Spaces:
Running
Running
| import os | |
| import json # Import json to parse the string | |
| from dotenv import load_dotenv | |
| from google.oauth2 import service_account | |
| from google.cloud.security.publicca import PublicCertificateAuthorityServiceClient | |
| def gen_google_eab_data(): | |
| load_dotenv() | |
| data = { | |
| "type": "service_account", | |
| "project_id": os.getenv("PROJECT_ID"), | |
| "private_key_id": os.getenv("PRIVATE_KEY_ID"), | |
| "private_key": os.getenv("PRIVATE_KEY").replace("\\n", "\n"), # Ensure proper formatting | |
| "client_email": os.getenv("CLIENT_EMAIL"), | |
| "client_id": os.getenv("CLIENT_ID"), | |
| "auth_uri": os.getenv("AUTH_URI"), | |
| "token_uri": os.getenv("TOKEN_URI"), | |
| "auth_provider_x509_cert_url": os.getenv("AUTH_PROVIDER_X509_CERT_URL"), | |
| "client_x509_cert_url": os.getenv("CLIENT_X509_CERT_URL"), | |
| "universe_domain": os.getenv("UNIVERSE_DOMAIN") | |
| } | |
| return data | |
| def gen_google_eab(): | |
| service_account_info = gen_google_eab_data() | |
| if service_account_info is None: | |
| return None, None | |
| try: | |
| credentials = service_account.Credentials.from_service_account_info(service_account_info) | |
| client = PublicCertificateAuthorityServiceClient(credentials=credentials) | |
| project_id = service_account_info['project_id'] | |
| parent = f"projects/{project_id}" | |
| # Call the method to create an external account key | |
| response = client.create_external_account_key(parent=parent) | |
| kid = response.key_id | |
| hmac = response.b64_mac_key | |
| return kid, hmac.decode() | |
| except Exception as e: | |
| print(f"Error generating Google EAB: {e}") | |
| return None, None # Or appropriate error handling | |
| # Example usage | |
| if __name__ == "__main__": | |
| kid, hmac = gen_google_eab() | |
| if kid and hmac: | |
| print(f"KID: {kid}, HMAC: {hmac}") | |
| else: | |
| print("Failed to generate KID and HMAC.") | |