Sample code for 30+ languages & platforms
PureBasic

Get Google Cloud Storage Access Token using Service Account JSON Private Key

See more Google Cloud Storage Examples

Demonstrates how to get a Google Cloud Storage access token using a JSON service account private key. Obtaining an access token for a service account requires no user interaction (it does not require a browser, nor callback URI's, etc.).

When an access token expires, an application can be (and should be) designed to automatically fetch a new access token.

Chilkat PureBasic Downloads

PureBasic
IncludeFile "CkSocket.pb"
IncludeFile "CkAuthGoogle.pb"
IncludeFile "CkStringBuilder.pb"
IncludeFile "CkFileAccess.pb"

Procedure ChilkatExample()

    success.i = 0

    ; This example requires the Chilkat API to have been previously unlocked.
    ; See Global Unlock Sample for sample code.

    ; First load the JSON key into a string.
    fac.i = CkFileAccess::ckCreate()
    If fac.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    jsonKey.s = CkFileAccess::ckReadEntireTextFile(fac,"qa_data/googleApi/ChilkatCloud-13a07a2e8b3f.json","utf-8")
    If CkFileAccess::ckLastMethodSuccess(fac) <> 1
        Debug CkFileAccess::ckLastErrorText(fac)
        CkFileAccess::ckDispose(fac)
        ProcedureReturn
    EndIf

    ; A JSON private key should look something like this:

    ; 	{
    ; 	  "type": "service_account",
    ; 	  "project_id": "chilkattest-1350",
    ; 	  "private_key_id": "fa2e36ee26986eab628b59868af8bec1d1c64c38",
    ; 	  "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvgIjFa...28N64N2n1E4FYzBZjSdy\n-----END PRIVATE KEY-----\n",
    ; 	  "client_email": "598922945226-00rb0ppfg0sndajo6bhvd4v17jtj2d3a@developer.gserviceaccount.com",
    ; 	  "client_id": "598922945226-00rb0ppfg0snd9jo7bhvd4v17jtj2d3a.apps.googleusercontent.com",
    ; 	  "auth_uri": "https://accounts.google.com/o/oauth2/auth",
    ; 	  "token_uri": "https://accounts.google.com/o/oauth2/token",
    ; 	  "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
    ; 	  "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/598922945226-00rb0ppfg0sndajo6bhvd4v17jtj2d3a%40developer.gserviceaccount.com"
    ; 	}

    gAuth.i = CkAuthGoogle::ckCreate()
    If gAuth.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkAuthGoogle::setCkJsonKey(gAuth, jsonKey)

    ; Choose a scope.
    CkAuthGoogle::setCkScope(gAuth, "https://www.googleapis.com/auth/cloud-platform")

    ; Request an access token that is valid for this many seconds.
    CkAuthGoogle::setCkExpireNumSeconds(gAuth, 3600)

    ; If the application is requesting delegated access:
    ; The email address of the user for which the application is requesting delegated access,
    ; then set the email address here. (Otherwise leave it empty.)
    CkAuthGoogle::setCkSubEmailAddress(gAuth, "")

    ; Connect to www.googleapis.com using TLS (TLS 1.2 is the default.)
    ; The Chilkat socket object is used so that the connection can be established
    ; through proxies or an SSH tunnel if desired.
    tlsSock.i = CkSocket::ckCreate()
    If tlsSock.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    success = CkSocket::ckConnect(tlsSock,"www.googleapis.com",443,1,5000)
    If success <> 1
        Debug CkSocket::ckLastErrorText(tlsSock)
        CkFileAccess::ckDispose(fac)
        CkAuthGoogle::ckDispose(gAuth)
        CkSocket::ckDispose(tlsSock)
        ProcedureReturn
    EndIf

    ; Send the request to obtain the access token.
    success = CkAuthGoogle::ckObtainAccessToken(gAuth,tlsSock)
    If success <> 1
        Debug CkAuthGoogle::ckLastErrorText(gAuth)
        CkFileAccess::ckDispose(fac)
        CkAuthGoogle::ckDispose(gAuth)
        CkSocket::ckDispose(tlsSock)
        ProcedureReturn
    EndIf

    ; Examine the access token:
    Debug "Access Token: " + CkAuthGoogle::ckAccessToken(gAuth)

    ; We're going to save this access token to a file to be used
    ; by other examples.
    sbToken.i = CkStringBuilder::ckCreate()
    If sbToken.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkStringBuilder::ckAppend(sbToken,CkAuthGoogle::ckAccessToken(gAuth))
    CkStringBuilder::ckWriteFile(sbToken,"qa_data/tokens/googleCloudStorageAccessToken.txt","utf-8",0)


    CkFileAccess::ckDispose(fac)
    CkAuthGoogle::ckDispose(gAuth)
    CkSocket::ckDispose(tlsSock)
    CkStringBuilder::ckDispose(sbToken)


    ProcedureReturn
EndProcedure