Shopify uses URLs in the form my-shop-id.myshopify.com as the endpoints
for its OAuth2 dances.
Change-Id: I73d98ca285991b2f73dd9d8d366d3fdbe249e741
Reviewed-on: https://go-review.googlesource.com/42630
Reviewed-by: Jaana Burcu Dogan <jbd@google.com>
Before AppEngine classic allowed "google.golang.org/appengine" imports,
we used to maintain two hook files to choose either from "appengine" or
"google.golang.org/appengine" namespaces. Now, both environments allow
importing from "google.golang.org/appengine". Therefore, there
is no need to set hooks in two separate files.
Also note that Flex prefers to use metadata server, so we still
need to be able to differentiate between these environments.
Change-Id: I7478ebdfa1b062d466aaf2aca938f93d42b4c58a
Reviewed-on: https://go-review.googlesource.com/37378
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Checked with simple application, worked good for me.
Change-Id: I068b33c1b44a338a7b0a9b17220bc39db81f2eed
Reviewed-on: https://go-review.googlesource.com/37443
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
gofmt -s -w -l does this simplification. Running gofmt when this
package is vendored causes the vendored file to be simplified.
Change-Id: I00502ff564bd5cff2614a8372db7beb1eb4519ec
Signed-off-by: Ahmet Alp Balkan <ahmetb@google.com>
Reviewed-on: https://go-review.googlesource.com/37013
Reviewed-by: Chris Broadfoot <cbro@golang.org>
Godoc comments should start with the name of the thing they are describing.
Change-Id: Ic248aa8f549b22c716bf967c7574452085ea8c48
Reviewed-on: https://go-review.googlesource.com/36945
Reviewed-by: Chris Broadfoot <cbro@golang.org>
CL/23790 breaks the calls to Facebook, adding Facebook
to the brokens list is reported to fix the problem.
Fixesgolang/oauth2#214.
Change-Id: I3b3440de723b4933bc49b5a52698c825affbf643
Reviewed-on: https://go-review.googlesource.com/36633
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Chris Broadfoot <cbro@golang.org>
Set the KeyID hint in the token header. This allows remote servers to
identify the key used to sign the message.
Fixes#18307
Change-Id: Ib95398079833aad6b390650b465d7b09b5f53fda
Reviewed-on: https://go-review.googlesource.com/34320
Reviewed-by: Jaana Burcu Dogan <jbd@google.com>
Due to an issue in handling thread-local storages, os/user can lead to SEGV
when glibc is statically linked with.
So we prefer os.Getenv("HOME") for guessing where is the home directory.
See also: golang/go#13470
Change-Id: I1046ff93a71aa3b11299f7e6cf65ff7b1fb07eb9
Reviewed-on: https://go-review.googlesource.com/34175
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
This new function allows reading the project ID from a service account
JSON file without an additional disk read.
Change-Id: I1f03ca3ca39a2ae3bd6524367c17761b0f08de45
Reviewed-on: https://go-review.googlesource.com/32876
Reviewed-by: Jaana Burcu Dogan <jbd@google.com>
The ADC code and the JWT-parsing function operate on the same data
format, but were using separate code paths, each of which was missing
things from the other.
While this presents no change in API surface, JWTConfigFromJSON now
strictly checks the "type" field in the JSON file before building a
config.
Change-Id: I2f593a16bf4591059fbf9002bccea06e41e5e161
Reviewed-on: https://go-review.googlesource.com/32678
Reviewed-by: Jaana Burcu Dogan <jbd@google.com>
A change introduced in https://golang.org/cl/18692 expanded upon the errors
returned by the json package to be more informative about where the error occurred.
This breaks a test in oauth2 that relies on the exact form that an error takes.
Fix this test by simply checking whether it passes or not.
Fixesgolang/go#17363
Updates golang/go#11811
Change-Id: I0062dc64fc1a8fd094b14ed1d0b21528edfbb282
Reviewed-on: https://go-review.googlesource.com/30600
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
There is not a good way of autogenerating the style fixes, hence I am
manually fixing them in small chunks.
Change-Id: I1fee5956dae93f38b8f1e7460b74d3d96e7ccd2c
Reviewed-on: https://go-review.googlesource.com/27922
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Little detail that makes it easier to find the link to godoc.
Change-Id: Ic3fb467ae23bce3cc2e3801d78221a4187be4462
Reviewed-on: https://go-review.googlesource.com/27915
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
This package is not a general-use JWS implementation and should live
under internal. For now, just add a warning that no new users should
depend on it.
Updates #196.
Change-Id: I0eef273c8327a5ad26eb33a4425afcadca23494b
Reviewed-on: https://go-review.googlesource.com/27692
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
There is no good reason why we suggest NoContext rather than
context.Background(). When the oauth2 library first came around, the
community was not familiar with the x/net/context package. For
documentation reasons, we decided to add NoContext to the oauth2
package. It was not a good idea even back then. And given that context
package is fairly popular, there is no good reason why we are
depending on this.
Updating all the references of NoContext with context.Background
and documenting it as deprecated.
Change-Id: I18e390f1351023a29b567777a3f963dd550cf657
Reviewed-on: https://go-review.googlesource.com/27690
Reviewed-by: Chris Broadfoot <cbro@golang.org>
This adds a reference to the golang.org/x/oauth2/clientcredentials
package in the docstring for oauth2.Config.
Change-Id: Iee0f36e07fda76c25b9f79e0db3807867a39fab2
Reviewed-on: https://go-review.googlesource.com/25387
Reviewed-by: Jaana Burcu Dogan <jbd@google.com>
go vet reports the following warnings:
google/jwt_test.go:85:
missing argument for Fatalf("%q"): format reads arg 2, have only 1 args
google/sdk_test.go:28:
wrong number of args for format in Errorf call: 1 needed but 2 args
Change-Id: If5acfae42b558ced7694dd7bc6f12ab4a3cb6115
Reviewed-on: https://go-review.googlesource.com/24992
Reviewed-by: Jaana Burcu Dogan <jbd@google.com>
The Raw (unpadded) version of URL encoding was introduced in Go 1.5.
Since we no longer need to support Go 1.4 (and indeed, Go 1.4 won't work
because of our dependency on golang.org/x/net/context), we can simplify
the base64 encoding/decoding to use this directly.
Fixesgolang/oauth2#190.
Change-Id: Ic2676edf5fe5b4d1680409fd9c02bd1c287ca39f
Reviewed-on: https://go-review.googlesource.com/25000
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
x packages are not guranteed to build against previous versions of
Go. The current build is failing because of:
../net/context/ctxhttp/ctxhttp.go:35: req.Cancel undefined
Change-Id: Ib7ee48455c1c2d04aa6b82e2202a3796fcf3478d
Reviewed-on: https://go-review.googlesource.com/23286
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
The context library recommends never using a nil Context, and
context.Background() provides an empty Context appropriate for use in
unit tests.
Change-Id: I2656f846ea1f892ad41ad63a92ecb789a46e3453
Reviewed-on: https://go-review.googlesource.com/22791
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Test is currently failing due to a missed colon during cleanup.
Change-Id: I8cef4b679b2d981ad159441bffac67b7b23862aa
Reviewed-on: https://go-review.googlesource.com/22742
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Provides helper method for verifying a signed JWT against a provided
public key.
Change-Id: I498ecfce07862c372fd5f81c1fcdc09692ed0f5c
Reviewed-on: https://go-review.googlesource.com/21762
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Adds a function to generate a clientcredentials.Config from a HipChat
Connect addon's capability descriptor and a provided application secret.
Useful when writing addons.
Change-Id: I4578f5683aa9ed728e503cb3b08ff0bf743a62a4
Reviewed-on: https://go-review.googlesource.com/22397
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Since NewTransportFromTokenStore() is removed, mockCache is therefore
useless. It should be safe to remove it, too.
Change-Id: I5678684af31e5de75e420b28d859e33909e0a718
Reviewed-on: https://go-review.googlesource.com/22113
Reviewed-by: Jaana Burcu Dogan <jbd@google.com>