refactor: make impersonateTokenSource struct public

to impersonate the service account from the JSON config file, the existing impersonation mechanism can be reused. Updates #515
2021-08-23 10:52:40 +02:00 · 2021-08-23 10:52:40 +02:00 · 3c21182782
parent cb87a576ab
commit 3c21182782
2 changed files with 15 additions and 15 deletions
--- a/google/internal/externalaccount/basecredentials.go
+++ b/google/internal/externalaccount/basecredentials.go
@ -140,11 +140,11 @@ func (c *Config) tokenSource(ctx context.Context, tokenURLValidPats []*regexp.Re
 	}
 	scopes := c.Scopes
 	ts.conf.Scopes = []string{"https://www.googleapis.com/auth/cloud-platform"}
-	imp := impersonateTokenSource{
-		ctx:    ctx,
-		url:    c.ServiceAccountImpersonationURL,
-		scopes: scopes,
-		ts:     oauth2.ReuseTokenSource(nil, ts),
+	imp := ImpersonateTokenSource{
+		Ctx:    ctx,
+		Url:    c.ServiceAccountImpersonationURL,
+		Scopes: scopes,
+		Ts:     oauth2.ReuseTokenSource(nil, ts),
 	}
 	return oauth2.ReuseTokenSource(nil, imp), nil
 }
--- a/google/internal/externalaccount/impersonate.go
+++ b/google/internal/externalaccount/impersonate.go
@ -29,30 +29,30 @@ type impersonateTokenResponse struct {
 	ExpireTime  string `json:"expireTime"`
 }

-type impersonateTokenSource struct {
-	ctx context.Context
-	ts  oauth2.TokenSource
+type ImpersonateTokenSource struct {
+	Ctx context.Context
+	Ts  oauth2.TokenSource

-	url    string
-	scopes []string
+	Url    string
+	Scopes []string
 }

 // Token performs the exchange to get a temporary service account token to allow access to GCP.
-func (its impersonateTokenSource) Token() (*oauth2.Token, error) {
+func (its ImpersonateTokenSource) Token() (*oauth2.Token, error) {
 	reqBody := generateAccessTokenReq{
 		Lifetime: "3600s",
-		Scope:    its.scopes,
+		Scope:    its.Scopes,
 	}
 	b, err := json.Marshal(reqBody)
 	if err != nil {
 		return nil, fmt.Errorf("oauth2/google: unable to marshal request: %v", err)
 	}
-	client := oauth2.NewClient(its.ctx, its.ts)
-	req, err := http.NewRequest("POST", its.url, bytes.NewReader(b))
+	client := oauth2.NewClient(its.Ctx, its.Ts)
+	req, err := http.NewRequest("POST", its.Url, bytes.NewReader(b))
 	if err != nil {
 		return nil, fmt.Errorf("oauth2/google: unable to create impersonation request: %v", err)
 	}
-	req = req.WithContext(its.ctx)
+	req = req.WithContext(its.Ctx)
 	req.Header.Set("Content-Type", "application/json")

 	resp, err := client.Do(req)