google: Remove TLSConfig injection logic in favor of HTTPClient injection via context

This commit is contained in:
Andy Zhao 2023-02-28 12:14:12 -08:00
parent d171fca96d
commit a1f84d645a
2 changed files with 0 additions and 34 deletions

View File

@ -6,7 +6,6 @@ package google
import ( import (
"context" "context"
"crypto/tls"
"encoding/json" "encoding/json"
"fmt" "fmt"
"io/ioutil" "io/ioutil"
@ -66,9 +65,6 @@ type CredentialsParams struct {
// The OAuth2 TokenURL to use, which depends on whether mTLS is enabled. Optional. // The OAuth2 TokenURL to use, which depends on whether mTLS is enabled. Optional.
TokenURL string TokenURL string
// The TLSConfig used for constructing an mTLS-enabled HTTP client. Optional.
TLSConfig *tls.Config
} }
func (params CredentialsParams) deepCopy() CredentialsParams { func (params CredentialsParams) deepCopy() CredentialsParams {

View File

@ -6,12 +6,9 @@ package google
import ( import (
"context" "context"
"crypto/tls"
"encoding/json" "encoding/json"
"errors" "errors"
"fmt" "fmt"
"net"
"net/http"
"net/url" "net/url"
"strings" "strings"
"time" "time"
@ -19,7 +16,6 @@ import (
"cloud.google.com/go/compute/metadata" "cloud.google.com/go/compute/metadata"
"golang.org/x/oauth2" "golang.org/x/oauth2"
"golang.org/x/oauth2/google/internal/externalaccount" "golang.org/x/oauth2/google/internal/externalaccount"
"golang.org/x/oauth2/internal"
"golang.org/x/oauth2/jwt" "golang.org/x/oauth2/jwt"
) )
@ -185,9 +181,6 @@ func (f *credentialsFile) tokenSource(ctx context.Context, params CredentialsPar
cfg.Endpoint.TokenURL = Endpoint.TokenURL cfg.Endpoint.TokenURL = Endpoint.TokenURL
} }
} }
if params.TLSConfig != nil {
ctx = context.WithValue(ctx, internal.HTTPClient, customHTTPClient(params.TLSConfig))
}
tok := &oauth2.Token{RefreshToken: f.RefreshToken} tok := &oauth2.Token{RefreshToken: f.RefreshToken}
return cfg.TokenSource(ctx, tok), nil return cfg.TokenSource(ctx, tok), nil
case externalAccountKey: case externalAccountKey:
@ -289,26 +282,3 @@ func (cs computeSource) Token() (*oauth2.Token, error) {
"oauth2.google.serviceAccount": acct, "oauth2.google.serviceAccount": acct,
}), nil }), nil
} }
// customHTTPClient constructs an HTTPClient using the provided tlsConfig, to support mTLS.
func customHTTPClient(tlsConfig *tls.Config) *http.Client {
trans := baseTransport()
trans.TLSClientConfig = tlsConfig
return &http.Client{Transport: trans}
}
func baseTransport() *http.Transport {
return &http.Transport{
Proxy: http.ProxyFromEnvironment,
DialContext: (&net.Dialer{
Timeout: 30 * time.Second,
KeepAlive: 30 * time.Second,
DualStack: true,
}).DialContext,
MaxIdleConns: 100,
MaxIdleConnsPerHost: 100,
IdleConnTimeout: 90 * time.Second,
TLSHandshakeTimeout: 10 * time.Second,
ExpectContinueTimeout: 1 * time.Second,
}
}