Do not assume that http.DefaultClient and http.DefaultTransport is always available.

This commit is contained in:
Burcu Dogan 2014-08-31 15:13:59 -07:00
parent 38c4892682
commit 6bb0a5207a
5 changed files with 87 additions and 32 deletions

View File

@ -12,31 +12,32 @@ import (
// AppEngineConfig represents a configuration for an // AppEngineConfig represents a configuration for an
// App Engine application's Google service account. // App Engine application's Google service account.
type AppEngineConfig struct { type AppEngineConfig struct {
// Default transport to be used while constructing // Transport represents the default transport to be used while constructing
// oauth2.Transport instances from this configuration. // oauth2.Transport instances from this configuration.
Transport *urlfetch.Transport Transport *urlfetch.Transport
context appengine.Context
scopes []string context appengine.Context
scopes []string
} }
// NewAppEngineConfig creates a new AppEngineConfig for the // NewAppEngineConfig creates a new AppEngineConfig for the
// provided auth scopes. // provided auth scopes.
func NewAppEngineConfig(context appengine.Context, scopes []string) *AppEngineConfig { func NewAppEngineConfig(context appengine.Context, scopes []string) *AppEngineConfig {
return &AppEngineConfig{context: context, scopes: scopes} return &AppEngineConfig{
Transport: &urlfetch.Transport{
Context: context,
Deadline: 0,
AllowInvalidServerCertificate: false,
},
context: context,
scopes: scopes,
}
} }
// NewTransport returns a transport that authorizes // NewTransport returns a transport that authorizes
// the requests with the application's service account. // the requests with the application's service account.
func (c *AppEngineConfig) NewTransport() *oauth2.Transport { func (c *AppEngineConfig) NewTransport() *oauth2.Transport {
if c.Transport != nil { return oauth2.NewTransport(c.Transport, c, nil)
return oauth2.NewTransport(c.Transport, c, nil)
}
transport := &urlfetch.Transport{
Context: c.context,
Deadline: 0,
AllowInvalidServerCertificate: false,
}
return oauth2.NewTransport(transport, c, nil)
} }
// FetchToken fetches a new access token for the provided scopes. // FetchToken fetches a new access token for the provided scopes.

View File

@ -3,29 +3,40 @@
package google package google
import ( import (
"net/http"
"github.com/golang/oauth2" "github.com/golang/oauth2"
"google.golang.org/appengine" "google.golang.org/appengine"
"google.golang.org/appengine/urlfetch"
) )
// AppEngineConfig represents a configuration for an // AppEngineConfig represents a configuration for an
// App Engine application's Google service account. // App Engine application's Google service account.
type AppEngineConfig struct { type AppEngineConfig struct {
context appengine.Context // Transport represents the default transport to be used while constructing
scopes []string // oauth2.Transport instances from this configuration.
Transport *urlfetch.Transport
context appengine.Context
scopes []string
} }
// NewAppEngineConfig creates a new AppEngineConfig for the // NewAppEngineConfig creates a new AppEngineConfig for the
// provided auth scopes. // provided auth scopes.
func NewAppEngineConfig(context appengine.Context, scopes []string) *AppEngineConfig { func NewAppEngineConfig(context appengine.Context, scopes []string) *AppEngineConfig {
return &AppEngineConfig{context: context, scopes: scopes} return &AppEngineConfig{
Transport: &urlfetch.Transport{
Context: context,
Deadline: 0,
AllowInvalidServerCertificate: false,
},
context: context,
scopes: scopes,
}
} }
// NewTransport returns a transport that authorizes // NewTransport returns a transport that authorizes
// the requests with the application's service account. // the requests with the application's service account.
func (c *AppEngineConfig) NewTransport() *oauth2.Transport { func (c *AppEngineConfig) NewTransport() *oauth2.Transport {
return oauth2.NewTransport(http.DefaultTransport, c, nil) return oauth2.NewTransport(c.Transport, c, nil)
} }
// FetchToken fetches a new access token for the provided scopes. // FetchToken fetches a new access token for the provided scopes.

View File

@ -37,6 +37,15 @@ type metaTokenRespBody struct {
// ComputeEngineConfig represents a OAuth 2.0 consumer client // ComputeEngineConfig represents a OAuth 2.0 consumer client
// running on Google Compute Engine. // running on Google Compute Engine.
type ComputeEngineConfig struct { type ComputeEngineConfig struct {
// Client is the default HTTP client to be used while retrieving
// tokens from the OAuth 2.0 provider.
Client *http.Client
// Transport represents the default round tripper to be used
// while constructing new oauth2.Transport instances from
// this configuration.
Transport http.RoundTripper
account string account string
} }
@ -56,12 +65,16 @@ func NewServiceAccountConfig(opts *oauth2.JWTOptions) (*oauth2.JWTConfig, error)
// from Google Compute Engine instance's metaserver. If no account is // from Google Compute Engine instance's metaserver. If no account is
// provided, default is used. // provided, default is used.
func NewComputeEngineConfig(account string) *ComputeEngineConfig { func NewComputeEngineConfig(account string) *ComputeEngineConfig {
return &ComputeEngineConfig{account: account} return &ComputeEngineConfig{
Client: http.DefaultClient,
Transport: http.DefaultTransport,
account: account,
}
} }
// NewTransport creates an authorized transport. // NewTransport creates an authorized transport.
func (c *ComputeEngineConfig) NewTransport() *oauth2.Transport { func (c *ComputeEngineConfig) NewTransport() *oauth2.Transport {
return oauth2.NewTransport(http.DefaultTransport, c, nil) return oauth2.NewTransport(c.Transport, c, nil)
} }
// FetchToken retrieves a new access token via metadata server. // FetchToken retrieves a new access token via metadata server.
@ -76,7 +89,7 @@ func (c *ComputeEngineConfig) FetchToken(existing *oauth2.Token) (token *oauth2.
return return
} }
req.Header.Add("X-Google-Metadata-Request", "True") req.Header.Add("X-Google-Metadata-Request", "True")
resp, err := http.DefaultClient.Do(req) resp, err := c.Client.Do(req)
if err != nil { if err != nil {
return return
} }

23
jwt.go
View File

@ -55,12 +55,27 @@ func NewJWTConfig(opts *JWTOptions, aud string) (*JWTConfig, error) {
if err != nil { if err != nil {
return nil, err return nil, err
} }
return &JWTConfig{opts: opts, aud: audURL, key: parsedKey}, nil return &JWTConfig{
Client: http.DefaultClient,
Transport: http.DefaultTransport,
opts: opts,
aud: audURL,
key: parsedKey,
}, nil
} }
// JWTConfig represents an OAuth 2.0 provider and client options to // JWTConfig represents an OAuth 2.0 provider and client options to
// provide authorized transports with a Bearer JWT token. // provide authorized transports with a Bearer JWT token.
type JWTConfig struct { type JWTConfig struct {
// Client is the default HTTP client to be used while retrieving
// tokens from the OAuth 2.0 provider.
Client *http.Client
// Transport represents the default round tripper to be used
// while constructing new oauth2.Transport instances from
// this configuration.
Transport http.RoundTripper
opts *JWTOptions opts *JWTOptions
aud *url.URL aud *url.URL
key *rsa.PrivateKey key *rsa.PrivateKey
@ -69,13 +84,13 @@ type JWTConfig struct {
// NewTransport creates a transport that is authorize with the // NewTransport creates a transport that is authorize with the
// parent JWT configuration. // parent JWT configuration.
func (c *JWTConfig) NewTransport() *Transport { func (c *JWTConfig) NewTransport() *Transport {
return NewTransport(http.DefaultTransport, c, &Token{}) return NewTransport(c.Transport, c, &Token{})
} }
// NewTransportWithUser creates a transport that is authorized by // NewTransportWithUser creates a transport that is authorized by
// the client and impersonates the specified user. // the client and impersonates the specified user.
func (c *JWTConfig) NewTransportWithUser(user string) *Transport { func (c *JWTConfig) NewTransportWithUser(user string) *Transport {
return NewTransport(http.DefaultTransport, c, &Token{Subject: user}) return NewTransport(c.Transport, c, &Token{Subject: user})
} }
// fetchToken retrieves a new access token and updates the existing token // fetchToken retrieves a new access token and updates the existing token
@ -107,7 +122,7 @@ func (c *JWTConfig) FetchToken(existing *Token) (token *Token, err error) {
v.Set("assertion", payload) v.Set("assertion", payload)
// Make a request with assertion to get a new token. // Make a request with assertion to get a new token.
resp, err := http.DefaultClient.PostForm(c.aud.String(), v) resp, err := c.Client.PostForm(c.aud.String(), v)
if err != nil { if err != nil {
return nil, err return nil, err
} }

View File

@ -96,7 +96,13 @@ func NewConfig(opts *Options, authURL, tokenURL string) (*Config, error) {
if err != nil { if err != nil {
return nil, err return nil, err
} }
conf := &Config{opts: opts, authURL: aURL, tokenURL: tURL} conf := &Config{
Client: http.DefaultClient,
Transport: http.DefaultTransport,
opts: opts,
authURL: aURL,
tokenURL: tURL,
}
if err = conf.validate(); err != nil { if err = conf.validate(); err != nil {
return nil, err return nil, err
} }
@ -105,6 +111,15 @@ func NewConfig(opts *Options, authURL, tokenURL string) (*Config, error) {
// Config represents the configuration of an OAuth 2.0 consumer client. // Config represents the configuration of an OAuth 2.0 consumer client.
type Config struct { type Config struct {
// Client is the default HTTP client to be used while retrieving
// tokens from the OAuth 2.0 provider.
Client *http.Client
// Transport represents the default round tripper to be used
// while constructing new oauth2.Transport instances from
// this configuration.
Transport http.RoundTripper
opts *Options opts *Options
// AuthURL is the URL the user will be directed to // AuthURL is the URL the user will be directed to
// in order to grant access. // in order to grant access.
@ -151,7 +166,7 @@ func (c *Config) AuthCodeURL(state string) (authURL string) {
// t.SetToken(validToken) // t.SetToken(validToken)
// //
func (c *Config) NewTransport() *Transport { func (c *Config) NewTransport() *Transport {
return NewTransport(http.DefaultTransport, c, nil) return NewTransport(c.Transport, c, nil)
} }
// NewTransportWithCode exchanges the OAuth 2.0 authorization code with // NewTransportWithCode exchanges the OAuth 2.0 authorization code with
@ -163,7 +178,7 @@ func (c *Config) NewTransportWithCode(code string) (*Transport, error) {
if err != nil { if err != nil {
return nil, err return nil, err
} }
return NewTransport(http.DefaultTransport, c, token), nil return NewTransport(c.Transport, c, token), nil
} }
// FetchToken retrieves a new access token and updates the existing token // FetchToken retrieves a new access token and updates the existing token
@ -183,10 +198,10 @@ func (c *Config) FetchToken(existing *Token) (*Token, error) {
// Checks if all required configuration fields have non-zero values. // Checks if all required configuration fields have non-zero values.
func (c *Config) validate() error { func (c *Config) validate() error {
if c.opts.ClientID == "" { if c.opts.ClientID == "" {
return errors.New("A client ID should be provided.") return errors.New("oauth2: missing client ID")
} }
if c.opts.ClientSecret == "" { if c.opts.ClientSecret == "" {
return errors.New("A client secret should be provided.") return errors.New("oauth2: missing client secret")
} }
return nil return nil
} }
@ -216,7 +231,7 @@ func (c *Config) retrieveToken(v url.Values) (*Token, error) {
// Dropbox accepts either, but not both. // Dropbox accepts either, but not both.
// The spec requires servers to always support the Authorization header, // The spec requires servers to always support the Authorization header,
// so that's all we use. // so that's all we use.
r, err := http.DefaultClient.PostForm(c.tokenURL.String(), v) r, err := c.Client.PostForm(c.tokenURL.String(), v)
if err != nil { if err != nil {
return nil, err return nil, err
} }