| OLD | NEW |
| 1 // Copyright 2015 The LUCI Authors. All rights reserved. | 1 // Copyright 2015 The LUCI Authors. All rights reserved. |
| 2 // Use of this source code is governed under the Apache License, Version 2.0 | 2 // Use of this source code is governed under the Apache License, Version 2.0 |
| 3 // that can be found in the LICENSE file. | 3 // that can be found in the LICENSE file. |
| 4 | 4 |
| 5 // Package client implements OAuth2 authentication for outbound connections | 5 // Package client implements OAuth2 authentication for outbound connections |
| 6 // from Appengine using service account keys. It supports native GAE service | 6 // from Appengine using service account keys. It supports native GAE service |
| 7 // account credentials and external ones provided via JSON keys. It caches | 7 // account credentials and external ones provided via JSON keys. It caches |
| 8 // access tokens in memcache. | 8 // access tokens in memcache. |
| 9 package client | 9 package client |
| 10 | 10 |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 62 opts.ServiceAccountJSON = serviceAccountJSON | 62 opts.ServiceAccountJSON = serviceAccountJSON |
| 63 } else { | 63 } else { |
| 64 opts.Method = auth.CustomMethod | 64 opts.Method = auth.CustomMethod |
| 65 opts.CustomTokenMinter = tokenMinter{c} | 65 opts.CustomTokenMinter = tokenMinter{c} |
| 66 } | 66 } |
| 67 return auth.NewAuthenticator(c, auth.SilentLogin, opts), nil | 67 return auth.NewAuthenticator(c, auth.SilentLogin, opts), nil |
| 68 } | 68 } |
| 69 | 69 |
| 70 // Transport returns http.RoundTripper that injects Authorization headers into | 70 // Transport returns http.RoundTripper that injects Authorization headers into |
| 71 // requests. It uses an authenticator returned by Authenticator. | 71 // requests. It uses an authenticator returned by Authenticator. |
| 72 // If scopes is empty, uses auth.OAuthScopeEmail scope. |
| 72 func Transport(c context.Context, scopes []string, serviceAccountJSON []byte) (h
ttp.RoundTripper, error) { | 73 func Transport(c context.Context, scopes []string, serviceAccountJSON []byte) (h
ttp.RoundTripper, error) { |
| 73 a, err := Authenticator(c, scopes, serviceAccountJSON) | 74 a, err := Authenticator(c, scopes, serviceAccountJSON) |
| 74 if err != nil { | 75 if err != nil { |
| 75 return nil, err | 76 return nil, err |
| 76 } | 77 } |
| 77 return a.Transport() | 78 return a.Transport() |
| 78 } | 79 } |
| 79 | 80 |
| 80 // UseServiceAccountTransport injects authenticating transport into | 81 // UseServiceAccountTransport injects authenticating transport into |
| 81 // context.Context. It can be extracted back via transport.Get(c). It will be | 82 // context.Context. It can be extracted back via transport.Get(c). It will be |
| 82 // lazy-initialized on a first use. | 83 // lazy-initialized on a first use. |
| 84 // If scopes is empty, uses auth.OAuthScopeEmail scope. |
| 83 func UseServiceAccountTransport(c context.Context, scopes []string, serviceAccou
ntJSON []byte) context.Context { | 85 func UseServiceAccountTransport(c context.Context, scopes []string, serviceAccou
ntJSON []byte) context.Context { |
| 84 var cached http.RoundTripper | 86 var cached http.RoundTripper |
| 85 var once sync.Once | 87 var once sync.Once |
| 86 return transport.SetFactory(c, func(ic context.Context) http.RoundTrippe
r { | 88 return transport.SetFactory(c, func(ic context.Context) http.RoundTrippe
r { |
| 87 once.Do(func() { | 89 once.Do(func() { |
| 88 t, err := Transport(ic, scopes, serviceAccountJSON) | 90 t, err := Transport(ic, scopes, serviceAccountJSON) |
| 89 if err != nil { | 91 if err != nil { |
| 90 cached = failTransport{err} | 92 cached = failTransport{err} |
| 91 } else { | 93 } else { |
| 92 cached = t | 94 cached = t |
| (...skipping 104 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 197 return errors.WrapTransient(err) | 199 return errors.WrapTransient(err) |
| 198 } | 200 } |
| 199 | 201 |
| 200 func (c tokenCache) Clear() error { | 202 func (c tokenCache) Clear() error { |
| 201 err := memcache.Get(c.c).Delete(c.key) | 203 err := memcache.Get(c.c).Delete(c.key) |
| 202 if err != nil && err != memcache.ErrCacheMiss { | 204 if err != nil && err != memcache.ErrCacheMiss { |
| 203 return errors.WrapTransient(err) | 205 return errors.WrapTransient(err) |
| 204 } | 206 } |
| 205 return nil | 207 return nil |
| 206 } | 208 } |
| OLD | NEW |