Managed VM users should depend on http.DefaultTransport by default.

google/appengine.go

@@ -12,8 +12,9 @@ import (
 // AppEngineConfig represents a configuration for an
 // App Engine application's Google service account.
 type AppEngineConfig struct {
-	// Transport represents the default transport to be used while constructing
+	// Transport is the transport to be used
-	// oauth2.Transport instances from this configuration.
+	// to construct new oauth2.Transport instances from
+	// this configuration.
 	Transport *urlfetch.Transport
 
 	context appengine.Context

google/appenginevm.go

@@ -3,33 +3,31 @@
 package google
 
 import (
+	"net/http"
+
 	"github.com/golang/oauth2"
 	"google.golang.org/appengine"
-	"google.golang.org/appengine/urlfetch"
 )
 
 // AppEngineConfig represents a configuration for an
 // App Engine application's Google service account.
 type AppEngineConfig struct {
-	// Transport represents the default transport to be used while constructing
+	// Transport is the round tripper to be used
-	// oauth2.Transport instances from this configuration.
+	// to construct new oauth2.Transport instances from
-	Transport *urlfetch.Transport
+	// this configuration.
-	context   appengine.Context
+	Transport http.RoundTripper
 
-	scopes []string
+	context appengine.Context
+	scopes  []string
 }
 
 // NewAppEngineConfig creates a new AppEngineConfig for the
 // provided auth scopes.
 func NewAppEngineConfig(context appengine.Context, scopes []string) *AppEngineConfig {
 	return &AppEngineConfig{
-		Transport: &urlfetch.Transport{
+		Transport: http.DefaultTransport,
-			Context:                       context,
+		context:   context,
-			Deadline:                      0,
+		scopes:    scopes,
-			AllowInvalidServerCertificate: false,
-		},
-		context: context,
-		scopes:  scopes,
 	}
 }
 

google/google.go

@@ -37,12 +37,12 @@ type metaTokenRespBody struct {
 // ComputeEngineConfig represents a OAuth 2.0 consumer client
 // running on Google Compute Engine.
 type ComputeEngineConfig struct {
-	// Client is the default HTTP client to be used while retrieving
+	// Client is the HTTP client to be used to retrieve
 	// tokens from the OAuth 2.0 provider.
 	Client *http.Client
 
-	// Transport represents the default round tripper to be used
+	// Transport is the round tripper to be used
-	// while constructing new oauth2.Transport instances from
+	// to construct new oauth2.Transport instances from
 	// this configuration.
 	Transport http.RoundTripper
 

jwt.go

@@ -67,12 +67,12 @@ func NewJWTConfig(opts *JWTOptions, aud string) (*JWTConfig, error) {
 // JWTConfig represents an OAuth 2.0 provider and client options to
 // provide authorized transports with a Bearer JWT token.
 type JWTConfig struct {
-	// Client is the default HTTP client to be used while retrieving
+	// Client is the HTTP client to be used to retrieve
 	// tokens from the OAuth 2.0 provider.
 	Client *http.Client
 
-	// Transport represents the default round tripper to be used
+	// Transport is the round tripper to be used
-	// while constructing new oauth2.Transport instances from
+	// to construct new oauth2.Transport instances from
 	// this configuration.
 	Transport http.RoundTripper
 

oauth2.go

@@ -111,12 +111,12 @@ func NewConfig(opts *Options, authURL, tokenURL string) (*Config, error) {
 
 // Config represents the configuration of an OAuth 2.0 consumer client.
 type Config struct {
-	// Client is the default HTTP client to be used while retrieving
+	// Client is the HTTP client to be used to retrieve
 	// tokens from the OAuth 2.0 provider.
 	Client *http.Client
 
-	// Transport represents the default round tripper to be used
+	// Transport is the round tripper to be used
-	// while constructing new oauth2.Transport instances from
+	// to construct new oauth2.Transport instances from
 	// this configuration.
 	Transport http.RoundTripper