, 2022 19:15
Using TINKKEY to create EncryptedKeyset for BigQuery
# 1. Create KEK in KMS
# 2. Use TinkKey to generate DEK and wrap that with KEK (i.,e encryptedKeyset)
# 3. use python tink to encrypt some data with wrappeed DEK keyset
# 4. Use BQ functions to decrypt data using ciphertext in 3 and EncryptedKeyset in 2
# ref
# https://blog.salrashid.dev/articles/2022/bq_kms/
# https://github.com/salrashid123/tink_samples/
@salrashid123
salrashid123 / getsamlassertion.py
Created July 6, 2022 11:55
GCP Workload Identity Federation using SAML (https://blog.salrashid.dev/articles/2022/gcpcompat-saml/)
#!/usr/bin/python
import base64
import datetime
import getopt
import random
import sys
import time
@salrashid123
salrashid123 / gemerate.go
Created June 26, 2022 15:46
Create or import new KMS TINK key for BigQuery SQL column-level encryption https://blog.salrashid.dev/articles/2022/bq_kms/
package main
import (
"bytes"
"encoding/base64"
"flag"
"fmt"
"math/rand"
"github.com/google/tink/go/aead"
@salrashid123
salrashid123 / decrypt.go
Last active July 18, 2022 14:21
Decrypt encrypted data for BigQuery SQL column-level encryption https://blog.salrashid.dev/articles/2022/bq_kms/
package main
import (
"bytes"
"encoding/base64"
"flag"
"fmt"
"github.com/google/tink/go/aead"
@salrashid123
salrashid123 / main.py
Created June 22, 2022 11:15
google healthcare api client using discovery and authorized session (https://cloud.google.com/healthcare-api/docs/how-tos/nlp)
import httplib2
import google.auth
from apiclient.discovery import build
from oauth2client.service_account import ServiceAccountCredentials
from oauth2client.client import GoogleCredentials
from google.api_core import operations_v1
from google.api_core import operation
from google.auth.transport.requests import AuthorizedSession
project_id = 'yourproject'
@salrashid123
salrashid123 / hmacsha.go
Last active June 21, 2022 17:36
hmac signedURL for GCS
package main
import (
"crypto/hmac"
"crypto/sha1"
"encoding/base64"
"flag"
"fmt"
"io"
"net/http"