Support for GCP Service Account authentication?

[jakebiesinger]

Hi!

New to Bravado. We use GCP service accounts extensively and I'd like to combine them with Bravado. Is this currently possible?

GCP provides a client library that's also based on Requests, but you have to use their AuthenticatedSession object to do so, which seems at odds with your direct usage of requests.Request.

Thoughts?

[jakebiesinger]

At first blush, it looks like we could simply provide an optional requests.Session object, one which we'd generate from Google's client library. We could provide the session to the RequestsClient constructor:

bravado/bravado/requests_client.py

Line 106 in 627f6c9

self.session = requests.Session()

[macisamuele]

Checking https://cloud.google.com/compute/docs/tutorials/python-guide looks like the GCP python client exposes Google Cloud Platform apis via methods and not Swagger specs, so it shouldn't be usable with bravado.

@jakebiesinger: I'm probably misunderstanding your request, so I would ask if you could describe (maybe with a snippet) what are you trying to achieve.

[jakebiesinger]

Sorry this was unclear.

I'm not trying to call Google APIs as if they were Swagger endpoints. Rather, I'm trying to call one of our own APIs (which is a Swagger endpoint), but to have that call authenticated as a GCP Service Account.

The way non-swagger APIs would normally do this is to grab credentials for the service account and make POST or GETs using Google's own requests-based client library. https://google-auth.readthedocs.io/en/latest/user-guide.html#requests

Since you generate a fresh Session there in the linked line 106, I'm suggesting that you instead let us optionally pass in Google's AuthorizedSession, which is, after all, just a subclass of requests.Session (instead of creating a new one).

I'll try this out in a PR if I get a chance in the next day or two.