Add service_account.Credentials.to_jwt_credentials (#45)
diff --git a/google/oauth2/service_account.py b/google/oauth2/service_account.py
index dfbe352..df6f1b2 100644
--- a/google/oauth2/service_account.py
+++ b/google/oauth2/service_account.py
@@ -204,6 +204,33 @@
filename, require=['client_email', 'token_uri'])
return cls._from_signer_and_info(signer, info, **kwargs)
+ def to_jwt_credentials(self):
+ """Creates a :cls:`google.auth.jwt.Credentials` instance from this
+ instance.
+
+ The new instance will use the same private key as this instance and
+ will use this instance's service account email as the issuer and
+ subject.
+
+ This is the same as calling
+ :meth:`jwt.Credentials.from_service_account_file` with the same
+ file used to create these credentials::
+
+ svc_creds = service_account.Credentials.from_service_account_file(
+ 'service_account.json')
+ jwt_from_svc = svc_credentials.to_jwt_credentials()
+ # is the same as:
+ jwt_creds = jwt.Credentials.from_service_account_file(
+ 'service_account.json')
+
+ Returns:
+ google.auth.jwt.Credentials: A new Credentials instance.
+ """
+ return jwt.Credentials(
+ self._signer,
+ issuer=self._service_account_email,
+ subject=self._service_account_email)
+
@property
def requires_scopes(self):
"""Checks if the credentials requires scopes.