Python google.auth() Examples
The following are 30 code examples for showing how to use google.auth(). These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example.
You may check out the related API usage on the sidebar.
You may also want to check out all available functions/classes of the module
google
, or try the search function
.
Example 1
| Project: dsub Author: DataBiosphere File: google_base.py License: Apache License 2.0 | 6 votes |
|
def retry_auth_check(exception, verbose):
"""Specific check for auth error codes.
Return True if we should retry.
False otherwise.
Args:
exception: An exception to test for transience.
verbose: If true, output retry messages
Returns:
True if we should retry. False otherwise.
"""
if isinstance(exception, googleapiclient.errors.HttpError):
if exception.resp.status in HTTP_AUTH_ERROR_CODES:
_print_retry_error(exception, verbose)
return True
return False
Example 2
| Project: dsub Author: DataBiosphere File: google_base.py License: Apache License 2.0 | 6 votes |
|
def setup_service(api_name, api_version, credentials=None):
"""Configures genomics API client.
Args:
api_name: Name of the Google API (for example: "genomics")
api_version: Version of the API (for example: "v2alpha1")
credentials: Credentials to be used for the gcloud API calls.
Returns:
A configured Google Genomics API client with appropriate credentials.
"""
# dsub is not a server application, so it is ok to filter this warning.
warnings.filterwarnings(
'ignore', 'Your application has authenticated using end user credentials')
if not credentials:
credentials, _ = google.auth.default()
return googleapiclient.discovery.build(
api_name, api_version, credentials=credentials)
Example 3
| Project: airflow Author: apache File: test_base_google.py License: Apache License 2.0 | 6 votes |
|
def test_default_creds_with_scopes(self):
self.instance.extras = {
'extra__google_cloud_platform__project': default_project,
'extra__google_cloud_platform__scope': (
','.join(
(
'https://www.googleapis.com/auth/bigquery',
'https://www.googleapis.com/auth/devstorage.read_only',
)
)
),
}
credentials = self.instance._get_credentials()
if not hasattr(credentials, 'scopes') or credentials.scopes is None:
# Some default credentials don't have any scopes associated with
# them, and that's okay.
return
scopes = credentials.scopes
self.assertIn('https://www.googleapis.com/auth/bigquery', scopes)
self.assertIn(
'https://www.googleapis.com/auth/devstorage.read_only', scopes)
Example 4
| Project: airflow Author: apache File: test_base_google.py License: Apache License 2.0 | 6 votes |
|
def test_provided_scopes(self):
self.instance.extras = {
'extra__google_cloud_platform__project': default_project,
'extra__google_cloud_platform__scope': (
','.join(
(
'https://www.googleapis.com/auth/bigquery',
'https://www.googleapis.com/auth/devstorage.read_only',
)
)
),
}
self.assertEqual(
self.instance.scopes,
[
'https://www.googleapis.com/auth/bigquery',
'https://www.googleapis.com/auth/devstorage.read_only',
],
)
Example 5
| Project: google-auth-library-python Author: googleapis File: test_mtls_http.py License: Apache License 2.0 | 6 votes |
|
def test_requests():
credentials, project_id = google.auth.default()
credentials = google.auth.credentials.with_scopes_if_required(
credentials, ["https://www.googleapis.com/auth/pubsub"]
)
authed_session = google.auth.transport.requests.AuthorizedSession(credentials)
authed_session.configure_mtls_channel()
# If the devices has default client cert source, then a mutual TLS channel
# is supposed to be created.
assert authed_session.is_mtls == mtls.has_default_client_cert_source()
# Sleep 1 second to avoid 503 error.
time.sleep(1)
if authed_session.is_mtls:
response = authed_session.get(MTLS_ENDPOINT.format(project_id))
else:
response = authed_session.get(REGULAR_ENDPOINT.format(project_id))
assert response.ok
Example 6
| Project: google-auth-library-python Author: googleapis File: test_mtls_http.py License: Apache License 2.0 | 6 votes |
|
def test_urllib3():
credentials, project_id = google.auth.default()
credentials = google.auth.credentials.with_scopes_if_required(
credentials, ["https://www.googleapis.com/auth/pubsub"]
)
authed_http = google.auth.transport.urllib3.AuthorizedHttp(credentials)
is_mtls = authed_http.configure_mtls_channel()
# If the devices has default client cert source, then a mutual TLS channel
# is supposed to be created.
assert is_mtls == mtls.has_default_client_cert_source()
# Sleep 1 second to avoid 503 error.
time.sleep(1)
if is_mtls:
response = authed_http.request("GET", MTLS_ENDPOINT.format(project_id))
else:
response = authed_http.request("GET", REGULAR_ENDPOINT.format(project_id))
assert response.status == 200
Example 7
| Project: google-auth-library-python Author: googleapis File: test_mtls_http.py License: Apache License 2.0 | 6 votes |
|
def test_requests_with_default_client_cert_source():
credentials, project_id = google.auth.default()
credentials = google.auth.credentials.with_scopes_if_required(
credentials, ["https://www.googleapis.com/auth/pubsub"]
)
authed_session = google.auth.transport.requests.AuthorizedSession(credentials)
if mtls.has_default_client_cert_source():
authed_session.configure_mtls_channel(
client_cert_callback=mtls.default_client_cert_source()
)
assert authed_session.is_mtls
# Sleep 1 second to avoid 503 error.
time.sleep(1)
response = authed_session.get(MTLS_ENDPOINT.format(project_id))
assert response.ok
Example 8
| Project: google-auth-library-python Author: googleapis File: test_mtls_http.py License: Apache License 2.0 | 6 votes |
|
def test_urllib3_with_default_client_cert_source():
credentials, project_id = google.auth.default()
credentials = google.auth.credentials.with_scopes_if_required(
credentials, ["https://www.googleapis.com/auth/pubsub"]
)
authed_http = google.auth.transport.urllib3.AuthorizedHttp(credentials)
if mtls.has_default_client_cert_source():
assert authed_http.configure_mtls_channel(
client_cert_callback=mtls.default_client_cert_source()
)
# Sleep 1 second to avoid 503 error.
time.sleep(1)
response = authed_http.request("GET", MTLS_ENDPOINT.format(project_id))
assert response.status == 200
Example 9
| Project: google-auth-library-python Author: googleapis File: test_grpc.py License: Apache License 2.0 | 6 votes |
|
def test_grpc_request_with_jwt_credentials():
credentials, project_id = google.auth.default()
audience = "https://pubsub.googleapis.com/google.pubsub.v1.Publisher"
credentials = google.auth.jwt.Credentials.from_signing_credentials(
credentials, audience=audience
)
transport = publisher_grpc_transport.PublisherGrpcTransport(
address=publisher_client.PublisherClient.SERVICE_ADDRESS,
credentials=credentials,
)
# Create a pub/sub client.
client = pubsub_v1.PublisherClient(transport=transport)
# list the topics and drain the iterator to test that an authorized API
# call works.
list_topics_iter = client.list_topics(project="projects/{}".format(project_id))
list(list_topics_iter)
Example 10
| Project: google-auth-library-python Author: googleapis File: test_grpc.py License: Apache License 2.0 | 6 votes |
|
def test_grpc_request_with_on_demand_jwt_credentials():
credentials, project_id = google.auth.default()
credentials = google.auth.jwt.OnDemandCredentials.from_signing_credentials(
credentials
)
transport = publisher_grpc_transport.PublisherGrpcTransport(
address=publisher_client.PublisherClient.SERVICE_ADDRESS,
credentials=credentials,
)
# Create a pub/sub client.
client = pubsub_v1.PublisherClient(transport=transport)
# list the topics and drain the iterator to test that an authorized API
# call works.
list_topics_iter = client.list_topics(project="projects/{}".format(project_id))
list(list_topics_iter)
Example 11
| Project: google-auth-library-python Author: googleapis File: _default.py License: Apache License 2.0 | 6 votes |
|
def _get_gcloud_sdk_credentials():
"""Gets the credentials and project ID from the Cloud SDK."""
from google.auth import _cloud_sdk
# Check if application default credentials exist.
credentials_filename = _cloud_sdk.get_application_default_credentials_path()
if not os.path.isfile(credentials_filename):
return None, None
credentials, project_id = load_credentials_from_file(credentials_filename)
if not project_id:
project_id = _cloud_sdk.get_project_id()
return credentials, project_id
Example 12
| Project: python-docs-samples Author: GoogleCloudPlatform File: samples_test.py License: Apache License 2.0 | 6 votes |
|
def test_client_library_query_bqstorage():
# [START bigquery_migration_client_library_query_bqstorage]
import google.auth
from google.cloud import bigquery
from google.cloud import bigquery_storage_v1beta1
# Create a BigQuery client and a BigQuery Storage API client with the same
# credentials to avoid authenticating twice.
credentials, project_id = google.auth.default(
scopes=["https://www.googleapis.com/auth/cloud-platform"]
)
client = bigquery.Client(credentials=credentials, project=project_id)
bqstorage_client = bigquery_storage_v1beta1.BigQueryStorageClient(
credentials=credentials
)
sql = "SELECT * FROM `bigquery-public-data.irs_990.irs_990_2012`"
# Use a BigQuery Storage API client to download results more quickly.
df = client.query(sql).to_dataframe(bqstorage_client=bqstorage_client)
# [END bigquery_migration_client_library_query_bqstorage]
assert len(df) > 0
Example 13
| Project: python-docs-samples Author: GoogleCloudPlatform File: main_test.py License: Apache License 2.0 | 6 votes |
|
def clients():
# [START bigquerystorage_pandas_tutorial_all]
# [START bigquerystorage_pandas_tutorial_create_client]
import google.auth
from google.cloud import bigquery
from google.cloud import bigquery_storage_v1beta1
# Explicitly create a credentials object. This allows you to use the same
# credentials for both the BigQuery and BigQuery Storage clients, avoiding
# unnecessary API calls to fetch duplicate authentication tokens.
credentials, your_project_id = google.auth.default(
scopes=["https://www.googleapis.com/auth/cloud-platform"]
)
# Make clients.
bqclient = bigquery.Client(
credentials=credentials,
project=your_project_id,
)
bqstorageclient = bigquery_storage_v1beta1.BigQueryStorageClient(
credentials=credentials
)
# [END bigquerystorage_pandas_tutorial_create_client]
# [END bigquerystorage_pandas_tutorial_all]
return bqclient, bqstorageclient
Example 14
| Project: python-docs-samples Author: GoogleCloudPlatform File: get_dag_prefix.py License: Apache License 2.0 | 6 votes |
|
def get_dag_prefix(project_id, location, composer_environment):
# [START composer_get_environment_dag_prefix]
import google.auth
import google.auth.transport.requests
# Authenticate with Google Cloud.
# See: https://cloud.google.com/docs/authentication/getting-started
credentials, _ = google.auth.default(
scopes=['https://www.googleapis.com/auth/cloud-platform'])
authed_session = google.auth.transport.requests.AuthorizedSession(
credentials)
# project_id = 'YOUR_PROJECT_ID'
# location = 'us-central1'
# composer_environment = 'YOUR_COMPOSER_ENVIRONMENT_NAME'
environment_url = (
'https://composer.googleapis.com/v1beta1/projects/{}/locations/{}'
'/environments/{}').format(project_id, location, composer_environment)
response = authed_session.request('GET', environment_url)
environment_data = response.json()
# Print the bucket name from the response body.
print(environment_data['config']['dagGcsPrefix'])
# [END composer_get_environment_dag_prefix]
Example 15
| Project: alfred-gmail Author: fniephaus File: _default.py License: MIT License | 6 votes |
|
def _get_gcloud_sdk_credentials():
"""Gets the credentials and project ID from the Cloud SDK."""
from google.auth import _cloud_sdk
# Check if application default credentials exist.
credentials_filename = (
_cloud_sdk.get_application_default_credentials_path())
if not os.path.isfile(credentials_filename):
return None, None
credentials, project_id = _load_credentials_from_file(
credentials_filename)
if not project_id:
project_id = _cloud_sdk.get_project_id()
return credentials, project_id
Example 16
| Project: alfred-gmail Author: fniephaus File: _default.py License: MIT License | 6 votes |
|
def _get_gce_credentials(request=None):
"""Gets credentials and project ID from the GCE Metadata Service."""
# Ping requires a transport, but we want application default credentials
# to require no arguments. So, we'll use the _http_client transport which
# uses http.client. This is only acceptable because the metadata server
# doesn't do SSL and never requires proxies.
from google.auth import compute_engine
from google.auth.compute_engine import _metadata
if request is None:
request = google.auth.transport._http_client.Request()
if _metadata.ping(request=request):
# Get the project ID.
try:
project_id = _metadata.get_project_id(request=request)
except exceptions.TransportError:
project_id = None
return compute_engine.Credentials(), project_id
else:
return None, None
Example 17
| Project: luci-py Author: luci File: _default.py License: Apache License 2.0 | 6 votes |
|
def _get_gcloud_sdk_credentials():
"""Gets the credentials and project ID from the Cloud SDK."""
from google.auth import _cloud_sdk
# Check if application default credentials exist.
credentials_filename = (
_cloud_sdk.get_application_default_credentials_path())
if not os.path.isfile(credentials_filename):
return None, None
credentials, project_id = _load_credentials_from_file(
credentials_filename)
if not project_id:
project_id = _cloud_sdk.get_project_id()
return credentials, project_id
Example 18
| Project: luci-py Author: luci File: _default.py License: Apache License 2.0 | 6 votes |
|
def _get_gcloud_sdk_credentials():
"""Gets the credentials and project ID from the Cloud SDK."""
from google.auth import _cloud_sdk
# Check if application default credentials exist.
credentials_filename = (
_cloud_sdk.get_application_default_credentials_path())
if not os.path.isfile(credentials_filename):
return None, None
credentials, project_id = _load_credentials_from_file(
credentials_filename)
if not project_id:
project_id = _cloud_sdk.get_project_id()
return credentials, project_id
Example 19
| Project: luci-py Author: luci File: _default.py License: Apache License 2.0 | 6 votes |
|
def _get_gcloud_sdk_credentials():
"""Gets the credentials and project ID from the Cloud SDK."""
from google.auth import _cloud_sdk
# Check if application default credentials exist.
credentials_filename = (
_cloud_sdk.get_application_default_credentials_path())
if not os.path.isfile(credentials_filename):
return None, None
credentials, project_id = _load_credentials_from_file(
credentials_filename)
if not project_id:
project_id = _cloud_sdk.get_project_id()
return credentials, project_id
Example 20
| Project: luci-py Author: luci File: _default.py License: Apache License 2.0 | 6 votes |
|
def _get_gcloud_sdk_credentials():
"""Gets the credentials and project ID from the Cloud SDK."""
from google.auth import _cloud_sdk
# Check if application default credentials exist.
credentials_filename = (
_cloud_sdk.get_application_default_credentials_path())
if not os.path.isfile(credentials_filename):
return None, None
credentials, project_id = _load_credentials_from_file(
credentials_filename)
if not project_id:
project_id = _cloud_sdk.get_project_id()
return credentials, project_id
Example 21
| Project: python-bigquery Author: googleapis File: magics.py License: Apache License 2.0 | 6 votes |
|
def project(self):
"""str: Default project to use for queries performed through IPython
magics
Note:
The project does not need to be explicitly defined if you have an
environment default project set. If you do not have a default
project set in your environment, manually assign the project as
demonstrated in the example below.
Example:
Manually setting the context project:
>>> from google.cloud.bigquery import magics
>>> magics.context.project = 'my-project'
"""
if self._project is None:
_, self._project = google.auth.default()
return self._project
Example 22
| Project: a2ml Author: augerai File: a2ml.py License: Apache License 2.0 | 5 votes |
|
def evaluate(self):
credentials, project = google.auth.default(scopes=['https://www.googleapis.com/auth/cloud-platform'])
authed_session = AuthorizedSession(credentials)
basename="https://automl.googleapis.com/v1beta1/"
cmd = basename + self.operation_name
response=authed_session.get(cmd)
result=json.loads(response.content)
self.ctx.log("Operation name: {}".format(result["name"]))
if (("done" in result.keys()) and result["done"]):
self.ctx.log("Model training complete.")
self.model_name = result["response"]["name"]
self.ctx.log("Model full name: {}".format(self.model_name))
self.ctx.config.set('model_name', self.model_name)
self.ctx.config.write()
response = self.client.list_model_evaluations(self.model_name)
self.ctx.log("List of model evaluations:")
for evaluation in response:
self.ctx.log("Model evaluation name: {}".format(evaluation.name))
self.ctx.log("Model evaluation id: {}".format(evaluation.name.split("/")[-1]))
self.ctx.log("Model evaluation example count: {}".format(
evaluation.evaluated_example_count))
self.ctx.log("Model evaluation time: {} seconds".format(evaluation.create_time.seconds))
self.ctx.log("Full model evaluation: {}".format(inspect.getmembers(evaluation) ))
self.ctx.log("\n")
else:
self.ctx.log("Model still training...")
Example 23
| Project: incubator-dlab Author: apache File: actions_lib.py License: Apache License 2.0 | 5 votes |
|
def __init__(self, auth_type='service_account'):
@backoff.on_exception(backoff.expo,
google.auth.exceptions.DefaultCredentialsError,
max_tries=15)
def get_gcp_cred():
credentials, project = google.auth.default()
return credentials, project
self.auth_type = auth_type
self.project = os.environ['gcp_project_id']
if os.environ['conf_resource'] == 'ssn':
os.environ['GOOGLE_APPLICATION_CREDENTIALS'] = "/root/service_account.json"
credentials, project = google.auth.default()
if credentials.requires_scopes:
credentials = credentials.with_scopes(
['https://www.googleapis.com/auth/compute',
'https://www.googleapis.com/auth/iam',
'https://www.googleapis.com/auth/cloud-platform'])
self.service = build('compute', 'v1', credentials=credentials)
self.service_iam = build('iam', 'v1', credentials=credentials)
self.dataproc = build('dataproc', 'v1', credentials=credentials)
self.service_storage = build('storage', 'v1', credentials=credentials)
self.storage_client = storage.Client(project=project, credentials=credentials)
self.service_resource = build('cloudresourcemanager', 'v1', credentials=credentials)
else:
credentials, project = get_gcp_cred()
self.service = build('compute', 'v1', credentials=credentials)
self.service_iam = build('iam', 'v1', credentials=credentials)
self.dataproc = build('dataproc', 'v1', credentials=credentials)
self.service_storage = build('storage', 'v1', credentials=credentials)
self.storage_client = storage.Client(project=project, credentials=credentials)
self.service_resource = build('cloudresourcemanager', 'v1', credentials=credentials)
Example 24
| Project: incubator-dlab Author: apache File: meta_lib.py License: Apache License 2.0 | 5 votes |
|
def __init__(self, auth_type='service_account'):
@backoff.on_exception(backoff.expo,
google.auth.exceptions.DefaultCredentialsError,
max_tries=15)
def get_gcp_cred():
credentials, project = google.auth.default()
return credentials, project
self.auth_type = auth_type
self.project = os.environ['gcp_project_id']
if os.environ['conf_resource'] == 'ssn':
os.environ['GOOGLE_APPLICATION_CREDENTIALS'] = "/root/service_account.json"
credentials, project = google.auth.default()
if credentials.requires_scopes:
credentials = credentials.with_scopes(
['https://www.googleapis.com/auth/compute',
'https://www.googleapis.com/auth/iam',
'https://www.googleapis.com/auth/cloud-platform'])
self.service = build('compute', 'v1', credentials=credentials)
self.service_iam = build('iam', 'v1', credentials=credentials)
self.dataproc = build('dataproc', 'v1', credentials=credentials)
self.service_storage = build('storage', 'v1', credentials=credentials)
self.storage_client = storage.Client(project=project, credentials=credentials)
self.service_resource = build('cloudresourcemanager', 'v1', credentials=credentials)
else:
credentials, project = get_gcp_cred()
self.service = build('compute', 'v1', credentials=credentials)
self.service_iam = build('iam', 'v1', credentials=credentials)
self.dataproc = build('dataproc', 'v1', credentials=credentials)
self.service_storage = build('storage', 'v1', credentials=credentials)
self.storage_client = storage.Client(project=project, credentials=credentials)
self.service_resource = build('cloudresourcemanager', 'v1', credentials=credentials)
Example 25
| Project: hangouts-chat-samples Author: gsuitedevs File: bot.py License: Apache License 2.0 | 5 votes |
|
def receive_messages():
"""Receives messages from a pull subscription."""
scopes = ['https://www.googleapis.com/auth/chat.bot']
credentials, project_id = google.auth.default()
credentials = credentials.with_scopes(scopes=scopes)
chat = build('chat', 'v1', credentials=credentials)
subscription_id = os.environ.get('SUBSCRIPTION_ID')
subscriber = pubsub_v1.SubscriberClient()
subscription_path = subscriber.subscription_path(
project_id, subscription_id)
def callback(message):
logging.info('Received message: %s', message.data)
event = json.loads(message.data)
space_name = event['space']['name']
# If the bot was removed, we don't need to return a response.
if event['type'] == 'REMOVED_FROM_SPACE':
logging.info('Bot removed rom space %s', space_name)
return
response = format_response(event)
# Send the asynchronous response back to Hangouts Chat
chat.spaces().messages().create(
parent=space_name,
body=response).execute()
message.ack()
subscriber.subscribe(subscription_path, callback=callback)
logging.info('Listening for messages on %s', subscription_path)
# Keep main thread from exiting while waiting for messages
while True:
time.sleep(60)
Example 26
| Project: airflow Author: apache File: test_base_google.py License: Apache License 2.0 | 5 votes |
|
def test_get_credentials_and_project_id_with_default_auth_and_unsupported_delegate(
self, mock_auth_default
):
self.instance.delegate_to = "TEST_DELLEGATE_TO"
mock_credentials = mock.MagicMock(spec=google.auth.compute_engine.Credentials)
mock_auth_default.return_value = (mock_credentials, "PROJECT_ID")
with self.assertRaisesRegex(AirflowException, re.escape(
"The `delegate_to` parameter cannot be used here as the current authentication method does not "
"support account impersonate. Please use service-account for authorization."
)):
self.instance._get_credentials_and_project_id()
Example 27
| Project: airflow Author: apache File: test_base_google.py License: Apache License 2.0 | 5 votes |
|
def test_default_scopes(self):
self.instance.extras = {'extra__google_cloud_platform__project': default_project}
self.assertEqual(self.instance.scopes, ('https://www.googleapis.com/auth/cloud-platform',))
Example 28
| Project: airflow Author: apache File: test_base_google.py License: Apache License 2.0 | 5 votes |
|
def test_provide_authorized_gcloud_key_path(self, mock_check_output, mock_project_id):
key_path = '/test/key-path'
self.instance.extras = {'extra__google_cloud_platform__key_path': key_path}
with self.instance.provide_authorized_gcloud():
self.assertEqual(os.environ[CREDENTIALS], key_path)
mock_check_output.has_calls(
mock.call(['gcloud', 'config', 'set', 'core/project', 'PROJECT_ID']),
mock.call(['gcloud', 'auth', 'activate-service-account', '--key-file=/test/key-path'])
)
Example 29
| Project: airflow Author: apache File: test_base_google.py License: Apache License 2.0 | 5 votes |
|
def test_provide_authorized_gcloud_via_gcloud_application_default(
self, mock_file, mock_check_output, mock_cloud_sdk, mock_project_id
):
# This file always exists.
mock_cloud_sdk.get_application_default_credentials_path.return_value = __file__
file_content = json.dumps({
"client_id": "CLIENT_ID",
"client_secret": "CLIENT_SECRET",
"refresh_token": "REFRESH_TOKEN",
"type": "authorized_user"
})
with mock.patch(MODULE_NAME + '.open', mock.mock_open(read_data=file_content)):
with self.instance.provide_authorized_gcloud():
# Do nothing
pass
mock_check_output.has_calls(
[
mock.call(['gcloud', 'config', 'set', 'auth/client_id', 'CLIENT_ID']),
mock.call(['gcloud', 'config', 'set', 'auth/client_secret', 'CLIENT_SECRET']),
mock.call(['gcloud', 'config', 'set', 'core/project', 'PROJECT_ID']),
mock.call(['gcloud', 'auth', 'activate-refresh-token', 'CLIENT_ID', 'REFRESH_TOKEN'])
],
any_order=False
)
Example 30
| Project: airflow Author: apache File: base_google.py License: Apache License 2.0 | 5 votes |
|
def __init__(self, gcp_conn_id: str = 'google_cloud_default', delegate_to: Optional[str] = None) -> None:
super().__init__()
self.gcp_conn_id = gcp_conn_id
self.delegate_to = delegate_to
self.extras = self.get_connection(self.gcp_conn_id).extra_dejson # type: Dict
self._cached_credentials: Optional[google.auth.credentials.Credentials] = None
self._cached_project_id: Optional[str] = None
