Commit Graph

238 Commits

Author SHA1 Message Date
Andrew Gerrand 798d582d94 google: implement application default credentials
Google is moving toward a default, language-agnostic way of obtaining
authentication credentials on App Engine and Compute Engine.
This change implements this mechanism.

Fixes #90.

Change-Id: Iaae4d60bbc75b1a9f2ec6ad14ab76fb2e279d756
Reviewed-on: https://go-review.googlesource.com/6074
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-03-19 05:52:14 +00:00
Andrew Gerrand e3a16b05d6 doc: add app engine docs to the readme
Change-Id: I71dc6930470ad64659a419dd578c91bb14c7cab2
Reviewed-on: https://go-review.googlesource.com/7713
Reviewed-by: David Symonds <dsymonds@golang.org>
2015-03-18 04:47:09 +00:00
Andrew Gerrand c4932a9b59 oauth2: clarify docs on Exchange (nil context isn't ok)
Fixes golang/oauth2#100

Change-Id: I28afb4f02b817ffd0ff91fb10bfca5306d2c21c6
Reviewed-on: https://go-review.googlesource.com/7615
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-03-16 02:10:04 +00:00
Kun 42633ef623 oauth2: Add TrainingPeaks to list of broken oauth2 endpoints
Fixes #97

Change-Id: I8c61214aeb5fdd049a4eddbf8e8a25b130c908b0
Reviewed-on: https://go-review.googlesource.com/7450
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-03-12 02:54:27 +00:00
Alex Bramley 7e88c64e80 oauth2: Add Pushbullet to set of broken providers.
https://api.pushbullet.com/ accepts client_secret as a POST body parameter
but not via HTTP basic auth, so it needs to be on this list. I have asked
them to fix it properly too :-)

Change-Id: Iff3cba20592c66d5a38755f47b05f1e992dfbad6
Reviewed-on: https://go-review.googlesource.com/7381
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-03-12 01:13:50 +00:00
Nikolay Turpitko 2167774341 oauth2: long if condition in providerAuthHeaderWorks replaced with loop
Long if condition replaced with loop.

Related to issue #41.

Change-Id: Ib5b88ce2ee2841e9b6c24d78f93bb027141bf678
Reviewed-on: https://go-review.googlesource.com/7290
Reviewed-by: Andrew Gerrand <adg@golang.org>
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-03-11 04:57:51 +00:00
Nikolay Turpitko 6d4eed4495 oauth2: fix expires_in for PayPal
PayPal returns "expires_in" token field as string, not integer.
So, current implementation cannot unmarshal json of tokenJSON due type mismatch.
This patch fixes the issue declaring field as interface{} in tokenJSON and performing type switch in "func (e *tokenJSON) expiry()".

Related to issue #41.

Change-Id: I69301e08c8a56fca049ca47906e32528cd22aef9
Reviewed-on: https://go-review.googlesource.com/6924
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-03-10 04:54:57 +00:00
Burcu Dogan 54a4310f85 oauth2/google: ConfigFromJSON should support the installed app credentials
client_credentials.json may contain credentials for the installed
applications. Populate the Config depending on what's available in
the JSON key.

Change-Id: I47f494f1c31967a920fe557a9e8c1c4652943c4e
Reviewed-on: https://go-review.googlesource.com/7250
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-03-10 02:48:34 +00:00
Burcu Dogan 5cccf1a7e7 oauth2: add a test that checks token reuse
Change-Id: I6bd9cadc489418708635ca55a21955b94203bede
Reviewed-on: https://go-review.googlesource.com/7240
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-03-09 23:38:39 +00:00
Nikolay Turpitko 10e6bf9f9d oauth2: provider list modified in providerAuthHeaderWorks
Added vk.com and odnoklassniki.ru to provider list in providerAuthHeaderWorks.

Related to issue #41.

Change-Id: If1374528e8f1200d22f8694c5e32cdeae6ebb6ea
Reviewed-on: https://go-review.googlesource.com/6925
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-03-08 22:43:19 +00:00
HuKeping 5a0a1b2881 oauth2: remove unnecessary ClientSecret check
Since the empty client secret is permitted by the OAuth 2.0 spec.
The check for clientSecret in retriveTokoen is unnecessary.

Redo #6740

Signed-off-by: Hu Keping <hukeping@huawei.com>

Change-Id: I9126c79a1f8b9d6051c213ee3f93c442a36ca65d
Reviewed-on: https://go-review.googlesource.com/6900
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-03-05 23:19:29 +00:00
Andrew Gerrand 96e89befdc oauth2: remove oauth2.Context type, simplify App Engine token code
You can now use the "google.golang.org/appengine" packages on both
Managed VMs and App Engine Classic(TM). The newer packages use the
context.Context instead of appengine.Context, so we no longer need the
oauth2.Context type.

Some clients will require code changes, replacing oauth2.Context or
appengine.Context with context.Context (imported from
the repository "golang.org/x/net/context").

Users of classic App Engine must switch to using the new
"google.golang.org/appengine" packages in order to use the oauth2
package.

Fixes #89

Change-Id: Ibaff3117117f9f7c5d1b3048a6e4086f62c18c3b
Reviewed-on: https://go-review.googlesource.com/6075
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-03-05 03:18:37 +00:00
Burcu Dogan a0fac97f6e oauth2/internal: provide better error messaging if key parse fails
Change-Id: I4ad794fbcb58fa16e4f2bf7e113cab2451deab25
Reviewed-on: https://go-review.googlesource.com/5423
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-03-02 02:51:04 +00:00
Andrew Gerrand 5738e56ec6 oauth2: drop pre-1.4 workaround
Change-Id: Icac33569b4937602b0aac46ec36cc85b5aa53877
Reviewed-on: https://go-review.googlesource.com/6071
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-02-26 04:22:16 +00:00
Ryan Lower 85a72d36ea oauth2: Add stripe connect to list of bad OAuth2 providers
Stripe connect only accepts client secret using via the
Authorization header using 'Bearer' as the method (not 'Basic').

Change-Id: I978d9ce2092fbad3c1a00fde21d689c8e57a3cf1
Reviewed-on: https://go-review.googlesource.com/5532
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-02-23 02:33:40 +00:00
Andrew Gerrand 36fb42e1e8 doc: add CONTRIBUTING.md
Change-Id: I6cb60270a3de13fd5b8e06ae9ecffc08d6b6d8d5
Reviewed-on: https://go-review.googlesource.com/5222
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-02-18 23:42:55 +00:00
James Sweet 35468a7526 Adds twitch.tv to the list of known OAuth2 providers that do not implement the spec fully.
Change-Id: I4db53ae2d039de3ddf9cb84e4211d2e0c4f6c41f
Reviewed-on: https://go-review.googlesource.com/5180
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-02-18 19:43:35 +00:00
Burcu Dogan 407aee3975 oauth2/google: add client_credentials.json Config constructor
Change-Id: I27969a381784f83db7cc8287f65f4ba6a1d972bb
Reviewed-on: https://go-review.googlesource.com/4968
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-02-17 23:11:05 +00:00
Yuki Yugui Sonoda 721c86aedb oauth2/google: fix decode error in Cloud SDK config
google.NewCloudSDK fails to decode credentials file if it contains
service account.
NOTE: the private key in testdata is generated only for this test.

Fixes #86 (https://github.com/golang/oauth2/issues/86).

Change-Id: I9e9e8e10763723d1bf1f953b491aa6e6f3ee760c
Reviewed-on: https://go-review.googlesource.com/4220
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-02-12 05:35:05 +00:00
Dave Day d838a7d6be oauth2/google: simplify the mechanism for overriding gcloud config location
Change-Id: I360fac6b13d11dda221beaa6b46ff386adfc2ec8
Reviewed-on: https://go-review.googlesource.com/4670
Reviewed-by: David Symonds <dsymonds@golang.org>
Run-TryBot: David Symonds <dsymonds@golang.org>
2015-02-12 04:54:22 +00:00
Burcu Dogan 864eccb6a0 oauth2: remove stale comment
Change-Id: If9fba85ac8b20545cee54cafe1c7672880acf498
Reviewed-on: https://go-review.googlesource.com/4391
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-02-10 15:57:03 +00:00
Péter Surányi b0e7ac8c3a oauth2: Context godoc typo fix
Change-Id: I9fbc394a6545754621e808f5d6c4f7622248eaa2
Reviewed-on: https://go-review.googlesource.com/4163
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-02-08 18:20:03 +00:00
Andrew Gerrand 1406aeefb0 oauth2: clarify comment about tokenRefresher's thread safety
Change-Id: I9a3faedb8faf7701be7c82c7fff964b56d7c96c8
Reviewed-on: https://go-review.googlesource.com/4116
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-02-07 21:36:27 +00:00
Jim Cote cc2494a288 oauth2: fixes tokenRefresher.Token() ignores new refresh_token
Fixes bug documented in Issue #84 (https://github.com/golang/oauth2/issues/84#issuecomment-72711375).

During a refresh request, a new refresh token MAY be returned by the authorization server.  When this occurs, tokenRefesher.Token() fails to capture the new refresh token leaving it with an invalid refresh token for future calls.

Change-Id: I33b18fdbb750549174865f75eddf85b9725cf281
Reviewed-on: https://go-review.googlesource.com/4151
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-02-07 21:11:15 +00:00
Paul Rosania 6f28996586 oauth2: Resource Owner Password Credentials grant
Adds support for the Resource Owner Password Credentials grant type, which
allows trusted clients to exchange user credentials for an access token
directly. This is generally a bad idea, but is extremely useful in some
situations, where an external redirect is undesirable or impossible.

See https://tools.ietf.org/html/rfc6749#section-4.3

Change-Id: I28efd77957bcf8e1174e93ba0c64a990b94eb839
Reviewed-on: https://go-review.googlesource.com/3862
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-02-06 10:06:27 +00:00
Aaron Jacobs 7b840c3264 oauth2: Remove what appears to be an out of date comment.
TokenRefresher with that capitalization is not a symbol, and SetToken
doesn't occur anywhere in the package as far as I can tell.

Change-Id: If61f059ed8bb1ca21e27aa99669e542160747fe7
Reviewed-on: https://go-review.googlesource.com/3958
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-02-05 23:49:51 +00:00
Aaron Jacobs 53c5ae1b31 oauth2: Fix some redundant wording in the docs for AccessTypeOnline.
Change-Id: I124553bd38b229e409e152cf364d55c847b70ba4
Reviewed-on: https://go-review.googlesource.com/3950
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-02-05 16:18:09 +00:00
Andrew Gerrand 27daa780a8 oauth2: add googleapis.com to list of broken oauth2 endpoints
Fixes #85

Change-Id: Ic60eee227763ab4041248716880416056c850f95
Reviewed-on: https://go-review.googlesource.com/3873
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-02-04 14:04:51 +00:00
Burcu Dogan 2b74ab268d oauth2: expire the tokens 10 seconds earlier
It avoids the late expiration due to the server time mismatch.

Change-Id: I126a76cff112fbeb92b71dd036195555b20e637b
Reviewed-on: https://go-review.googlesource.com/3307
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-01-26 21:59:20 +00:00
Dave Day d8ba9d6c17 google/appengine: change managed VMs context to context.Context
This follows the change to the google.golang.org/appengine packages
to use the standard context.Context type throughout.

Change-Id: I91b456105ee29f2088c3646145ea0a940f8ffaf4
Reviewed-on: https://go-review.googlesource.com/3172
Reviewed-by: Burcu Dogan <jbd@google.com>
Reviewed-by: David Symonds <dsymonds@golang.org>
2015-01-22 23:37:40 +00:00
Burcu Dogan 267028f9bc oauth2/internal: fix the broken ini parsing test
Change-Id: I1032b759e036f57bc49eec951d08d8b22728c1a0
Reviewed-on: https://go-review.googlesource.com/3117
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-01-21 19:53:08 +00:00
Johan Euphrosine ab6e11b96c oauth2/google: add config type to use Cloud SDK credentials
Change-Id: Ied7fecc0cb155c33faca7766b81221eacb3aa0c0
Reviewed-on: https://go-review.googlesource.com/1670
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-01-21 19:13:56 +00:00
Burcu Dogan 95a9f97e51 oauth2: don't require the appengine package during go-get
"appengine appenginevm" requires the Classic dependencies to
be go-getted. Our travis build doesn't have the right setup
to checkout the Classic App Engine package to the Travis
instance.

Change-Id: I13daa505be4c8ac209021c7e69a114f5eddd6d1e
Reviewed-on: https://go-review.googlesource.com/2982
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-01-17 18:51:33 +00:00
Burcu Dogan b4b040c683 oauth2: fix the build
Travis build is still depending on the old build tag configuration
which is now invalid.

Change-Id: I9db75f5d65d5cd9b8f2350815f190ea93ed6d6d9
Reviewed-on: https://go-review.googlesource.com/2956
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-01-16 21:06:43 +00:00
Burcu Dogan 3e0a89646b oauth2/google: exclude the App Engine implementations if not on an AE app
Change-Id: If44bb4498975495301b85e2cf44f73d3373ab16c
Reviewed-on: https://go-review.googlesource.com/2980
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-01-16 20:45:34 +00:00
Brad Fitzpatrick 2e66694fea oauth2/google: remove unused context parameter from JWTConfigFromJSON
Change-Id: I392ecf76b68f51840a9e4a27596e9ff3724d9128
Reviewed-on: https://go-review.googlesource.com/2732
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-01-13 23:34:08 +00:00
Brad Fitzpatrick 5361962df4 oauth2/google: use the metadata package, cleanups
Verified it compiles on Go 1.2 now too.

Fixes golang/oauth2#70

Change-Id: I099a86676d2464b3840f1798bbca914a202eb195
Reviewed-on: https://go-review.googlesource.com/2372
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-01-06 20:06:52 +00:00
Burcu Dogan 685f9f8718 oauth2: Token.Extra should be type agnostic
Change-Id: Ic8496d10de47181f6b9c16360b5101c6314d71ee
Reviewed-on: https://go-review.googlesource.com/1653
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-01-02 19:45:10 +00:00
Brad Fitzpatrick ed997606a9 oauth2, oauth2/jwt: break JWT off into its own package
Change-Id: Iaaa36728f87744e0d9609674f0d0ad96e6ac80b4
Reviewed-on: https://go-review.googlesource.com/2198
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-01-02 18:35:08 +00:00
Brad Fitzpatrick dfb470cc49 oauth2: fix typo in Token docs and clarify mutability of Token
Change-Id: I1093cffbd4b6fe25cd5b7cfb31e820b15fcfa41f
Reviewed-on: https://go-review.googlesource.com/2197
Reviewed-by: Burcu Dogan <jbd@google.com>
2014-12-31 03:26:08 +00:00
Brad Fitzpatrick a379e41d44 oauth2, oauth2/google: add, use ReuseTokenSource
Token caching is now done whenever you make a Client, and
ReuseTokenSource is exported from the oauth2 package and used by the
Google TokenSources (Compute and App Engine).

Token.Expired is now Token.Valid, and works on nil receivers.

Some other wording cleanups in the process.

All tests pass. App Engine should pass, but is untested.

Change-Id: Ibe1d2599ac3ccfe9b399b1672f74bb24cfc8d311
Reviewed-on: https://go-review.googlesource.com/2195
Reviewed-by: Burcu Dogan <jbd@google.com>
2014-12-30 22:27:30 +00:00
Jay Weisskopf e5909d4679 oauth2: remove duplicate package doc and import comments
The comments already live in oauth2.go.

Change-Id: I103113fbc8138b242cb6f79052fdc6b29bf6f031
Reviewed-on: https://go-review.googlesource.com/2131
Reviewed-by: Andrew Gerrand <adg@golang.org>
2014-12-28 23:09:48 +00:00
Jay Weisskopf 158e906f14 oauth2: update "review" to "codereview" in CONTRIBUTING
Ticks have also been added around commands for style.

Change-Id: Ie2f1934503f73a106cc60d8f9e122dcee69bd000
Reviewed-on: https://go-review.googlesource.com/2130
Reviewed-by: Andrew Gerrand <adg@golang.org>
2014-12-28 23:09:26 +00:00
Burcu Dogan 0a3f39965a oauth2: fix the broken appengine build
Change-Id: I7d1af87be35d9e3bd3d0b5dcd659d07cde873b56
Reviewed-on: https://go-review.googlesource.com/1925
Reviewed-by: Andrew Gerrand <adg@golang.org>
2014-12-21 23:30:00 +00:00
Brad Fitzpatrick 78bedfddc3 oauth2: support CancelRequest when Transport.Base is nil
Fixes #54

Change-Id: If00d0ce8e1c0cf32a4b7dba5506187b9012940bc
Reviewed-on: https://go-review.googlesource.com/1879
Reviewed-by: Burcu Dogan <jbd@google.com>
2014-12-21 05:42:19 +00:00
Brad Fitzpatrick f5b40b26f1 oauth2: use a JSON struct types instead of empty interface maps
Change-Id: Ifd66ea35c15dbd14acca0c945b533ec755de12e4
Reviewed-on: https://go-review.googlesource.com/1872
Reviewed-by: Burcu Dogan <jbd@google.com>
2014-12-20 06:52:21 +00:00
Brad Fitzpatrick 9abe144dd5 oauth2: move Token into its own file (no code changes)
Change-Id: I5248f48cc1af68a0f78a8ddf7e28b91a729f5460
Reviewed-on: https://go-review.googlesource.com/1870
Reviewed-by: David Symonds <dsymonds@golang.org>
2014-12-19 04:29:46 +00:00
Burcu Dogan 289b5d10a0 oauth2: handle token expiry for JWT
Change-Id: I84b4c282ef00e87d13a9b16fdcebd97ea5ed4f4e
Reviewed-on: https://go-review.googlesource.com/1650
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2014-12-18 22:13:51 +00:00
Burcu Dogan 13407478f7 oauth2/google: better instructions for the PKCS12 to PEM conversion
Change-Id: Ibcbde1e0131e0a1f90f66978d9b9a7f3aa3dceb6
Reviewed-on: https://go-review.googlesource.com/1660
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2014-12-17 00:34:13 +00:00
Dave Day 928c2dd7dc oauth2: make sure travis runs at the target commit, not head
Also, change the target Go version to 1.4 and make the 'go get' command
only perform the download step (no building).

Change-Id: Iafa3c218d2418b2a2681ce2c03bd1ff833afb317
Reviewed-on: https://go-review.googlesource.com/1702
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Burcu Dogan <jbd@google.com>
2014-12-17 00:27:35 +00:00