bump(code.google.com/p/goauth2/oauth): cf9c96faa9885b8cf351c2d79d9a92…

…9f3eebd4ec
kubernetes · lavalamp · Jun 18, 2014 · Jun 16, 2014 · Jun 16, 2014 · Jun 16, 2014
commit 48e246c117f0e608fae3fd2d8cbe4612a553b4c8
diff --git a/third_party/src/code.google.com/p/goauth2/oauth/example/oauthreq.go b/third_party/src/code.google.com/p/goauth2/oauth/example/oauthreq.go
@@ -0,0 +1,100 @@
+// Copyright 2011 The goauth2 Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// This program makes a call to the specified API, authenticated with OAuth2.
+// a list of example APIs can be found at https://code.google.com/oauthplayground/
+package main
+
+import (
+	"flag"
+	"fmt"
+	"io"
+	"log"
+	"os"
+
+	"code.google.com/p/goauth2/oauth"
+)
+
+var (
+	clientId     = flag.String("id", "", "Client ID")
+	clientSecret = flag.String("secret", "", "Client Secret")
+	scope        = flag.String("scope", "https://www.googleapis.com/auth/userinfo.profile", "OAuth scope")
+	redirectURL  = flag.String("redirect_url", "oob", "Redirect URL")
+	authURL      = flag.String("auth_url", "https://accounts.google.com/o/oauth2/auth", "Authentication URL")
+	tokenURL     = flag.String("token_url", "https://accounts.google.com/o/oauth2/token", "Token URL")
+	requestURL   = flag.String("request_url", "https://www.googleapis.com/oauth2/v1/userinfo", "API request")
+	code         = flag.String("code", "", "Authorization Code")
+	cachefile    = flag.String("cache", "cache.json", "Token cache file")
+)
+
+const usageMsg = `
+To obtain a request token you must specify both -id and -secret.
+
+To obtain Client ID and Secret, see the "OAuth 2 Credentials" section under
+the "API Access" tab on this page: https://code.google.com/apis/console/
+
+Once you have completed the OAuth flow, the credentials should be stored inside
+the file specified by -cache and you may run without the -id and -secret flags.
+`
+
+func main() {
+	flag.Parse()
+
+	// Set up a configuration.
+	config := &oauth.Config{
+		ClientId:     *clientId,
+		ClientSecret: *clientSecret,
+		RedirectURL:  *redirectURL,
+		Scope:        *scope,
+		AuthURL:      *authURL,
+		TokenURL:     *tokenURL,
+		TokenCache:   oauth.CacheFile(*cachefile),
+	}
+
+	// Set up a Transport using the config.
+	transport := &oauth.Transport{Config: config}
+
+	// Try to pull the token from the cache; if this fails, we need to get one.
+	token, err := config.TokenCache.Token()
+	if err != nil {
+		if *clientId == "" || *clientSecret == "" {
+			flag.Usage()
+			fmt.Fprint(os.Stderr, usageMsg)
+			os.Exit(2)
+		}
+		if *code == "" {
+			// Get an authorization code from the data provider.
+			// ("Please ask the user if I can access this resource.")
+			url := config.AuthCodeURL("")
+			fmt.Println("Visit this URL to get a code, then run again with -code=YOUR_CODE\n")
+			fmt.Println(url)
+			return
+		}
+		// Exchange the authorization code for an access token.
+		// ("Here's the code you gave the user, now give me a token!")
+		token, err = transport.Exchange(*code)
+		if err != nil {
+			log.Fatal("Exchange:", err)
+		}
+		// (The Exchange method will automatically cache the token.)
+		fmt.Printf("Token is cached in %v\n", config.TokenCache)
+	}
+
+	// Make the actual request using the cached token to authenticate.
+	// ("Here's the token, let me in!")
+	transport.Token = token
+
+	// Make the request.
+	r, err := transport.Client().Get(*requestURL)
+	if err != nil {
+		log.Fatal("Get:", err)
+	}
+	defer r.Body.Close()
+
+	// Write the response to standard output.
+	io.Copy(os.Stdout, r.Body)
+
+	// Send final carriage return, just to be neat.
+	fmt.Println()
+}
diff --git a/third_party/src/code.google.com/p/goauth2/oauth/jwt/example/example.client_secrets.json b/third_party/src/code.google.com/p/goauth2/oauth/jwt/example/example.client_secrets.json
@@ -0,0 +1 @@
+{"web":{"auth_uri":"https://accounts.google.com/o/oauth2/auth","token_uri":"https://accounts.google.com/o/oauth2/token","client_email":"XXXXXXXXXXXX@developer.gserviceaccount.com","client_x509_cert_url":"https://www.googleapis.com/robot/v1/metadata/x509/XXXXXXXXXXXX@developer.gserviceaccount.com","client_id":"XXXXXXXXXXXX.apps.googleusercontent.com","auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs"}}
diff --git a/third_party/src/code.google.com/p/goauth2/oauth/jwt/example/example.pem b/third_party/src/code.google.com/p/goauth2/oauth/jwt/example/example.pem
@@ -0,0 +1,20 @@
+Bag Attributes
+    friendlyName: privatekey
+    localKeyID: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
+Key Attributes: <No Attributes>
+-----BEGIN PRIVATE KEY-----
+XXXXxyXXXXXXXxxyxxxX9y0XXYXXXXYXXxXyxxXxXxXXXyXXXXx4yx1xy1xyYxxY
+1XxYy38YxXxxxyXxyyxx+xxxxyx1Y1xYx7yx2/Y1XyyXYYYxY5YXxX0xY/Y642yX
+zYYxYXzXYxY0Y8y9YxyYXxxX40YyXxxXX4XXxx7XxXxxXyXxYYXxXyxX5XY0Yy2X
+1YX0XXyy6YXyXx9XxXxyXX9XXYXxXxXXXXXXxYXYY3Y8Yy311XYYY81XyY14Xyyx
+xXyx7xxXXXxxxxyyyX4YYYXyYyYXyxX4XYXYyxXYyx9xy23xXYyXyxYxXxx1XXXY
+y98yX6yYxyyyX4Xyx1Xy/0yxxYxXxYYx2xx7yYXXXxYXXXxyXyyYYxx5XX2xxyxy
+y6Yyyx0XX3YYYyx9YYXXXX7y0yxXXy+90XYz1y2xyx7yXxX+8X0xYxXXYxxyxYYy
+YXx8Yy4yX0Xyxxx6yYX92yxy1YYYzyyyyxy55x/yyXXXYYXYXXzXXxYYxyXY8XXX
++y9+yXxX7XxxyYYxxXYxyY623xxXxYX59x5Y6yYyXYY4YxXXYXXXYxXYxXxXXx6x
+YXX7XxXX2X0XY7YXyYy1XXxYXxXxYY1xXXxxxyy+07zXYxYxxXyyxxyxXx1XYy5X
+5XYzyxYxXXYyX9XX7xX8xXxx+XXYyYXXXX5YY1x8Yxyx54Xy/1XXyyYXY5YxYyxY
+XyyxXyX/YxxXXXxXXYXxyxx63xX/xxyYXXyYzx0XY+YxX5xyYyyxxxXXYX/94XXy
+Xx63xYxXyXY3/XXxyyXX15XXXyz08XYY5YYXY/YXy/96x68XyyXXxYyXy4xYXx5x
+7yxxyxxYxXxyx3y=
+-----END PRIVATE KEY-----
diff --git a/third_party/src/code.google.com/p/goauth2/oauth/jwt/example/main.go b/third_party/src/code.google.com/p/goauth2/oauth/jwt/example/main.go
@@ -0,0 +1,114 @@
+// Copyright 2011 The goauth2 Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// This program makes a read only call to the Google Cloud Storage API,
+// authenticated with OAuth2. A list of example APIs can be found at
+// https://code.google.com/oauthplayground/
+package main
+
+import (
+	"encoding/json"
+	"flag"
+	"fmt"
+	"io/ioutil"
+	"log"
+	"net/http"
+	"strings"
+
+	"code.google.com/p/goauth2/oauth/jwt"
+)
+
+const scope = "https://www.googleapis.com/auth/devstorage.read_only"
+
+var (
+	secretsFile = flag.String("s", "", "JSON encoded secrets for the service account")
+	pemFile     = flag.String("k", "", "private pem key file for the service account")
+)
+
+const usageMsg = `
+You must specify -k and -s.
+
+To obtain client secrets and pem, see the "OAuth 2 Credentials" section under
+the "API Access" tab on this page: https://code.google.com/apis/console/
+
+Google Cloud Storage must also be turned on in the API console.
+`
+
+func main() {
+	flag.Parse()
+
+	if *secretsFile == "" || *pemFile == "" {
+		flag.Usage()
+		fmt.Println(usageMsg)
+		return
+	}
+
+	// Read the secret file bytes into the config.
+	secretBytes, err := ioutil.ReadFile(*secretsFile)
+	if err != nil {
+		log.Fatal("error reading secerets file:", err)
+	}
+	var config struct {
+		Web struct {
+			ClientEmail string `json:"client_email"`
+			ClientID    string `json:"client_id"`
+			TokenURI    string `json:"token_uri"`
+		}
+	}
+	err = json.Unmarshal(secretBytes, &config)
+	if err != nil {
+		log.Fatal("error unmarshalling secerets:", err)
+	}
+
+	// Get the project ID from the client ID.
+	projectID := strings.SplitN(config.Web.ClientID, "-", 2)[0]
+
+	// Read the pem file bytes for the private key.
+	keyBytes, err := ioutil.ReadFile(*pemFile)
+	if err != nil {
+		log.Fatal("error reading private key file:", err)
+	}
+
+	// Craft the ClaimSet and JWT token.
+	t := jwt.NewToken(config.Web.ClientEmail, scope, keyBytes)
+	t.ClaimSet.Aud = config.Web.TokenURI
+
+	// We need to provide a client.
+	c := &http.Client{}
+
+	// Get the access token.
+	o, err := t.Assert(c)
+	if err != nil {
+		log.Fatal("assertion error:", err)
+	}
+
+	// Refresh token will be missing, but this access_token will be good
+	// for one hour.
+	fmt.Printf("access_token = %v\n", o.AccessToken)
+	fmt.Printf("refresh_token = %v\n", o.RefreshToken)
+	fmt.Printf("expires %v\n", o.Expiry)
+
+	// Form the request to list Google Cloud Storage buckets.
+	req, err := http.NewRequest("GET", "https://storage.googleapis.com/", nil)
+	if err != nil {
+		log.Fatal("http.NewRequest:", err)
+	}
+	req.Header.Set("Authorization", "OAuth "+o.AccessToken)
+	req.Header.Set("x-goog-api-version", "2")
+	req.Header.Set("x-goog-project-id", projectID)
+
+	// Make the request.
+	r, err := c.Do(req)
+	if err != nil {
+		log.Fatal("API request error:", err)
+	}
+	defer r.Body.Close()
+
+	// Write the response to standard output.
+	res, err := ioutil.ReadAll(r.Body)
+	if err != nil {
+		log.Fatal("error reading API request results:", err)
+	}
+	fmt.Printf("\nRESULT:\n%s\n", res)
+}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		{"web":{"auth_uri":"https://accounts.google.com/o/oauth2/auth","token_uri":"https://accounts.google.com/o/oauth2/token","client_email":"XXXXXXXXXXXX@developer.gserviceaccount.com","client_x509_cert_url":"https://www.googleapis.com/robot/v1/metadata/x509/XXXXXXXXXXXX@developer.gserviceaccount.com","client_id":"XXXXXXXXXXXX.apps.googleusercontent.com","auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs"}}