Providing a default app credentials

googleapis · Mar 18, 2015 · a6cae12 · a6cae12
1 parent 10e67b4
commit a6cae12
Show file tree

Hide file tree

Showing 24 changed files with 96 additions and 50 deletions.
diff --git a/pom.xml b/pom.xml
@@ -49,6 +49,16 @@
     </repository>
   </distributionManagement>
   <dependencies>
+    <dependency>
+        <groupId>com.google.auth</groupId>
+        <artifactId>google-auth-library-credentials</artifactId>
+        <version>0.1.0</version>
+    </dependency>
+    <dependency>
+        <groupId>com.google.auth</groupId>
+        <artifactId>google-auth-library-oauth2-http</artifactId>
+        <version>0.1.0</version>
+    </dependency>
     <dependency>
       <groupId>com.google.http-client</groupId>
       <artifactId>google-http-client</artifactId>

diff --git a/...in/java/com/google/gcloud/AuthConfig.java → ...va/com/google/gcloud/AuthCredentials.java b/...in/java/com/google/gcloud/AuthConfig.java → ...va/com/google/gcloud/AuthCredentials.java
@@ -26,15 +26,20 @@
 import com.google.api.client.http.HttpTransport;
 import com.google.api.client.http.javanet.NetHttpTransport;
 import com.google.api.client.json.jackson.JacksonFactory;
+import com.google.auth.http.HttpCredentialsAdapter;
+import com.google.auth.oauth2.GoogleCredentials;
 
 import java.io.IOException;
 import java.security.GeneralSecurityException;
 import java.security.PrivateKey;
 import java.util.Set;
 
-public abstract class AuthConfig {
+/**
+ * Credentials for accessing Google Cloud services.
+ */
+public abstract class AuthCredentials {
 
-  private static class AppEngineAuthConfig extends AuthConfig {
+  private static class AppEngineAuthCredentials extends AuthCredentials {
 
     @Override
     protected HttpRequestInitializer httpRequestInitializer(
@@ -43,17 +48,17 @@ protected HttpRequestInitializer httpRequestInitializer(
     }
   }
 
-  private static class ServiceAccountAuthConfig extends AuthConfig {
+  private static class ServiceAccountAuthCredentials extends AuthCredentials {
 
     private final String account;
     private final PrivateKey privateKey;
 
-    ServiceAccountAuthConfig(String account, PrivateKey privateKey) {
+    ServiceAccountAuthCredentials(String account, PrivateKey privateKey) {
       this.account = checkNotNull(account);
       this.privateKey = checkNotNull(privateKey);
     }
 
-    ServiceAccountAuthConfig() {
+    ServiceAccountAuthCredentials() {
       account = null;
       privateKey = null;
     }
@@ -76,13 +81,14 @@ protected HttpRequestInitializer httpRequestInitializer(
   protected abstract HttpRequestInitializer httpRequestInitializer(HttpTransport transport,
       Set<String> scopes);
 
-  public static AuthConfig createForAppEngine() {
-    return new AppEngineAuthConfig();
+  public static AuthCredentials createForAppEngine() {
+    return new AppEngineAuthCredentials();
   }
 
-  public static AuthConfig createForComputeEngine() throws IOException, GeneralSecurityException {
+  public static AuthCredentials createForComputeEngine()
+      throws IOException, GeneralSecurityException {
     final ComputeCredential cred = getComputeCredential();
-    return new AuthConfig() {
+    return new AuthCredentials() {
       @Override
       protected HttpRequestInitializer httpRequestInitializer(HttpTransport transport,
           Set<String> scopes) {
@@ -91,12 +97,34 @@ protected HttpRequestInitializer httpRequestInitializer(HttpTransport transport,
     };
   }
 
-  public static AuthConfig createFor(String account, PrivateKey privateKey) {
-    return new ServiceAccountAuthConfig(account, privateKey);
+  /**
+   * Returns the Application Default Credentials.
+   *
+   * <p>Returns the Application Default Credentials which are credentials that identify and
+   * authorize the whole application. This is the built-in service account if running on Google
+   * Compute Engine or the credentials file from the path in the environment variable
+   * GOOGLE_APPLICATION_CREDENTIALS.</p>
+   *
+   * @return the credentials instance.
+   * @throws IOException if the credentials cannot be created in the current environment.
+   */
+  public static AuthCredentials createApplicationDefaults() throws IOException {
+    final GoogleCredentials credentials = GoogleCredentials.getApplicationDefault();
+    return new AuthCredentials() {
+      @Override
+      protected HttpRequestInitializer httpRequestInitializer(HttpTransport transport,
+          Set<String> scopes) {
+        return new HttpCredentialsAdapter(credentials);
+      }
+    };
+  }
+
+  public static AuthCredentials createFor(String account, PrivateKey privateKey) {
+    return new ServiceAccountAuthCredentials(account, privateKey);
   }
 
-  public static AuthConfig noCredentials() {
-    return new ServiceAccountAuthConfig();
+  public static AuthCredentials noCredentials() {
+    return new ServiceAccountAuthCredentials();
   }
 
   static ComputeCredential getComputeCredential() throws IOException, GeneralSecurityException {

diff --git a/src/main/java/com/google/gcloud/ServiceOptions.java b/src/main/java/com/google/gcloud/ServiceOptions.java
@@ -39,22 +39,22 @@ public abstract class ServiceOptions {
 
   private final String host;
   private final HttpTransport httpTransport;
-  private final AuthConfig authConfig;
+  private final AuthCredentials authCredentials;
   private final RetryParams retryParams;
 
   protected abstract static class Builder<B extends Builder<B>> {
 
     private String host;
     private HttpTransport httpTransport;
-    private AuthConfig authConfig;
+    private AuthCredentials authCredentials;
     private RetryParams retryParams;
 
     protected Builder() {}
 
     protected Builder(ServiceOptions options) {
       host = options.host;
       httpTransport = options.httpTransport;
-      authConfig = options.authConfig;
+      authCredentials = options.authCredentials;
       retryParams = options.retryParams;
     }
 
@@ -75,8 +75,8 @@ public B httpTransport(HttpTransport httpTransport) {
       return self();
     }
 
-    public B authConfig(AuthConfig authConfig) {
-      this.authConfig = authConfig;
+    public B authConfig(AuthCredentials authCredentials) {
+      this.authCredentials = authCredentials;
       return self();
     }
 
@@ -89,7 +89,7 @@ public B retryParams(RetryParams retryParams) {
   protected ServiceOptions(Builder<?> builder) {
     host = firstNonNull(builder.host, DEFAULT_HOST);
     httpTransport = firstNonNull(builder.httpTransport, defaultHttpTransport());
-    authConfig = firstNonNull(builder.authConfig, defaultAuthConfig());
+    authCredentials = firstNonNull(builder.authCredentials, defaultAuthConfig());
     retryParams = builder.retryParams;
   }
 
@@ -104,29 +104,36 @@ private static HttpTransport defaultHttpTransport() {
     }
     // Consider Compute
     try {
-      return AuthConfig.getComputeCredential().getTransport();
+      return AuthCredentials.getComputeCredential().getTransport();
     } catch (Exception e) {
       // Maybe not on GCE
     }
     return new NetHttpTransport();
   }
 
-  private static AuthConfig defaultAuthConfig() {
-    // Consider App Engine
+  public static AuthCredentials defaultAuthConfig() {
+    // Consider App Engine. This will not be needed once issue #21 is fixed.
     if (appEngineAppId() != null) {
       try {
-        return AuthConfig.createForAppEngine();
+        return AuthCredentials.createForAppEngine();
       } catch (Exception ignore) {
         // Maybe not on App Engine
       }
     }
-    // Consider Compute
+
+    try {
+      return AuthCredentials.createApplicationDefaults();
+    } catch (Exception ex) {
+      // fallback to old-style
+    }
+
+    // Consider old-style Compute. This will not be needed once issue #21 is fixed.
     try {
-      return AuthConfig.createForComputeEngine();
+      return AuthCredentials.createForComputeEngine();
     } catch (Exception ignore) {
       // Maybe not on GCE
     }
-    return AuthConfig.noCredentials();
+    return AuthCredentials.noCredentials();
   }
 
   protected static String appEngineAppId() {
@@ -176,15 +183,15 @@ public HttpTransport httpTransport() {
     return httpTransport;
   }
 
-  public AuthConfig authConfig() {
-    return authConfig;
+  public AuthCredentials authConfig() {
+    return authCredentials;
   }
 
   public RetryParams retryParams() {
     return retryParams;
   }
 
-  protected HttpRequestInitializer httpRequestInitializer() {
+  public HttpRequestInitializer httpRequestInitializer() {
     return authConfig().httpRequestInitializer(httpTransport, scopes());
   }
 

diff --git a/src/main/java/com/google/gcloud/com/google/gcloud/spi/DatastoreRpc.java b/src/main/java/com/google/gcloud/com/google/gcloud/spi/DatastoreRpc.java
diff --git a/src/main/java/com/google/gcloud/com/google/gcloud/spi/DefaultDatastoreRpc.java b/src/main/java/com/google/gcloud/com/google/gcloud/spi/DefaultDatastoreRpc.java
diff --git a/src/main/java/com/google/gcloud/com/google/gcloud/spi/DefaultStorageRpc.java b/src/main/java/com/google/gcloud/com/google/gcloud/spi/DefaultStorageRpc.java