Commit Graph

87 Commits

Author SHA1 Message Date
Ross Light f6093e37b6 google: add DefaultCredentials function
This new function allows reading the project ID from a service account
JSON file without an additional disk read.

Change-Id: I1f03ca3ca39a2ae3bd6524367c17761b0f08de45
Reviewed-on: https://go-review.googlesource.com/32876
Reviewed-by: Jaana Burcu Dogan <jbd@google.com>
2016-11-30 17:46:31 +00:00
Ross Light d5040cddfc google: refactor JWT parsing code internally
The ADC code and the JWT-parsing function operate on the same data
format, but were using separate code paths, each of which was missing
things from the other.

While this presents no change in API surface, JWTConfigFromJSON now
strictly checks the "type" field in the JSON file before building a
config.

Change-Id: I2f593a16bf4591059fbf9002bccea06e41e5e161
Reviewed-on: https://go-review.googlesource.com/32678
Reviewed-by: Jaana Burcu Dogan <jbd@google.com>
2016-11-07 20:33:27 +00:00
Jaana Burcu Dogan 2d2b68866f google: make JWTConfigFromJSON set TokenURL from the JSON's token_uri
Fixes golang/oauth2#199.

Change-Id: I534def935c7143e4276b5d880127b0af35409f9a
Reviewed-on: https://go-review.googlesource.com/28411
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2016-09-02 05:03:02 +00:00
Jonathan Amsterdam 04e1573abc oauth2/google: change import paths
Change google.golang.org/cloud to cloud.google.com/go.

Change-Id: I6955a38ab97019d3d1dc094979e0ca2e45dea071
Reviewed-on: https://go-review.googlesource.com/25363
Reviewed-by: Chris Broadfoot <cbro@golang.org>
2016-08-03 22:09:26 +00:00
Sean Rees 12e1e98615 google: fix warnings from go vet
go vet reports the following warnings:
google/jwt_test.go:85:
missing argument for Fatalf("%q"): format reads arg 2, have only 1 args

google/sdk_test.go:28:
wrong number of args for format in Errorf call: 1 needed but 2 args

Change-Id: If5acfae42b558ced7694dd7bc6f12ab4a3cb6115
Reviewed-on: https://go-review.googlesource.com/24992
Reviewed-by: Jaana Burcu Dogan <jbd@google.com>
2016-07-19 16:36:24 +00:00
Dave Day a870243201 jws: use base64.RawURLEncoding
The Raw (unpadded) version of URL encoding was introduced in Go 1.5.
Since we no longer need to support Go 1.4 (and indeed, Go 1.4 won't work
because of our dependency on golang.org/x/net/context), we can simplify
the base64 encoding/decoding to use this directly.

Fixes golang/oauth2#190.

Change-Id: Ic2676edf5fe5b4d1680409fd9c02bd1c287ca39f
Reviewed-on: https://go-review.googlesource.com/25000
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2016-07-18 01:11:30 +00:00
Brad Fitzpatrick 4470bd844e google: fix the build when appengine isn't present
See https://build.golang.org/log/c3e046245c4eafbb7b2571ef9ac144b0d29ba2b5

Updates golang/go#11811

Change-Id: I16d2ac26dcda123e1bd8c456e490f6ca45111d24
Reviewed-on: https://go-review.googlesource.com/24946
Reviewed-by: Andrew Gerrand <adg@golang.org>
Reviewed-by: Chris Broadfoot <cbro@golang.org>
2016-07-15 18:42:06 +00:00
Dave Day df5b72659a google: support key ID in JWTAccessTokenSourceFromJSON
Change-Id: I20ffede5bf81aa4990afb2820561d5633cdb43a8
Reviewed-on: https://go-review.googlesource.com/24440
Reviewed-by: Chris Broadfoot <cbro@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2016-07-02 01:08:09 +00:00
Sean Harger f6a14f0423 google: Update godocs to reflect recent GCP front-end changes.
Updated references to the API manager to reflect the new stand-alone API
manager at http://console.developers.google.com.

Change-Id: I156cce7b844850a560bfbf2b64fb0d8da5edaefe
Reviewed-on: https://go-review.googlesource.com/22706
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2016-05-03 00:48:36 +00:00
Andrew Gerrand 038cb4adce all: change copyright to 'Go Authors'
Fixes golang/go#12354

Change-Id: Ie4bbe9445e2a840c9db830c9bd52a783b7a6f9bc
Reviewed-on: https://go-review.googlesource.com/13952
Reviewed-by: Russ Cox <rsc@golang.org>
2015-10-22 04:14:42 +00:00
Andrew Gerrand 166f7cf994 google: set expiry on JWTAccessTokenSource
Change-Id: Ib1ff6511ce38e17711486743601241285a34f164
Reviewed-on: https://go-review.googlesource.com/14934
Reviewed-by: Julien Boeuf <jboeuf@google.com>
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-09-24 05:27:11 +00:00
Chris Broadfoot 52dcf34690 google: Re-enable AppEngineTokenSource to be used from Managed VMs.
Fixes #152.

Change-Id: I757c011d3ac5dca8f80fb2119eda3adf8c178ca6
Reviewed-on: https://go-review.googlesource.com/14622
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-09-16 01:14:15 +00:00
Chris Broadfoot ad0128250e Remove use of appenginevm build tag.
Managed VM apps can use the net/http package directly, and can use the
metadata server instead of the appengine package to get Service Account
tokens.

Change-Id: Ifa30eea446ffe4a9121ce3401900f4b73ddf07db
Reviewed-on: https://go-review.googlesource.com/14125
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-09-02 21:49:11 +00:00
Andrew Gerrand 897d9734bb google: set token type on returned JWTAccessToken, tweak docs
Change-Id: Id83af8110c7c89ca5ffe793149230fa3f87a6baf
Reviewed-on: https://go-review.googlesource.com/14198
Reviewed-by: Dave Day <djd@golang.org>
2015-09-02 03:46:34 +00:00
Andrew Gerrand 397fe76494 google: add support for JWT Access Tokens
This is a new form of authentication for Google services, where instead
of passing a signed claim to obtain a token from the OAuth endpoint, you
present the signed claim *as* the token to the API endpoint.

Fixes #139.
Fixes #140.

Change-Id: Ibf0f168a0ec111660ac08b86121c943fb96e146c
Reviewed-on: https://go-review.googlesource.com/10667
Reviewed-by: David Symonds <dsymonds@golang.org>
Reviewed-by: Dave Day <djd@golang.org>
2015-08-13 22:40:26 +00:00
Burcu Dogan d2a4aec992 oauth/google: fix the broken default credentials link
Change-Id: Iceb8f2fa393a1de4dbb0ab3b85ccee1da5c2b5b7
Reviewed-on: https://go-review.googlesource.com/8474
Reviewed-by: David Symonds <dsymonds@golang.org>
2015-04-05 01:25:05 +00:00
Andrew Gerrand 798d582d94 google: implement application default credentials
Google is moving toward a default, language-agnostic way of obtaining
authentication credentials on App Engine and Compute Engine.
This change implements this mechanism.

Fixes #90.

Change-Id: Iaae4d60bbc75b1a9f2ec6ad14ab76fb2e279d756
Reviewed-on: https://go-review.googlesource.com/6074
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-03-19 05:52:14 +00:00
Burcu Dogan 54a4310f85 oauth2/google: ConfigFromJSON should support the installed app credentials
client_credentials.json may contain credentials for the installed
applications. Populate the Config depending on what's available in
the JSON key.

Change-Id: I47f494f1c31967a920fe557a9e8c1c4652943c4e
Reviewed-on: https://go-review.googlesource.com/7250
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-03-10 02:48:34 +00:00
Andrew Gerrand 96e89befdc oauth2: remove oauth2.Context type, simplify App Engine token code
You can now use the "google.golang.org/appengine" packages on both
Managed VMs and App Engine Classic(TM). The newer packages use the
context.Context instead of appengine.Context, so we no longer need the
oauth2.Context type.

Some clients will require code changes, replacing oauth2.Context or
appengine.Context with context.Context (imported from
the repository "golang.org/x/net/context").

Users of classic App Engine must switch to using the new
"google.golang.org/appengine" packages in order to use the oauth2
package.

Fixes #89

Change-Id: Ibaff3117117f9f7c5d1b3048a6e4086f62c18c3b
Reviewed-on: https://go-review.googlesource.com/6075
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-03-05 03:18:37 +00:00
Andrew Gerrand 5738e56ec6 oauth2: drop pre-1.4 workaround
Change-Id: Icac33569b4937602b0aac46ec36cc85b5aa53877
Reviewed-on: https://go-review.googlesource.com/6071
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-02-26 04:22:16 +00:00
Burcu Dogan 407aee3975 oauth2/google: add client_credentials.json Config constructor
Change-Id: I27969a381784f83db7cc8287f65f4ba6a1d972bb
Reviewed-on: https://go-review.googlesource.com/4968
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-02-17 23:11:05 +00:00
Yuki Yugui Sonoda 721c86aedb oauth2/google: fix decode error in Cloud SDK config
google.NewCloudSDK fails to decode credentials file if it contains
service account.
NOTE: the private key in testdata is generated only for this test.

Fixes #86 (https://github.com/golang/oauth2/issues/86).

Change-Id: I9e9e8e10763723d1bf1f953b491aa6e6f3ee760c
Reviewed-on: https://go-review.googlesource.com/4220
Reviewed-by: Andrew Gerrand <adg@golang.org>
2015-02-12 05:35:05 +00:00
Dave Day d838a7d6be oauth2/google: simplify the mechanism for overriding gcloud config location
Change-Id: I360fac6b13d11dda221beaa6b46ff386adfc2ec8
Reviewed-on: https://go-review.googlesource.com/4670
Reviewed-by: David Symonds <dsymonds@golang.org>
Run-TryBot: David Symonds <dsymonds@golang.org>
2015-02-12 04:54:22 +00:00
Burcu Dogan 864eccb6a0 oauth2: remove stale comment
Change-Id: If9fba85ac8b20545cee54cafe1c7672880acf498
Reviewed-on: https://go-review.googlesource.com/4391
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-02-10 15:57:03 +00:00
Dave Day d8ba9d6c17 google/appengine: change managed VMs context to context.Context
This follows the change to the google.golang.org/appengine packages
to use the standard context.Context type throughout.

Change-Id: I91b456105ee29f2088c3646145ea0a940f8ffaf4
Reviewed-on: https://go-review.googlesource.com/3172
Reviewed-by: Burcu Dogan <jbd@google.com>
Reviewed-by: David Symonds <dsymonds@golang.org>
2015-01-22 23:37:40 +00:00
Johan Euphrosine ab6e11b96c oauth2/google: add config type to use Cloud SDK credentials
Change-Id: Ied7fecc0cb155c33faca7766b81221eacb3aa0c0
Reviewed-on: https://go-review.googlesource.com/1670
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-01-21 19:13:56 +00:00
Burcu Dogan 3e0a89646b oauth2/google: exclude the App Engine implementations if not on an AE app
Change-Id: If44bb4498975495301b85e2cf44f73d3373ab16c
Reviewed-on: https://go-review.googlesource.com/2980
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2015-01-16 20:45:34 +00:00
Brad Fitzpatrick 2e66694fea oauth2/google: remove unused context parameter from JWTConfigFromJSON
Change-Id: I392ecf76b68f51840a9e4a27596e9ff3724d9128
Reviewed-on: https://go-review.googlesource.com/2732
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-01-13 23:34:08 +00:00
Brad Fitzpatrick 5361962df4 oauth2/google: use the metadata package, cleanups
Verified it compiles on Go 1.2 now too.

Fixes golang/oauth2#70

Change-Id: I099a86676d2464b3840f1798bbca914a202eb195
Reviewed-on: https://go-review.googlesource.com/2372
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-01-06 20:06:52 +00:00
Brad Fitzpatrick ed997606a9 oauth2, oauth2/jwt: break JWT off into its own package
Change-Id: Iaaa36728f87744e0d9609674f0d0ad96e6ac80b4
Reviewed-on: https://go-review.googlesource.com/2198
Reviewed-by: Burcu Dogan <jbd@google.com>
2015-01-02 18:35:08 +00:00
Brad Fitzpatrick a379e41d44 oauth2, oauth2/google: add, use ReuseTokenSource
Token caching is now done whenever you make a Client, and
ReuseTokenSource is exported from the oauth2 package and used by the
Google TokenSources (Compute and App Engine).

Token.Expired is now Token.Valid, and works on nil receivers.

Some other wording cleanups in the process.

All tests pass. App Engine should pass, but is untested.

Change-Id: Ibe1d2599ac3ccfe9b399b1672f74bb24cfc8d311
Reviewed-on: https://go-review.googlesource.com/2195
Reviewed-by: Burcu Dogan <jbd@google.com>
2014-12-30 22:27:30 +00:00
Burcu Dogan 13407478f7 oauth2/google: better instructions for the PKCS12 to PEM conversion
Change-Id: Ibcbde1e0131e0a1f90f66978d9b9a7f3aa3dceb6
Reviewed-on: https://go-review.googlesource.com/1660
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
2014-12-17 00:34:13 +00:00
Burcu Dogan 9b6b7610ad oauth2: rewrite google package, fix the broken build
Change-Id: I2753a88d7be483bdbc0cac09a1beccc4806ea4bc
Reviewed-on: https://go-review.googlesource.com/1361
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Andrew Gerrand <adg@golang.org>
2014-12-16 06:20:58 +00:00
Burcu Dogan e750a2fd5a oauth2: add vanity URL import comments, use the vanity URL on builds
Change-Id: Ia20e40d98aa709e3d598388e0a15501584152ab5
2014-11-26 11:47:34 -08:00
Burcu Dogan b846388564 oauth2: Removing the inconsistent and duplicate features, better naming
- Removed Flow, flow is a nothing but options.
- Renamed Cacher to Storer.
- Removed the setter from the Transport. Store should do the initial set.
  Getter is not removed, because extra fields are available through
  Transport.Token.Extra(). It's not pleasant to implement a custom Storer
  implementation to read such values.

oauth2: Remove VMs from the AppEngine example title
2014-11-25 14:36:49 -08:00
Burcu Dogan 0cf6f9b144 Introduce an option function type
- Reduce the duplicate code by merging the flows and
determining the flow type by looking at the provided options.
- Options as a function type allows us to validate an individual
an option in its scope and makes it easier to compose the
built-in options with the third-party ones.
2014-11-08 09:46:26 +11:00
Glenn Lewis 94c2b61903 Locally cache oauth tokens.
This change is for both App Engine and Managed VMs so that these apps can scale without running into the app_identity_service quota limit due to calling appengine.AccessToken too frequently.  An added benefit of caching is that calls to Google APIs will be significantly sped up due to removing the round-trip calls to the api_identity_service.
2014-10-31 16:04:03 -07:00
Burcu Dogan 2e27b6b6cb Handle non-2xx for metadata server responses. 2014-10-23 10:06:00 -07:00
Paddy Foran ad051cf1e6 Update metadata server URL to be a FQDN.
Without a fully qualified domain name, containers (like Docker) can't
connect to the metadata server. Update the address for the metadata
server to be a FQDN so containers can use the library. See #44.
2014-10-07 17:38:45 -04:00
Andrew Gerrand c03fd6cc9b Merge branch 'master' of github.com:golang/oauth2 2014-09-30 07:38:32 +10:00
Andrew Gerrand 040e271ca2 use variadics and fix build tags for App Engine files 2014-09-30 07:38:10 +10:00
Burcu Dogan 7ffb9a8fe1 Fixing path.join for URL generation. 2014-09-22 08:37:20 -07:00
Burcu Dogan a388976807 Fixing build constraints for GAE and GAE managed runtime.
GAE managed VM runtime contains both appengine and appenginevm
build tags. Currently, appengine.go is being built even if user
wants to use the package on managed VM that errors with no
"appengine" package to import.
2014-09-08 13:34:36 -07:00
Burcu Dogan 97a89b3be5 Access type and approval prompt should be set at URL generation. 2014-09-04 23:30:06 -07:00
Burcu Dogan 9d409b9dbd Merge branch 'jsonkeyfile' 2014-09-03 19:26:04 -07:00
Burcu Dogan 948919caa0 Merge branch 'httpclient' 2014-09-03 18:04:35 -07:00
Burcu Dogan 331436720f Adding support for Google Developers Console JSON key files. 2014-09-03 18:02:55 -07:00
Burcu Dogan 9d55d5b30b Relax AppEngineConfig to allow RoundTrippers. 2014-09-03 17:20:29 -07:00
Burcu Dogan 533cae1f5a Add missing license headers. 2014-09-03 11:50:43 -07:00
Burcu Dogan 8524783bd7 Allow configs to be initialised with zero values for Client and Transport. 2014-09-02 14:06:51 -07:00