Vendor dependencies for GCS

vendor/google.golang.org/api/internal/creds.go

@@ -0,0 +1,106 @@
+// Copyright 2017 Google Inc. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package internal
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"time"
+
+	"golang.org/x/net/context"
+	"golang.org/x/oauth2"
+	"golang.org/x/oauth2/google"
+)
+
+// Creds returns credential information obtained from DialSettings, or if none, then
+// it returns default credential information.
+func Creds(ctx context.Context, ds *DialSettings) (*google.DefaultCredentials, error) {
+	if ds.CredentialsFile != "" {
+		return credFileTokenSource(ctx, ds.CredentialsFile, ds.Scopes...)
+	}
+	if ds.TokenSource != nil {
+		return &google.DefaultCredentials{TokenSource: ds.TokenSource}, nil
+	}
+	return google.FindDefaultCredentials(ctx, ds.Scopes...)
+}
+
+// credFileTokenSource reads a refresh token file or a service account and returns
+// a TokenSource constructed from the config.
+func credFileTokenSource(ctx context.Context, filename string, scope ...string) (*google.DefaultCredentials, error) {
+	data, err := ioutil.ReadFile(filename)
+	if err != nil {
+		return nil, fmt.Errorf("cannot read credentials file: %v", err)
+	}
+	// See if it is a refresh token credentials file first.
+	ts, ok, err := refreshTokenTokenSource(ctx, data, scope...)
+	if err != nil {
+		return nil, err
+	}
+	if ok {
+		return &google.DefaultCredentials{
+			TokenSource: ts,
+			// TODO(jba): uncomment after https://go-review.googlesource.com/c/51111 is in.
+			// JSON: data,
+		}, nil
+	}
+
+	// If not, it should be a service account.
+	cfg, err := google.JWTConfigFromJSON(data, scope...)
+	if err != nil {
+		return nil, fmt.Errorf("google.JWTConfigFromJSON: %v", err)
+	}
+	// jwt.Config does not expose the project ID, so re-unmarshal to get it.
+	var pid struct {
+		ProjectID string `json:"project_id"`
+	}
+	if err := json.Unmarshal(data, &pid); err != nil {
+		return nil, err
+	}
+	return &google.DefaultCredentials{
+		ProjectID:   pid.ProjectID,
+		TokenSource: cfg.TokenSource(ctx),
+		// TODO(jba): uncomment after https://go-review.googlesource.com/c/51111 is in.
+		// JSON: data,
+	}, nil
+}
+
+func refreshTokenTokenSource(ctx context.Context, data []byte, scope ...string) (oauth2.TokenSource, bool, error) {
+	var c cred
+	if err := json.Unmarshal(data, &c); err != nil {
+		return nil, false, fmt.Errorf("cannot unmarshal credentials file: %v", err)
+	}
+	if c.ClientID == "" || c.ClientSecret == "" || c.RefreshToken == "" || c.Type != "authorized_user" {
+		return nil, false, nil
+	}
+	cfg := &oauth2.Config{
+		ClientID:     c.ClientID,
+		ClientSecret: c.ClientSecret,
+		Endpoint:     google.Endpoint,
+		RedirectURL:  "urn:ietf:wg:oauth:2.0:oob",
+		Scopes:       scope,
+	}
+	return cfg.TokenSource(ctx, &oauth2.Token{
+		RefreshToken: c.RefreshToken,
+		Expiry:       time.Now(),
+	}), true, nil
+}
+
+type cred struct {
+	ClientID     string `json:"client_id"`
+	ClientSecret string `json:"client_secret"`
+	RefreshToken string `json:"refresh_token"`
+	Type         string `json:"type"`
+}

vendor/google.golang.org/api/internal/creds_test.go

@@ -0,0 +1,130 @@
+// Copyright 2017 Google Inc. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package internal
+
+import (
+	"testing"
+
+	"github.com/google/go-cmp/cmp"
+	"golang.org/x/net/context"
+	"golang.org/x/oauth2"
+	"golang.org/x/oauth2/google"
+)
+
+type dummyTokenSource struct {
+	oauth2.TokenSource
+}
+
+func TestTokenSource(t *testing.T) {
+	ctx := context.Background()
+
+	// Pass in a TokenSource, get it back.
+	ts := &dummyTokenSource{}
+	ds := &DialSettings{TokenSource: ts}
+	got, err := Creds(ctx, ds)
+	if err != nil {
+		t.Fatal(err)
+	}
+	want := &google.DefaultCredentials{TokenSource: ts}
+	if !cmp.Equal(got, want) {
+		t.Error("did not get the same TokenSource back")
+	}
+
+	// Load a valid JSON file. No way to really test the contents; we just
+	// verify that there is no error.
+	ds = &DialSettings{CredentialsFile: "service-account.json"}
+	if _, err := Creds(ctx, ds); err != nil {
+		t.Errorf("got %v, wanted no error", err)
+	}
+
+	// If both a file and TokenSource are passed, the file takes precedence
+	// (existing behavior).
+	// TODO(jba): make this an error?
+	ds = &DialSettings{
+		TokenSource:     ts,
+		CredentialsFile: "service-account.json",
+	}
+	got, err = Creds(ctx, ds)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if cmp.Equal(got, want) {
+		t.Error("got the same TokenSource back, wanted one from the JSON file")
+	}
+	// TODO(jba): find a way to test the call to google.DefaultTokenSource.
+}
+
+const validRefeshTokenJSON = `{
+  "client_id": "764-aaaaa.apps.googleusercontent.com",
+  "client_secret": "d-988888888",
+  "refresh_token": "1/88888aaaaaaaaa",
+  "type": "authorized_user"
+}`
+
+const validServiceAccountJSON = `{
+  "type": "service_account",
+  "project_id": "dumba-504",
+  "private_key_id": "adsfsdd",
+  "private_key": "-----BEGIN PRIVATE KEY-----\n\n-----END PRIVATE KEY-----\n",
+  "client_email": "dumba-504@appspot.gserviceaccount.com",
+  "client_id": "111",
+  "auth_uri": "https://accounts.google.com/o/oauth2/auth",
+  "token_uri": "https://accounts.google.com/o/oauth2/token",
+  "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
+  "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/dumba-504%40appspot.gserviceaccount.com"
+}`
+
+func TestRefreshTokenTokenSource(t *testing.T) {
+	tests := []struct {
+		name    string
+		data    []byte
+		wantOK  bool
+		wantErr bool
+	}{
+		{
+			name:    "empty",
+			data:    []byte{},
+			wantOK:  false,
+			wantErr: true, // not valid JSON
+		},
+		{
+			name:    "non refresh token JSON",
+			data:    []byte("{}"),
+			wantOK:  false,
+			wantErr: false,
+		},
+		{
+			name:    "service account JSON",
+			data:    []byte(validServiceAccountJSON),
+			wantOK:  false,
+			wantErr: false,
+		},
+		{
+			name:    "valid refresh token JSON",
+			data:    []byte(validRefeshTokenJSON),
+			wantOK:  true,
+			wantErr: false,
+		},
+	}
+	for _, tt := range tests {
+		_, ok, err := refreshTokenTokenSource(context.Background(), tt.data)
+		if (err != nil) != tt.wantErr {
+			t.Errorf("%v: refreshTokenTokenSource() err = %v, wantErr %v", tt.name, err, tt.wantErr)
+		}
+		if ok != tt.wantOK {
+			t.Errorf("%v: refreshTokenTokenSource() ok = %v, want %v", tt.name, ok, tt.wantOK)
+		}
+	}
+}

vendor/google.golang.org/api/internal/pool.go

@@ -0,0 +1,59 @@
+// Copyright 2016 Google Inc. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package internal
+
+import (
+	"errors"
+	"google.golang.org/grpc/naming"
+)
+
+// PoolResolver provides a fixed list of addresses to load balance between
+// and does not provide further updates.
+type PoolResolver struct {
+	poolSize int
+	dialOpt  *DialSettings
+	ch       chan []*naming.Update
+}
+
+// NewPoolResolver returns a PoolResolver
+// This is an EXPERIMENTAL API and may be changed or removed in the future.
+func NewPoolResolver(size int, o *DialSettings) *PoolResolver {
+	return &PoolResolver{poolSize: size, dialOpt: o}
+}
+
+// Resolve returns a Watcher for the endpoint defined by the DialSettings
+// provided to NewPoolResolver.
+func (r *PoolResolver) Resolve(target string) (naming.Watcher, error) {
+	if r.dialOpt.Endpoint == "" {
+		return nil, errors.New("No endpoint configured")
+	}
+	addrs := make([]*naming.Update, 0, r.poolSize)
+	for i := 0; i < r.poolSize; i++ {
+		addrs = append(addrs, &naming.Update{Op: naming.Add, Addr: r.dialOpt.Endpoint, Metadata: i})
+	}
+	r.ch = make(chan []*naming.Update, 1)
+	r.ch <- addrs
+	return r, nil
+}
+
+// Next returns a static list of updates on the first call,
+// and blocks indefinitely until Close is called on subsequent calls.
+func (r *PoolResolver) Next() ([]*naming.Update, error) {
+	return <-r.ch, nil
+}
+
+func (r *PoolResolver) Close() {
+	close(r.ch)
+}

vendor/google.golang.org/api/internal/pool_test.go

@@ -0,0 +1,82 @@
+/*
+Copyright 2016 Google Inc. All Rights Reserved.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package internal
+
+import (
+	"google.golang.org/grpc/naming"
+	"testing"
+	"time"
+)
+
+func TestConnectionPool(t *testing.T) {
+	addr := "127.0.0.1:123"
+	ds := DialSettings{Endpoint: addr}
+	pr := NewPoolResolver(4, &ds)
+	watcher, err := pr.Resolve(addr)
+	if err != nil {
+		t.Fatalf("Resolve: %v", err)
+	}
+
+	updates, err := watcher.Next()
+	if err != nil {
+		t.Fatalf("Next: %v", err)
+	}
+	if len(updates) != 4 {
+		t.Fatalf("Update count: %v", err)
+	}
+	metaSeen := make(map[interface{}]bool)
+	for _, u := range updates {
+		if u.Addr != addr {
+			t.Errorf("Addr from update: wanted %v, got %v", addr, u.Addr)
+		}
+		// Metadata must be unique
+		if metaSeen[u.Metadata] {
+			t.Errorf("Wanted %v to be unique, got %v", u.Metadata, metaSeen)
+		}
+		metaSeen[u.Metadata] = true
+	}
+	// Test that Next blocks until Close and returns nil.
+	nextc := make(chan []*naming.Update)
+	closedc := make(chan bool)
+	go func() {
+		next, err := watcher.Next()
+		if err != nil {
+			t.Errorf("Next: expected success, got %v", err)
+		}
+		nextc <- next
+	}()
+	go func() {
+		time.Sleep(50 * time.Millisecond)
+		watcher.Close()
+		close(closedc)
+	}()
+
+	select {
+	case <-nextc:
+		t.Fatalf("Next: second invocation didn't block, returned before Close()")
+	case <-closedc:
+		// OK, watcher was closed before Next() returned.
+	}
+	select {
+	case next := <-nextc:
+		if next != nil {
+			t.Errorf("Next: expected nil, got %v", next)
+		}
+	case <-time.After(100 * time.Millisecond):
+		t.Error("Next: did not return after 100ms")
+	}
+}

vendor/google.golang.org/api/internal/service-account.json

@@ -0,0 +1,12 @@
+{
+  "type": "service_account",
+  "project_id": "project_id",
+  "private_key_id": "private_key_id",
+  "private_key": "private_key",
+  "client_email": "xyz@developer.gserviceaccount.com",
+  "client_id": "123",
+  "auth_uri": "https://accounts.google.com/o/oauth2/auth",
+  "token_uri": "https://accounts.google.com/o/oauth2/token",
+  "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
+  "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/xyz%40developer.gserviceaccount.com"
+}

vendor/google.golang.org/api/internal/settings.go

@@ -0,0 +1,37 @@
+// Copyright 2017 Google Inc. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package internal supports the options and transport packages.
+package internal
+
+import (
+	"net/http"
+
+	"golang.org/x/oauth2"
+	"google.golang.org/grpc"
+)
+
+// DialSettings holds information needed to establish a connection with a
+// Google API service.
+type DialSettings struct {
+	Endpoint        string
+	Scopes          []string
+	TokenSource     oauth2.TokenSource
+	CredentialsFile string // if set, Token Source is ignored.
+	UserAgent       string
+	APIKey          string
+	HTTPClient      *http.Client
+	GRPCDialOpts    []grpc.DialOption
+	GRPCConn        *grpc.ClientConn
+}