[Findit] Fetch DEPS from buildspec/ instead of trunk for chrome official builds.

appengine/findit/common/http_client_appengine.py

Index: appengine/findit/common/http_client_appengine.py
diff --git a/appengine/findit/common/http_client_appengine.py b/appengine/findit/common/http_client_appengine.py
index 171f89773ca132841819695ac99c6f57802b8965..d1edbcc0faa848c9dcc0ab45b36c9fc6415dac41 100644
--- a/appengine/findit/common/http_client_appengine.py
+++ b/appengine/findit/common/http_client_appengine.py
@@ -7,11 +7,20 @@ import logging
 
 from google.appengine.api import urlfetch
 
+from common import auth_util
 from common.retry_http_client import RetryHttpClient
 
 
+#TODO(katesonia): Move this to config.
+_INTERNAL_HOSTS = ['https://chrome-internal.googlesource.com/']
+
+
 class HttpClientAppengine(RetryHttpClient):  # pragma: no cover
   """A http client for running on appengine."""
+
+  def _ExpandAuthorizationHeaders(self, headers):
+    headers['Authorization'] = 'Bearer ' + auth_util.GetAuthToken()
+
   def _ShouldLogError(self, status_code):
     if not self.no_error_logging_statuses:
       return True
@@ -21,6 +30,14 @@ class HttpClientAppengine(RetryHttpClient):  # pragma: no cover
     # We wanted to validate certificate to avoid the man in the middle.
     if not headers:
       headers = {}
+
+    # For google internal hosts, expand Oauth2.0 token to headers to authorize
+    # the requests.
+    for host in _INTERNAL_HOSTS:
+      if url.startswith(host):
+        self._ExpandAuthorizationHeaders(headers)
+        break
+
     if method in (urlfetch.POST, urlfetch.PUT):
       result = urlfetch.fetch(
           url, payload=data, method=method,