aboutsummaryrefslogtreecommitdiff
path: root/vendor/google.golang.org/api/internal
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/google.golang.org/api/internal')
-rw-r--r--vendor/google.golang.org/api/internal/creds.go104
-rw-r--r--vendor/google.golang.org/api/internal/service-account.json12
-rw-r--r--vendor/google.golang.org/api/internal/settings.go18
3 files changed, 125 insertions, 9 deletions
diff --git a/vendor/google.golang.org/api/internal/creds.go b/vendor/google.golang.org/api/internal/creds.go
new file mode 100644
index 0000000..b546b63
--- /dev/null
+++ b/vendor/google.golang.org/api/internal/creds.go
@@ -0,0 +1,104 @@
+// Copyright 2017 Google Inc. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package internal
+
+import (
+ "encoding/json"
+ "fmt"
+ "io/ioutil"
+ "time"
+
+ "golang.org/x/net/context"
+ "golang.org/x/oauth2"
+ "golang.org/x/oauth2/google"
+)
+
+// Creds returns credential information obtained from DialSettings, or if none, then
+// it returns default credential information.
+func Creds(ctx context.Context, ds *DialSettings) (*google.DefaultCredentials, error) {
+ if ds.CredentialsFile != "" {
+ return credFileTokenSource(ctx, ds.CredentialsFile, ds.Scopes...)
+ }
+ if ds.TokenSource != nil {
+ return &google.DefaultCredentials{TokenSource: ds.TokenSource}, nil
+ }
+ return google.FindDefaultCredentials(ctx, ds.Scopes...)
+}
+
+// credFileTokenSource reads a refresh token file or a service account and returns
+// a TokenSource constructed from the config.
+func credFileTokenSource(ctx context.Context, filename string, scope ...string) (*google.DefaultCredentials, error) {
+ data, err := ioutil.ReadFile(filename)
+ if err != nil {
+ return nil, fmt.Errorf("cannot read credentials file: %v", err)
+ }
+ // See if it is a refresh token credentials file first.
+ ts, ok, err := refreshTokenTokenSource(ctx, data, scope...)
+ if err != nil {
+ return nil, err
+ }
+ if ok {
+ return &google.DefaultCredentials{
+ TokenSource: ts,
+ JSON: data,
+ }, nil
+ }
+
+ // If not, it should be a service account.
+ cfg, err := google.JWTConfigFromJSON(data, scope...)
+ if err != nil {
+ return nil, fmt.Errorf("google.JWTConfigFromJSON: %v", err)
+ }
+ // jwt.Config does not expose the project ID, so re-unmarshal to get it.
+ var pid struct {
+ ProjectID string `json:"project_id"`
+ }
+ if err := json.Unmarshal(data, &pid); err != nil {
+ return nil, err
+ }
+ return &google.DefaultCredentials{
+ ProjectID: pid.ProjectID,
+ TokenSource: cfg.TokenSource(ctx),
+ JSON: data,
+ }, nil
+}
+
+func refreshTokenTokenSource(ctx context.Context, data []byte, scope ...string) (oauth2.TokenSource, bool, error) {
+ var c cred
+ if err := json.Unmarshal(data, &c); err != nil {
+ return nil, false, fmt.Errorf("cannot unmarshal credentials file: %v", err)
+ }
+ if c.ClientID == "" || c.ClientSecret == "" || c.RefreshToken == "" || c.Type != "authorized_user" {
+ return nil, false, nil
+ }
+ cfg := &oauth2.Config{
+ ClientID: c.ClientID,
+ ClientSecret: c.ClientSecret,
+ Endpoint: google.Endpoint,
+ RedirectURL: "urn:ietf:wg:oauth:2.0:oob",
+ Scopes: scope,
+ }
+ return cfg.TokenSource(ctx, &oauth2.Token{
+ RefreshToken: c.RefreshToken,
+ Expiry: time.Now(),
+ }), true, nil
+}
+
+type cred struct {
+ ClientID string `json:"client_id"`
+ ClientSecret string `json:"client_secret"`
+ RefreshToken string `json:"refresh_token"`
+ Type string `json:"type"`
+}
diff --git a/vendor/google.golang.org/api/internal/service-account.json b/vendor/google.golang.org/api/internal/service-account.json
new file mode 100644
index 0000000..2cb54c2
--- /dev/null
+++ b/vendor/google.golang.org/api/internal/service-account.json
@@ -0,0 +1,12 @@
+{
+ "type": "service_account",
+ "project_id": "project_id",
+ "private_key_id": "private_key_id",
+ "private_key": "private_key",
+ "client_email": "xyz@developer.gserviceaccount.com",
+ "client_id": "123",
+ "auth_uri": "https://accounts.google.com/o/oauth2/auth",
+ "token_uri": "https://accounts.google.com/o/oauth2/token",
+ "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
+ "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/xyz%40developer.gserviceaccount.com"
+}
diff --git a/vendor/google.golang.org/api/internal/settings.go b/vendor/google.golang.org/api/internal/settings.go
index d7b9f57..5147191 100644
--- a/vendor/google.golang.org/api/internal/settings.go
+++ b/vendor/google.golang.org/api/internal/settings.go
@@ -25,13 +25,13 @@ import (
// DialSettings holds information needed to establish a connection with a
// Google API service.
type DialSettings struct {
- Endpoint string
- Scopes []string
- ServiceAccountJSONFilename string // if set, TokenSource is ignored.
- TokenSource oauth2.TokenSource
- UserAgent string
- APIKey string
- HTTPClient *http.Client
- GRPCDialOpts []grpc.DialOption
- GRPCConn *grpc.ClientConn
+ Endpoint string
+ Scopes []string
+ TokenSource oauth2.TokenSource
+ CredentialsFile string // if set, Token Source is ignored.
+ UserAgent string
+ APIKey string
+ HTTPClient *http.Client
+ GRPCDialOpts []grpc.DialOption
+ GRPCConn *grpc.ClientConn
}