aboutsummaryrefslogtreecommitdiff
path: root/vendor/golang.org/x/oauth2
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/golang.org/x/oauth2')
-rw-r--r--vendor/golang.org/x/oauth2/google/google.go19
-rw-r--r--vendor/golang.org/x/oauth2/google/jwt.go3
-rw-r--r--vendor/golang.org/x/oauth2/internal/token.go14
-rw-r--r--vendor/golang.org/x/oauth2/jws/jws.go3
-rw-r--r--vendor/golang.org/x/oauth2/jwt/jwt.go4
5 files changed, 28 insertions, 15 deletions
diff --git a/vendor/golang.org/x/oauth2/google/google.go b/vendor/golang.org/x/oauth2/google/google.go
index 464c75a..4e96fb6 100644
--- a/vendor/golang.org/x/oauth2/google/google.go
+++ b/vendor/golang.org/x/oauth2/google/google.go
@@ -86,18 +86,21 @@ func ConfigFromJSON(jsonKey []byte, scope ...string) (*oauth2.Config, error) {
// https://console.developers.google.com to download a JSON key file.
func JWTConfigFromJSON(jsonKey []byte, scope ...string) (*jwt.Config, error) {
var key struct {
- Email string `json:"client_email"`
- PrivateKey string `json:"private_key"`
+ Email string `json:"client_email"`
+ PrivateKey string `json:"private_key"`
+ PrivateKeyID string `json:"private_key_id"`
}
if err := json.Unmarshal(jsonKey, &key); err != nil {
return nil, err
}
- return &jwt.Config{
- Email: key.Email,
- PrivateKey: []byte(key.PrivateKey),
- Scopes: scope,
- TokenURL: JWTTokenURL,
- }, nil
+ config := &jwt.Config{
+ Email: key.Email,
+ PrivateKey: []byte(key.PrivateKey),
+ PrivateKeyID: key.PrivateKeyID,
+ Scopes: scope,
+ TokenURL: JWTTokenURL,
+ }
+ return config, nil
}
// ComputeTokenSource returns a token source that fetches access tokens
diff --git a/vendor/golang.org/x/oauth2/google/jwt.go b/vendor/golang.org/x/oauth2/google/jwt.go
index b919917..b0fdb3a 100644
--- a/vendor/golang.org/x/oauth2/google/jwt.go
+++ b/vendor/golang.org/x/oauth2/google/jwt.go
@@ -36,6 +36,7 @@ func JWTAccessTokenSourceFromJSON(jsonKey []byte, audience string) (oauth2.Token
email: cfg.Email,
audience: audience,
pk: pk,
+ pkID: cfg.PrivateKeyID,
}
tok, err := ts.Token()
if err != nil {
@@ -47,6 +48,7 @@ func JWTAccessTokenSourceFromJSON(jsonKey []byte, audience string) (oauth2.Token
type jwtAccessTokenSource struct {
email, audience string
pk *rsa.PrivateKey
+ pkID string
}
func (ts *jwtAccessTokenSource) Token() (*oauth2.Token, error) {
@@ -62,6 +64,7 @@ func (ts *jwtAccessTokenSource) Token() (*oauth2.Token, error) {
hdr := &jws.Header{
Algorithm: "RS256",
Typ: "JWT",
+ KeyID: string(ts.pkID),
}
msg, err := jws.Encode(hdr, cs, ts.pk)
if err != nil {
diff --git a/vendor/golang.org/x/oauth2/internal/token.go b/vendor/golang.org/x/oauth2/internal/token.go
index a6ed3cc..18328a0 100644
--- a/vendor/golang.org/x/oauth2/internal/token.go
+++ b/vendor/golang.org/x/oauth2/internal/token.go
@@ -146,23 +146,23 @@ func providerAuthHeaderWorks(tokenURL string) bool {
return true
}
-func RetrieveToken(ctx context.Context, ClientID, ClientSecret, TokenURL string, v url.Values) (*Token, error) {
+func RetrieveToken(ctx context.Context, clientID, clientSecret, tokenURL string, v url.Values) (*Token, error) {
hc, err := ContextClient(ctx)
if err != nil {
return nil, err
}
- v.Set("client_id", ClientID)
- bustedAuth := !providerAuthHeaderWorks(TokenURL)
- if bustedAuth && ClientSecret != "" {
- v.Set("client_secret", ClientSecret)
+ v.Set("client_id", clientID)
+ bustedAuth := !providerAuthHeaderWorks(tokenURL)
+ if bustedAuth && clientSecret != "" {
+ v.Set("client_secret", clientSecret)
}
- req, err := http.NewRequest("POST", TokenURL, strings.NewReader(v.Encode()))
+ req, err := http.NewRequest("POST", tokenURL, strings.NewReader(v.Encode()))
if err != nil {
return nil, err
}
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
if !bustedAuth {
- req.SetBasicAuth(ClientID, ClientSecret)
+ req.SetBasicAuth(clientID, clientSecret)
}
r, err := hc.Do(req)
if err != nil {
diff --git a/vendor/golang.org/x/oauth2/jws/jws.go b/vendor/golang.org/x/oauth2/jws/jws.go
index 29887ea..2343443 100644
--- a/vendor/golang.org/x/oauth2/jws/jws.go
+++ b/vendor/golang.org/x/oauth2/jws/jws.go
@@ -92,6 +92,9 @@ type Header struct {
// Represents the token type.
Typ string `json:"typ"`
+
+ // The optional hint of which key is being used.
+ KeyID string `json:"kid,omitempty"`
}
func (h *Header) encode() (string, error) {
diff --git a/vendor/golang.org/x/oauth2/jwt/jwt.go b/vendor/golang.org/x/oauth2/jwt/jwt.go
index 2ffad21..f4b9523 100644
--- a/vendor/golang.org/x/oauth2/jwt/jwt.go
+++ b/vendor/golang.org/x/oauth2/jwt/jwt.go
@@ -46,6 +46,10 @@ type Config struct {
//
PrivateKey []byte
+ // PrivateKeyID contains an optional hint indicating which key is being
+ // used.
+ PrivateKeyID string
+
// Subject is the optional user to impersonate.
Subject string