-
Notifications
You must be signed in to change notification settings - Fork 1
/
oauth2.go
78 lines (63 loc) · 2.43 KB
/
oauth2.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
package gcp
import (
"context"
"fmt"
"golang.org/x/oauth2"
"golang.org/x/oauth2/google"
"golang.org/x/oauth2/jwt"
)
// This function is a method of the `Gcp` struct and is used to obtain an OAuth2 access token for a
// given set of scopes. It takes in a variable number of scope strings as arguments and returns an
// `oauth2.Token` and an error.
func (g *Gcp) GetOAuth2AccessToken(scope []string) (*oauth2.Token, error) {
ctx := context.Background()
if scope == nil {
scope = g.scope
}
jwt, err := getJwtConfig(g.keyByte, g.scope)
if err != nil {
return nil, err
}
token, err := jwt.TokenSource(ctx).Token()
if err != nil {
return nil, fmt.Errorf("failed to obtain Access Token from JWT config with scope %s <%w>", scope, err)
}
return token, nil
}
// This is a method of the `Gcp` struct that is used to obtain an OAuth2 ID token for a given set of
// scopes. It takes in a variable number of scope strings as arguments and returns an `oauth2.Token`
// and an error. It first checks if the `scope` argument is nil, and if so, it sets it to the default
// `scope` value of the `Gcp` struct. It then calls the `getTokenSource` function to obtain a token
// source with the specified scopes and uses it to obtain the ID token by calling the `Token` method on
// the token source. If there is an error obtaining the token source or the token itself, an error is
// returned.
func (g *Gcp) GetOAuth2IdToken(scope []string) (*oauth2.Token, error) {
if scope == nil {
scope = g.scope
}
ts, err := getTokenSource(g.keyByte, g.scope)
if err != nil {
return nil, err
}
token, err := ts.Token()
if err != nil {
return nil, fmt.Errorf("failed to obtain ID Token from JWT Token Source for scope %s <%w>", scope, err)
}
return token, nil
}
// The function returns a JWT configuration and an error, given a key byte and a scope.
func getJwtConfig(keyByte []byte, scope []string) (*jwt.Config, error) {
jwt, err := google.JWTConfigFromJSON(keyByte, scope...)
if err != nil {
return nil, fmt.Errorf("failed to obtain JWT Config for scope %s <%w>", scope, err)
}
return jwt, nil
}
// The function returns a JWT token source for a given set of credentials and scope.
func getTokenSource(keyByte []byte, scope []string) (oauth2.TokenSource, error) {
ts, err := google.JWTAccessTokenSourceWithScope(keyByte, scope...)
if err != nil {
return nil, fmt.Errorf("failed to obtain JWT Token Source for scope %s <%w>", scope, err)
}
return ts, nil
}