| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 package internal | |
| 6 | |
| 7 import ( | |
| 8 "golang.org/x/oauth2/google" | |
| 9 "google.golang.org/cloud/compute/metadata" | |
| 10 ) | |
| 11 | |
| 12 type gceTokenProvider struct { | |
| 13 oauthTokenProvider | |
| 14 | |
| 15 account string | |
| 16 } | |
| 17 | |
| 18 // NewGCETokenProvider returns TokenProvider that knows how to use GCE metadata
server. | |
| 19 func NewGCETokenProvider(account string, scopes []string) (TokenProvider, error)
{ | |
| 20 // Ensure account has requested scopes. | |
| 21 availableScopes, err := metadata.Scopes(account) | |
| 22 if err != nil { | |
| 23 return nil, err | |
| 24 } | |
| 25 for requested := range scopes { | |
| 26 ok := false | |
| 27 for available := range availableScopes { | |
| 28 if requested == available { | |
| 29 ok = true | |
| 30 break | |
| 31 } | |
| 32 } | |
| 33 if !ok { | |
| 34 return nil, ErrInsufficientAccess | |
| 35 } | |
| 36 } | |
| 37 return &gceTokenProvider{ | |
| 38 oauthTokenProvider: oauthTokenProvider{ | |
| 39 interactive: false, | |
| 40 tokenFlavor: "gce", | |
| 41 }, | |
| 42 account: account, | |
| 43 }, nil | |
| 44 } | |
| 45 | |
| 46 func (p *gceTokenProvider) MintToken() (Token, error) { | |
| 47 src := google.ComputeTokenSource(p.account) | |
| 48 tok, err := src.Token() | |
| 49 if err != nil { | |
| 50 return nil, err | |
| 51 } | |
| 52 return makeToken(tok), nil | |
| 53 } | |
| 54 | |
| 55 func (p *gceTokenProvider) RefreshToken(Token) (Token, error) { | |
| 56 // Minting and refreshing on GCE is the same thing: a call to metadata s
erver. | |
| 57 return p.MintToken() | |
| 58 } | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1153883002:
go: infra/libs/* now live in luci-go. (Closed)
Base URL: https://chromium.googlesource.com/infra/infra.git@master