Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(3)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: common/auth/internal/service.go

Issue 2951393002: [errors] de-specialize Transient in favor of Tags. (Closed)
Patch Set: more refactor Created 3 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « common/auth/internal/luci_ctx_test.go ('k') | common/auth/internal/user.go » ('j') | common/errors/tags.go » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The LUCI Authors. All rights reserved. 1 // Copyright 2015 The LUCI Authors. All rights reserved.
2 // Use of this source code is governed under the Apache License, Version 2.0 2 // Use of this source code is governed under the Apache License, Version 2.0
3 // that can be found in the LICENSE file. 3 // that can be found in the LICENSE file.
4 4
5 package internal 5 package internal
6 6
7 import ( 7 import (
8 "crypto/sha1" 8 "crypto/sha1"
9 "encoding/hex" 9 "encoding/hex"
10 "fmt" 10 "fmt"
11 "io/ioutil" 11 "io/ioutil"
12 12
13 "golang.org/x/net/context" 13 "golang.org/x/net/context"
14 "golang.org/x/oauth2" 14 "golang.org/x/oauth2"
15 "golang.org/x/oauth2/google" 15 "golang.org/x/oauth2/google"
16 "golang.org/x/oauth2/jwt" 16 "golang.org/x/oauth2/jwt"
17 17
18 "github.com/luci/luci-go/common/errors"
19 "github.com/luci/luci-go/common/logging" 18 "github.com/luci/luci-go/common/logging"
19 "github.com/luci/luci-go/common/retry/transient"
20 ) 20 )
21 21
22 type serviceAccountTokenProvider struct { 22 type serviceAccountTokenProvider struct {
23 jsonKey []byte 23 jsonKey []byte
24 path string 24 path string
25 scopes []string 25 scopes []string
26 } 26 }
27 27
28 // NewServiceAccountTokenProvider returns TokenProvider that uses service 28 // NewServiceAccountTokenProvider returns TokenProvider that uses service
29 // account private key (on disk or in memory) to make access tokens. 29 // account private key (on disk or in memory) to make access tokens.
(...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after
80 80
81 func (p *serviceAccountTokenProvider) MintToken(ctx context.Context, base *oauth 2.Token) (*oauth2.Token, error) { 81 func (p *serviceAccountTokenProvider) MintToken(ctx context.Context, base *oauth 2.Token) (*oauth2.Token, error) {
82 cfg, err := p.jwtConfig(ctx) 82 cfg, err := p.jwtConfig(ctx)
83 if err != nil { 83 if err != nil {
84 logging.Errorf(ctx, "Failed to load private key JSON - %s", err) 84 logging.Errorf(ctx, "Failed to load private key JSON - %s", err)
85 return nil, ErrBadCredentials 85 return nil, ErrBadCredentials
86 } 86 }
87 switch newTok, err := grabToken(cfg.TokenSource(ctx)); { 87 switch newTok, err := grabToken(cfg.TokenSource(ctx)); {
88 case err == nil: 88 case err == nil:
89 return newTok, nil 89 return newTok, nil
90 » case errors.IsTransient(err): 90 » case transient.Tag.In(err):
91 logging.Warningf(ctx, "Error when creating access token - %s", e rr) 91 logging.Warningf(ctx, "Error when creating access token - %s", e rr)
92 return nil, err 92 return nil, err
93 default: 93 default:
94 logging.Warningf(ctx, "Invalid or revoked service account key - %s", err) 94 logging.Warningf(ctx, "Invalid or revoked service account key - %s", err)
95 return nil, ErrBadCredentials 95 return nil, ErrBadCredentials
96 } 96 }
97 } 97 }
98 98
99 func (p *serviceAccountTokenProvider) RefreshToken(ctx context.Context, prev, ba se *oauth2.Token) (*oauth2.Token, error) { 99 func (p *serviceAccountTokenProvider) RefreshToken(ctx context.Context, prev, ba se *oauth2.Token) (*oauth2.Token, error) {
100 // JWT tokens are self sufficient, there's no need for refresh_token. Mi nting 100 // JWT tokens are self sufficient, there's no need for refresh_token. Mi nting
101 // a token and "refreshing" it is a same thing. 101 // a token and "refreshing" it is a same thing.
102 return p.MintToken(ctx, base) 102 return p.MintToken(ctx, base)
103 } 103 }
OLDNEW
« no previous file with comments | « common/auth/internal/luci_ctx_test.go ('k') | common/auth/internal/user.go » ('j') | common/errors/tags.go » ('J')

Powered by Google App Engine
This is Rietveld 408576698