AuthState-class: Authorization state

An AuthState object manages an authorization state, typically on behalf of a client package that makes requests to a Google API.

The How to use gargle for auth in a client package vignette describes a design for wrapper packages that relies on an AuthState object. This state can then be incorporated into the package's requests for tokens and can control the inclusion of tokens in requests to the target API.

• api_key is the simplest way to associate a request with a specific Google Cloud Platform project. A few calls to certain APIs, e.g. reading a public Sheet, can succeed with an API key, but this is the exception.

• app is an OAuth app associated with a specific Google Cloud Platform project. This is used in the OAuth flow, in which an authenticated user authorizes the app to access or manipulate data on their behalf.

• auth_active reflects whether outgoing requests will be authorized by an authenticated user or are unauthorized requests for public resources. These two states correspond to sending a request with a token versus an API key, respectively.

• cred is where the current token is cached within a session, once one has been fetched. It is generally assumed to be an instance of httr::TokenServiceAccount or httr::Token2.0 (or a subclass thereof), probably obtained via token_fetch() (or one of its constituent credential fetching functions).

An AuthState should be created through the constructor function init_AuthState(), which has more details on the arguments.