googleapis
Getting null in getAccessToken after giving Service Account Secrets Json
Environment details
- Specify the API at the beginning of the title. For example, "[vision]: ..."). General, Core, and Other are also allowed as types
- OS type and version: Windows 10
- Java version: 20
- Version(s):
Steps to reproduce
Getting null in getAccessToken after giving Service Account Secrets Json
GoogleCredentials credentials = GoogleCredentials.fromStream(new FileInputStream(System.getProperty("user.dir") + "\\resources\\json-files\\adc.json"))
.createScoped("https://www.googleapis.com/auth/cloud-platform");
System.out.println(credentials.getAccessToken());
Code example
GoogleCredentials credentials = GoogleCredentials.fromStream(new FileInputStream(System.getProperty("user.dir") + "\\resources\\json-files\\adc.json"))
.createScoped("https://www.googleapis.com/auth/cloud-platform");
System.out.println(credentials.getAccessToken());
Below is pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.autozone</groupId>
<artifactId>data-sync</artifactId>
<version>1.0-SNAPSHOT</version>
<parent>
<groupId>com.azo.qa.flex</groupId>
<artifactId>legacy-parent</artifactId>
<version>1.1.11-SNAPSHOT</version>
</parent>
<properties>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
<main.class>com.autozone.datasyncautomation.testrunner.TestRunner</main.class>
</properties>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>com.google.cloud</groupId>
<artifactId>libraries-bom</artifactId>
<version>26.39.0</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>org.java-websocket</groupId>
<artifactId>Java-WebSocket</artifactId>
<version>1.5.0</version>
</dependency>
<!-- https://mvnrepository.com/artifact/com.google.cloud/libraries-bom -->
<dependency>
<groupId>com.google.cloud</groupId>
<artifactId>google-cloud-pubsub</artifactId>
<version>1.122.2</version>
</dependency>
<dependency>
<groupId>com.google.cloud</groupId>
<artifactId>google-cloud-storage</artifactId>
<version>2.16.0</version>
</dependency>
<!-- https://mvnrepository.com/artifact/com.google.cloud/google-cloud-bigquery -->
<dependency>
<groupId>com.google.cloud</groupId>
<artifactId>google-cloud-bigquery</artifactId>
<version>2.35.0</version>
</dependency>
<!-- https://mvnrepository.com/artifact/com.google.cloud/google-cloud-tasks -->
<dependency>
<groupId>com.google.cloud</groupId>
<artifactId>google-cloud-tasks</artifactId>
</dependency>
</dependencies>
<profiles>
<profile>
<id>shade</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<build>
<resources>
<resource>
<directory>resources/</directory>
</resource>
</resources>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-checkstyle-plugin</artifactId>
<executions>
<execution>
<id>validate</id>
<phase>validate</phase>
</execution>
</executions>
<configuration>
<failOnViolation>false</failOnViolation>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-shade-plugin</artifactId>
<executions>
<execution>
<id>build</id>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
</profiles>
</project>
Stack trace
Any relevant stacktrace here.
External references such as API reference guides
- ?
Any additional information below
Following these steps guarantees the quickest resolution possible.
Thanks!
Hi @RYenike, thanks for reporting this.
IIUC you are trying to pass your own Application Default Credentials JSON file to create a credentials object, but please be aware that GoogleCredentials has its own getApplicationDefault() method:
GoogleCredentials credentials = GoogleCredentials.getApplicationDefault()
This should be enough to build a client.
Moreover, our clients libraries default to use the Application Default Credentials even if not specified in your code. This can be achieved by running gcloud auth application-default login before running your code.
Please let us know if using the built-in getApplicationDefault or the gcloud command worked for you.
Hello @diegomarquezp I don't want to use getApplicationDefault , as I will be running my code on another machine which is not having google cloud CLI installed in it, also in specified adc.json they are service account credentials got from secret manager -> Secrets , so I want to use that service account credential to authenticate Please suggest
Hello @diegomarquezp I don't want to use getApplicationDefault , as I will be running my code on another machine which is not having google cloud CLI installed in it, also in specified adc.json they are service account credentials got from secret manager -> Secrets , so I want to use that service account credential to authenticate Please suggest
IIUC, using getApplicationDefault() can resolve to the SA key without gcloud CLI. ADC takes the following steps to resolve the the credentials: https://github.com/googleapis/google-auth-library-java?tab=readme-ov-file#getting-application-default-credentials. I believe you can set an env var GOOGLE_APPLICATION_CREDENTIALS to point to your SA key.
Once you create GoogleCredential with the correct scopes, can you try and immediately refresh the token (with GoogleCredential.refresh() or GoogleCredential.refreshAccessToken()? This should retrieve a valid access token (non-null).
Going to close this issue as there has been no response. Feel free to re-open this issue if you still have issues.
I believe receiving null after creating a Credentials is the intended behavior. You will have to explicitly retrieve or refresh the access token to get a valid value.