6 Commits

Author SHA1 Message Date
Oleksandr Redko
44967abe90 google: fix typos
Change-Id: I8fc92767c1ea73e731736056c72628977017301e
Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/645775
Reviewed-by: Michael Pratt <mpratt@google.com>
Auto-Submit: Sean Liao <sean@liao.dev>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Sean Liao <sean@liao.dev>
Reviewed-by: Junyang Shao <shaojunyang@google.com>
2025-03-03 12:07:38 -08:00
Chris Smith
b9c813be7d google: add warning about externally-provided credentials
Change-Id: Ic2ce6e9c3ed735f4fc6d78a22cf0d5e95fca91a1
Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/643158
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Sai Sunder Srinivasan <saisunder@google.com>
Run-TryBot: Cody Oss <codyoss@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Cody Oss <codyoss@google.com>
2025-01-29 14:42:25 -08:00
cuishuang
49a531d12a all: make method and struct comments match the names
Change-Id: I9fd025393acc12da59fdac1c416563324cd26af1
Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/639695
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
2025-01-03 18:44:49 -08:00
Jin Qin
3c9c1f6d00 oauth2/google: fix the logic of sts 0 value of expires_in
The sts response contains an optional field of `expires_in` and the value can be any integer.

https://github.com/golang/oauth2/blob/master/google/internal/externalaccount/basecredentials.go#L246-L248

In the case of less than `0`, we are going to throw an error. But in the case of equals to `0` practically it means "never expire" instead of "instantly expire" which doesn't make sense.

So we need to not set the expiration value for Token object. The current else if greater or equal is wrong.

It's never triggered only because we are sending positive `3600` in sts response.

Change-Id: Id227ca71130855235572b65ab178681e80d0da3a
GitHub-Last-Rev: a95c923d6a5d256fa92629a1fcb908495d7b1338
GitHub-Pull-Request: golang/oauth2#687
Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/545895
Reviewed-by: Shin Fan <shinfan@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Cody Oss <codyoss@google.com>
Reviewed-by: Cody Oss <codyoss@google.com>
2024-03-12 20:05:50 +00:00
Chris Smith
34a7afaa85 google/externalaccount: add Config.UniverseDomain
Change-Id: Ia1caee246da68c01addd06e1367ed1e43645826b
Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/568216
Reviewed-by: Alex Eitzman <eitzman@google.com>
Reviewed-by: Cody Oss <codyoss@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
2024-03-04 19:42:12 +00:00
aeitzman
95bec95381 google/externalaccount: moves externalaccount package out of internal and exports it
go/programmable-auth-design for context. Adds support for user defined
 supplier methods to return subject tokens and AWS security credentials.

Change-Id: I7bc41f8c5202ae933fce516632f5049bbeb3d378
GitHub-Last-Rev: ac519b242f8315df572f1b205b0670f139bfc6c3
GitHub-Pull-Request: golang/oauth2#690
Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/550835
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Leo Siracusa <leosiracusa@google.com>
Reviewed-by: Chris Smith <chrisdsmith@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Cody Oss <codyoss@google.com>
2024-02-27 21:55:11 +00:00