googleapis
feat: Get id token for impersonated service account
Hello, thanks for a maintaining a great sdk. In order to autenticate impersonated service accounts with e.g. a Cloud Run service, the ISAC IdToken has to be fetched for a given target audience.
I have made this PR to allow this using the ImpersonatedServiceAccountCredentials class, so the AuthTokenMiddleware can use it to add the ISAC IdToken to a request. The change also allows ApplicationDefaultCredentials::getIdTokenMiddleware() and getIdTokenCredentials() to find ImpersonatedServiceAccountCredentials.
Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).
View this failed invocation of the CLA check for more information.
For the most up to date status, view the checks section at the bottom of the pull request.
![google-cla[bot] avatar](https://avatars.githubusercontent.com/in/42202?v=4 "Published by a pub.dev verified publisher"){kind=small}
Hi @gjvanahee ! This looks great, thank you for contributing this.
Coincidentally, I was just working on this in https://github.com/googleapis/google-auth-library-php/pull/580! We will get this merged soon, and then merge your additions as well.
@gjvanahee If you'd like to help, you could use test https://github.com/googleapis/google-auth-library-php/pull/580 in your own use-case. I would love to have you review it!
composer require google/auth:dev-add-impersonated-service-account-credentials
I'll use the tests you've written in this PR as well to make sure it works the same.
Thanks again
Closing this PR as it should be completely implemented by https://github.com/googleapis/google-auth-library-php/pull/580