Source File
google.go
Belonging Package
golang.org/x/oauth2/google
package google
import (
)
const JWTTokenURL = "https://oauth2.googleapis.com/token"
func ( []byte, ...string) (*oauth2.Config, error) {
type struct {
string `json:"client_id"`
string `json:"client_secret"`
[]string `json:"redirect_uris"`
string `json:"auth_uri"`
string `json:"token_uri"`
}
var struct {
* `json:"web"`
* `json:"installed"`
}
if := json.Unmarshal(, &); != nil {
return nil,
}
var *
switch {
case . != nil:
= .
case . != nil:
= .
default:
return nil, fmt.Errorf("oauth2/google: no credentials found")
}
if len(.) < 1 {
return nil, errors.New("oauth2/google: missing redirect URL in the client_credentials.json")
}
return &oauth2.Config{
ClientID: .,
ClientSecret: .,
RedirectURL: .[0],
Scopes: ,
Endpoint: oauth2.Endpoint{
AuthURL: .,
TokenURL: .,
},
}, nil
}
func ( []byte, ...string) (*jwt.Config, error) {
var credentialsFile
if := json.Unmarshal(, &); != nil {
return nil,
}
if .Type != serviceAccountKey {
return nil, fmt.Errorf("google: read JWT from JSON credentials: 'type' field is %q (expected %q)", .Type, serviceAccountKey)
}
= append([]string(nil), ...) // copy
return .jwtConfig(), nil
}
const (
serviceAccountKey = "service_account"
userCredentialsKey = "authorized_user"
)
type credentialsFile struct {
Type string `json:"type"` // serviceAccountKey or userCredentialsKey
ClientEmail string `json:"client_email"`
PrivateKeyID string `json:"private_key_id"`
PrivateKey string `json:"private_key"`
TokenURL string `json:"token_uri"`
ProjectID string `json:"project_id"`
ClientSecret string `json:"client_secret"`
ClientID string `json:"client_id"`
RefreshToken string `json:"refresh_token"`
}
func ( *credentialsFile) ( []string) *jwt.Config {
:= &jwt.Config{
Email: .ClientEmail,
PrivateKey: []byte(.PrivateKey),
PrivateKeyID: .PrivateKeyID,
Scopes: ,
TokenURL: .TokenURL,
}
if .TokenURL == "" {
.TokenURL = JWTTokenURL
}
return
}
func ( *credentialsFile) ( context.Context, []string) (oauth2.TokenSource, error) {
switch .Type {
case serviceAccountKey:
:= .jwtConfig()
return .TokenSource(), nil
case userCredentialsKey:
:= &oauth2.Config{
ClientID: .ClientID,
ClientSecret: .ClientSecret,
Scopes: ,
Endpoint: Endpoint,
}
:= &oauth2.Token{RefreshToken: .RefreshToken}
return .TokenSource(, ), nil
case "":
return nil, errors.New("missing 'type' field in credentials")
default:
return nil, fmt.Errorf("unknown credential type: %q", .Type)
}
}
func ( string, ...string) oauth2.TokenSource {
return oauth2.ReuseTokenSource(nil, computeSource{account: , scopes: })
}
type computeSource struct {
account string
scopes []string
}
func ( computeSource) () (*oauth2.Token, error) {
if !metadata.OnGCE() {
return nil, errors.New("oauth2/google: can't get a token from the metadata service; not running on GCE")
}
:= .account
if == "" {
= "default"
}
:= "instance/service-accounts/" + + "/token"
if len(.scopes) > 0 {
:= url.Values{}
.Set("scopes", strings.Join(.scopes, ","))
= + "?" + .Encode()
}
, := metadata.Get()
if != nil {
return nil,
}
var struct {
string `json:"access_token"`
int `json:"expires_in"`
string `json:"token_type"`
}
= json.NewDecoder(strings.NewReader()).Decode(&)
if != nil {
return nil, fmt.Errorf("oauth2/google: invalid token JSON from metadata: %v", )
}
if . == 0 || . == "" {
return nil, fmt.Errorf("oauth2/google: incomplete token received from metadata")
}
:= &oauth2.Token{
AccessToken: .,
TokenType: .,
Expiry: time.Now().Add(time.Duration(.) * time.Second),
![]() |
The pages are generated with Golds v0.3.2-preview. (GOOS=darwin GOARCH=amd64) Golds is a Go 101 project developed by Tapir Liu. PR and bug reports are welcome and can be submitted to the issue list. Please follow @Go100and1 (reachable from the left QR code) to get the latest news of Golds. |