diff options
Diffstat (limited to 'vendor/golang.org/x/oauth2')
-rw-r--r-- | vendor/golang.org/x/oauth2/google/google.go | 19 | ||||
-rw-r--r-- | vendor/golang.org/x/oauth2/google/jwt.go | 3 | ||||
-rw-r--r-- | vendor/golang.org/x/oauth2/internal/token.go | 14 | ||||
-rw-r--r-- | vendor/golang.org/x/oauth2/jws/jws.go | 3 | ||||
-rw-r--r-- | vendor/golang.org/x/oauth2/jwt/jwt.go | 4 |
5 files changed, 28 insertions, 15 deletions
diff --git a/vendor/golang.org/x/oauth2/google/google.go b/vendor/golang.org/x/oauth2/google/google.go index 464c75a..4e96fb6 100644 --- a/vendor/golang.org/x/oauth2/google/google.go +++ b/vendor/golang.org/x/oauth2/google/google.go @@ -86,18 +86,21 @@ func ConfigFromJSON(jsonKey []byte, scope ...string) (*oauth2.Config, error) { // https://console.developers.google.com to download a JSON key file. func JWTConfigFromJSON(jsonKey []byte, scope ...string) (*jwt.Config, error) { var key struct { - Email string `json:"client_email"` - PrivateKey string `json:"private_key"` + Email string `json:"client_email"` + PrivateKey string `json:"private_key"` + PrivateKeyID string `json:"private_key_id"` } if err := json.Unmarshal(jsonKey, &key); err != nil { return nil, err } - return &jwt.Config{ - Email: key.Email, - PrivateKey: []byte(key.PrivateKey), - Scopes: scope, - TokenURL: JWTTokenURL, - }, nil + config := &jwt.Config{ + Email: key.Email, + PrivateKey: []byte(key.PrivateKey), + PrivateKeyID: key.PrivateKeyID, + Scopes: scope, + TokenURL: JWTTokenURL, + } + return config, nil } // ComputeTokenSource returns a token source that fetches access tokens diff --git a/vendor/golang.org/x/oauth2/google/jwt.go b/vendor/golang.org/x/oauth2/google/jwt.go index b919917..b0fdb3a 100644 --- a/vendor/golang.org/x/oauth2/google/jwt.go +++ b/vendor/golang.org/x/oauth2/google/jwt.go @@ -36,6 +36,7 @@ func JWTAccessTokenSourceFromJSON(jsonKey []byte, audience string) (oauth2.Token email: cfg.Email, audience: audience, pk: pk, + pkID: cfg.PrivateKeyID, } tok, err := ts.Token() if err != nil { @@ -47,6 +48,7 @@ func JWTAccessTokenSourceFromJSON(jsonKey []byte, audience string) (oauth2.Token type jwtAccessTokenSource struct { email, audience string pk *rsa.PrivateKey + pkID string } func (ts *jwtAccessTokenSource) Token() (*oauth2.Token, error) { @@ -62,6 +64,7 @@ func (ts *jwtAccessTokenSource) Token() (*oauth2.Token, error) { hdr := &jws.Header{ Algorithm: "RS256", Typ: "JWT", + KeyID: string(ts.pkID), } msg, err := jws.Encode(hdr, cs, ts.pk) if err != nil { diff --git a/vendor/golang.org/x/oauth2/internal/token.go b/vendor/golang.org/x/oauth2/internal/token.go index a6ed3cc..18328a0 100644 --- a/vendor/golang.org/x/oauth2/internal/token.go +++ b/vendor/golang.org/x/oauth2/internal/token.go @@ -146,23 +146,23 @@ func providerAuthHeaderWorks(tokenURL string) bool { return true } -func RetrieveToken(ctx context.Context, ClientID, ClientSecret, TokenURL string, v url.Values) (*Token, error) { +func RetrieveToken(ctx context.Context, clientID, clientSecret, tokenURL string, v url.Values) (*Token, error) { hc, err := ContextClient(ctx) if err != nil { return nil, err } - v.Set("client_id", ClientID) - bustedAuth := !providerAuthHeaderWorks(TokenURL) - if bustedAuth && ClientSecret != "" { - v.Set("client_secret", ClientSecret) + v.Set("client_id", clientID) + bustedAuth := !providerAuthHeaderWorks(tokenURL) + if bustedAuth && clientSecret != "" { + v.Set("client_secret", clientSecret) } - req, err := http.NewRequest("POST", TokenURL, strings.NewReader(v.Encode())) + req, err := http.NewRequest("POST", tokenURL, strings.NewReader(v.Encode())) if err != nil { return nil, err } req.Header.Set("Content-Type", "application/x-www-form-urlencoded") if !bustedAuth { - req.SetBasicAuth(ClientID, ClientSecret) + req.SetBasicAuth(clientID, clientSecret) } r, err := hc.Do(req) if err != nil { diff --git a/vendor/golang.org/x/oauth2/jws/jws.go b/vendor/golang.org/x/oauth2/jws/jws.go index 29887ea..2343443 100644 --- a/vendor/golang.org/x/oauth2/jws/jws.go +++ b/vendor/golang.org/x/oauth2/jws/jws.go @@ -92,6 +92,9 @@ type Header struct { // Represents the token type. Typ string `json:"typ"` + + // The optional hint of which key is being used. + KeyID string `json:"kid,omitempty"` } func (h *Header) encode() (string, error) { diff --git a/vendor/golang.org/x/oauth2/jwt/jwt.go b/vendor/golang.org/x/oauth2/jwt/jwt.go index 2ffad21..f4b9523 100644 --- a/vendor/golang.org/x/oauth2/jwt/jwt.go +++ b/vendor/golang.org/x/oauth2/jwt/jwt.go @@ -46,6 +46,10 @@ type Config struct { // PrivateKey []byte + // PrivateKeyID contains an optional hint indicating which key is being + // used. + PrivateKeyID string + // Subject is the optional user to impersonate. Subject string |