wif_workaround

You normally use googleapis_auth package to connect to Google Cloud services. It works with service account keys and metadata server, but not with local keys obtained with Workload Identity Federation. See this issue.

This package allows you to use Workload Identity Federation if you have locally installed gcloud CLI.

It wraps the function clientViaApplicationDefaultCredentials which you normally call to authenticate and which breaks with WIF keys. On any exception, it executes gcloud auth print-access-token to get an access token and returns a client which adds it to requests.

Usage

Modify your normal code by adding the import and 'w.' prefix:

import 'package:gcloud/pubsub.dart';
import 'package:wif_workaround/wif_workaround.dart' as w; // Add this import.

Future<void> main() async {
  final pubsub = PubSub(
    // Add 'w.' before your normal call.
    await w.clientViaApplicationDefaultCredentials(scopes: PubSub.SCOPES),
    'my-project-id',
  );

  // ...
}

wif_workaround

Usage

Libraries

wif_workaround package