func Client(ctx context.Context, config *oauth2.Config, options ...Option) (*http.Client, *oauth2.Token, error) {
o := processOpts(options)
if o.filecache != nil {
tok, err := o.filecache.Token()
if err == nil {
o.tok = tok
}
}
if o.tok != nil {
tok, err := config.TokenSource(ctx, o.tok).Token()
if err == nil {
return config.Client(ctx, tok), tok, nil
}
}
tok, err := ExecuteFlow(ctx, config, options...)
if err != nil {
return nil, nil, err
}
if o.filecache != nil {
_ = o.filecache.Write(tok)
}
return config.Client(ctx, tok), tok, nil
}
// NewRefreshTokenSource returns a token source that obtains its initial token
// based on the provided config and the refresh token.
func NewRefreshTokenSource(config *oauth2.Config, refreshToken string) oauth2.TokenSource {
var noInitialToken *oauth2.Token = nil
return oauth2.ReuseTokenSource(noInitialToken, config.TokenSource(
oauth2.NoContext, // TODO: maybe accept a context later.
&oauth2.Token{RefreshToken: refreshToken},
))
}
/*
This auth function is a bootstrap until better integration with
gcloud auth can be provided. To use, set (and export) the environment
variable GCLOUD_APIS_REFRESH_TOKEN to a valid refresh token, which can
usually be acquired via $(gcloud auth print-refresh-token). In the
future, gcloud_apis will be able to fetch credential information from
the same place as gcloud, and will be usable without setting this
environment variable.
*/
func getAuthenticatedClient() (*http.Client, error) {
conf := oauth2.Config{
ClientID: "32555940559.apps.googleusercontent.com",
ClientSecret: "ZmssLNjJy2998hD4CTg2ejr2",
Endpoint: oauth2.Endpoint{
AuthURL: "https://accounts.google.com/o/oauth2/auth",
TokenURL: "https://accounts.google.com/o/oauth2/token",
},
Scopes: []string{"https://www.googleapis.com/auth/cloud-platform"},
}
var ts oauth2.TokenSource
refreshToken := os.Getenv("GCLOUD_APIS_REFRESH_TOKEN")
if refreshToken == "" {
ts = cliTokenSource{}
} else {
token := &oauth2.Token{
RefreshToken: refreshToken,
}
ts = conf.TokenSource(oauth2.NoContext, token)
}
oauth2Transport := &oauth2.Transport{
Source: ts,
}
client := &http.Client{
Transport: gcloudTransport{oauth2Transport},
}
return client, nil
}
func main() {
if len(os.Args) == 1 {
fmt.Println("Usage: gauthtoken REFRESH_TOKEN")
os.Exit(1)
}
conf := oauth2.Config{
ClientID: "32555940559.apps.googleusercontent.com",
ClientSecret: "ZmssLNjJy2998hD4CTg2ejr2",
Endpoint: google.Endpoint,
RedirectURL: "oob",
}
refreshToken := &oauth2.Token{
AccessToken: "",
RefreshToken: os.Args[1],
Expiry: time.Now().UTC(),
}
token, err := conf.TokenSource(oauth2.NoContext, refreshToken).Token()
if err != nil {
log.Fatalln(err)
}
fmt.Println(token.AccessToken)
}
// newCachingTokenSource creates a new instance of CachingTokenSource that
// caches the token in cacheFilePath. ctx and config are used to create and
// retrieve the token in the first place.
// If no token is available it will run though the oauth flow for an
// installed app.
func newCachingTokenSource(cacheFilePath string, ctx context.Context, config *oauth2.Config) (oauth2.TokenSource, error) {
var tok *oauth2.Token = nil
var err error
if cacheFilePath == "" {
glog.Warningf("cacheFilePath is empty. Not caching auth token.")
} else if _, err = os.Stat(cacheFilePath); err == nil {
// If the file exists. Load from disk.
f, err := os.Open(cacheFilePath)
if err != nil {
return nil, err
}
tok = &oauth2.Token{}
if err = json.NewDecoder(f).Decode(tok); err != nil {
return nil, err
}
} else if !os.IsNotExist(err) {
return nil, err
}
// If there was no token, we run through the flow.
if tok == nil {
// Run through the flow.
url := config.AuthCodeURL("state", oauth2.AccessTypeOffline)
fmt.Printf("Your browser has been opened to visit:\n\n%s\n\nEnter the verification code:", url)
var code string
if _, err = fmt.Scan(&code); err != nil {
return nil, err
}
tok, err = config.Exchange(ctx, code)
if err != nil {
return nil, err
}
if err = saveToken(cacheFilePath, tok); err != nil {
return nil, err
}
glog.Infof("token: %v", tok)
}
// We have a token at this point.
tokenSource := config.TokenSource(ctx, tok)
return &cachingTokenSource{
cacheFilePath: cacheFilePath,
tokenSource: tokenSource,
lastToken: tok,
}, nil
}
// NewClient gets a token from the config file and configures a Client
// with it
func NewClient(name string, config *oauth2.Config) (*http.Client, error) {
token, err := getToken(name)
if err != nil {
return nil, err
}
// Set our own http client in the context
ctx := Context()
// Wrap the TokenSource in our TokenSource which saves changed
// tokens in the config file
ts := &tokenSource{
Name: name,
OldToken: *token,
TokenSource: config.TokenSource(ctx, token),
}
return oauth2.NewClient(ctx, ts), nil
}
func FileSource(path string, token *oauth2.Token, conf *oauth2.Config) oauth2.TokenSource {
return &fileSource{
tokenPath: path,
tokenSource: conf.TokenSource(oauth2.NoContext, token),
}
}
