googleauth 0.14.0 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (80) hide show
  1. checksums.yaml +4 -4
  2. data/.yardopts +11 -0
  3. data/CHANGELOG.md +72 -10
  4. data/README.md +48 -13
  5. data/SECURITY.md +7 -0
  6. data/lib/googleauth/application_default.rb +10 -25
  7. data/lib/googleauth/client_id.rb +10 -25
  8. data/lib/googleauth/compute_engine.rb +16 -30
  9. data/lib/googleauth/credentials.rb +178 -74
  10. data/lib/googleauth/credentials_loader.rb +23 -44
  11. data/lib/googleauth/default_credentials.rb +10 -25
  12. data/lib/googleauth/iam.rb +11 -26
  13. data/lib/googleauth/id_tokens/errors.rb +9 -23
  14. data/lib/googleauth/id_tokens/key_sources.rb +26 -38
  15. data/lib/googleauth/id_tokens/verifier.rb +16 -32
  16. data/lib/googleauth/id_tokens.rb +9 -23
  17. data/lib/googleauth/json_key_reader.rb +10 -25
  18. data/lib/googleauth/scope_util.rb +11 -26
  19. data/lib/googleauth/service_account.rb +60 -59
  20. data/lib/googleauth/signet.rb +22 -28
  21. data/lib/googleauth/stores/file_token_store.rb +11 -25
  22. data/lib/googleauth/stores/redis_token_store.rb +11 -25
  23. data/lib/googleauth/token_store.rb +10 -25
  24. data/lib/googleauth/user_authorizer.rb +10 -25
  25. data/lib/googleauth/user_refresh.rb +15 -27
  26. data/lib/googleauth/version.rb +11 -26
  27. data/lib/googleauth/web_user_authorizer.rb +14 -32
  28. data/lib/googleauth.rb +10 -25
  29. metadata +26 -97
  30. data/.github/CODEOWNERS +0 -7
  31. data/.github/CONTRIBUTING.md +0 -74
  32. data/.github/ISSUE_TEMPLATE/bug_report.md +0 -36
  33. data/.github/ISSUE_TEMPLATE/feature_request.md +0 -21
  34. data/.github/ISSUE_TEMPLATE/support_request.md +0 -7
  35. data/.gitignore +0 -36
  36. data/.kokoro/build.bat +0 -16
  37. data/.kokoro/build.sh +0 -4
  38. data/.kokoro/continuous/common.cfg +0 -24
  39. data/.kokoro/continuous/linux.cfg +0 -25
  40. data/.kokoro/continuous/osx.cfg +0 -8
  41. data/.kokoro/continuous/post.cfg +0 -30
  42. data/.kokoro/continuous/windows.cfg +0 -29
  43. data/.kokoro/osx.sh +0 -4
  44. data/.kokoro/presubmit/common.cfg +0 -24
  45. data/.kokoro/presubmit/linux.cfg +0 -24
  46. data/.kokoro/presubmit/osx.cfg +0 -8
  47. data/.kokoro/presubmit/windows.cfg +0 -29
  48. data/.kokoro/release.cfg +0 -94
  49. data/.kokoro/trampoline.bat +0 -10
  50. data/.kokoro/trampoline.sh +0 -4
  51. data/.repo-metadata.json +0 -5
  52. data/.rspec +0 -2
  53. data/.rubocop.yml +0 -19
  54. data/Gemfile +0 -30
  55. data/Rakefile +0 -132
  56. data/googleauth.gemspec +0 -38
  57. data/integration/helper.rb +0 -31
  58. data/integration/id_tokens/key_source_test.rb +0 -74
  59. data/rakelib/devsite_builder.rb +0 -45
  60. data/rakelib/link_checker.rb +0 -64
  61. data/rakelib/repo_metadata.rb +0 -59
  62. data/spec/googleauth/apply_auth_examples.rb +0 -171
  63. data/spec/googleauth/client_id_spec.rb +0 -160
  64. data/spec/googleauth/compute_engine_spec.rb +0 -160
  65. data/spec/googleauth/credentials_spec.rb +0 -478
  66. data/spec/googleauth/get_application_default_spec.rb +0 -286
  67. data/spec/googleauth/iam_spec.rb +0 -80
  68. data/spec/googleauth/scope_util_spec.rb +0 -77
  69. data/spec/googleauth/service_account_spec.rb +0 -489
  70. data/spec/googleauth/signet_spec.rb +0 -142
  71. data/spec/googleauth/stores/file_token_store_spec.rb +0 -57
  72. data/spec/googleauth/stores/redis_token_store_spec.rb +0 -50
  73. data/spec/googleauth/stores/store_examples.rb +0 -58
  74. data/spec/googleauth/user_authorizer_spec.rb +0 -343
  75. data/spec/googleauth/user_refresh_spec.rb +0 -359
  76. data/spec/googleauth/web_user_authorizer_spec.rb +0 -172
  77. data/spec/spec_helper.rb +0 -92
  78. data/test/helper.rb +0 -33
  79. data/test/id_tokens/key_sources_test.rb +0 -240
  80. data/test/id_tokens/verifier_test.rb +0 -269
@@ -1,31 +1,16 @@
1
- # Copyright 2017, Google Inc.
2
- # All rights reserved.
1
+ # Copyright 2017 Google, Inc.
3
2
  #
4
- # Redistribution and use in source and binary forms, with or without
5
- # modification, are permitted provided that the following conditions are
6
- # met:
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
7
6
  #
8
- # * Redistributions of source code must retain the above copyright
9
- # notice, this list of conditions and the following disclaimer.
10
- # * Redistributions in binary form must reproduce the above
11
- # copyright notice, this list of conditions and the following disclaimer
12
- # in the documentation and/or other materials provided with the
13
- # distribution.
14
- # * Neither the name of Google Inc. nor the names of its
15
- # contributors may be used to endorse or promote products derived from
16
- # this software without specific prior written permission.
7
+ # http://www.apache.org/licenses/LICENSE-2.0
17
8
  #
18
- # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19
- # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20
- # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21
- # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22
- # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23
- # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24
- # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25
- # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26
- # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27
- # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28
- # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
29
14
 
30
15
  require "forwardable"
31
16
  require "json"
@@ -36,9 +21,46 @@ require "googleauth/credentials_loader"
36
21
  module Google
37
22
  module Auth
38
23
  ##
39
- # Credentials is responsible for representing the authentication when connecting to an API. This
40
- # class is also intended to be inherited by API-specific classes.
41
- class Credentials
24
+ # Credentials is a high-level base class used by Google's API client
25
+ # libraries to represent the authentication when connecting to an API.
26
+ # In most cases, it is subclassed by API-specific credential classes that
27
+ # can be instantiated by clients.
28
+ #
29
+ # ## Options
30
+ #
31
+ # Credentials classes are configured with options that dictate default
32
+ # values for parameters such as scope and audience. These defaults are
33
+ # expressed as class attributes, and may differ from endpoint to endpoint.
34
+ # Normally, an API client will provide subclasses specific to each
35
+ # endpoint, configured with appropriate values.
36
+ #
37
+ # Note that these options inherit up the class hierarchy. If a particular
38
+ # options is not set for a subclass, its superclass is queried.
39
+ #
40
+ # Some older users of this class set options via constants. This usage is
41
+ # deprecated. For example, instead of setting the `AUDIENCE` constant on
42
+ # your subclass, call the `audience=` method.
43
+ #
44
+ # ## Example
45
+ #
46
+ # class MyCredentials < Google::Auth::Credentials
47
+ # # Set the default scope for these credentials
48
+ # self.scope = "http://example.com/my_scope"
49
+ # end
50
+ #
51
+ # # creds is a credentials object suitable for Google API clients
52
+ # creds = MyCredentials.default
53
+ # creds.scope # => ["http://example.com/my_scope"]
54
+ #
55
+ # class SubCredentials < MyCredentials
56
+ # # Override the default scope for this subclass
57
+ # self.scope = "http://example.com/sub_scope"
58
+ # end
59
+ #
60
+ # creds2 = SubCredentials.default
61
+ # creds2.scope # => ["http://example.com/sub_scope"]
62
+ #
63
+ class Credentials # rubocop:disable Metrics/ClassLength
42
64
  ##
43
65
  # The default token credential URI to be used when none is provided during initialization.
44
66
  TOKEN_CREDENTIAL_URI = "https://oauth2.googleapis.com/token".freeze
@@ -47,7 +69,7 @@ module Google
47
69
  # The default target audience ID to be used when none is provided during initialization.
48
70
  AUDIENCE = "https://oauth2.googleapis.com/token".freeze
49
71
 
50
- @audience = @scope = @target_audience = @env_vars = @paths = nil
72
+ @audience = @scope = @target_audience = @env_vars = @paths = @token_credential_uri = nil
51
73
 
52
74
  ##
53
75
  # The default token credential URI to be used when none is provided during initialization.
@@ -57,16 +79,15 @@ module Google
57
79
  # @return [String]
58
80
  #
59
81
  def self.token_credential_uri
60
- return @token_credential_uri unless @token_credential_uri.nil?
61
-
62
- const_get :TOKEN_CREDENTIAL_URI if const_defined? :TOKEN_CREDENTIAL_URI
82
+ lookup_auth_param :token_credential_uri do
83
+ lookup_local_constant :TOKEN_CREDENTIAL_URI
84
+ end
63
85
  end
64
86
 
65
87
  ##
66
88
  # Set the default token credential URI to be used when none is provided during initialization.
67
89
  #
68
90
  # @param [String] new_token_credential_uri
69
- # @return [String]
70
91
  #
71
92
  def self.token_credential_uri= new_token_credential_uri
72
93
  @token_credential_uri = new_token_credential_uri
@@ -79,16 +100,15 @@ module Google
79
100
  # @return [String]
80
101
  #
81
102
  def self.audience
82
- return @audience unless @audience.nil?
83
-
84
- const_get :AUDIENCE if const_defined? :AUDIENCE
103
+ lookup_auth_param :audience do
104
+ lookup_local_constant :AUDIENCE
105
+ end
85
106
  end
86
107
 
87
108
  ##
88
109
  # Sets the default target audience ID to be used when none is provided during initialization.
89
110
  #
90
111
  # @param [String] new_audience
91
- # @return [String]
92
112
  #
93
113
  def self.audience= new_audience
94
114
  @audience = new_audience
@@ -103,12 +123,13 @@ module Google
103
123
  # If {#scope} is set, this credential will produce access tokens.
104
124
  # If {#target_audience} is set, this credential will produce ID tokens.
105
125
  #
106
- # @return [String, Array<String>]
126
+ # @return [String, Array<String>, nil]
107
127
  #
108
128
  def self.scope
109
- return @scope unless @scope.nil?
110
-
111
- Array(const_get(:SCOPE)).flatten.uniq if const_defined? :SCOPE
129
+ lookup_auth_param :scope do
130
+ vals = lookup_local_constant :SCOPE
131
+ vals ? Array(vals).flatten.uniq : nil
132
+ end
112
133
  end
113
134
 
114
135
  ##
@@ -118,8 +139,7 @@ module Google
118
139
  # If {#scope} is set, this credential will produce access tokens.
119
140
  # If {#target_audience} is set, this credential will produce ID tokens.
120
141
  #
121
- # @param [String, Array<String>] new_scope
122
- # @return [String, Array<String>]
142
+ # @param [String, Array<String>, nil] new_scope
123
143
  #
124
144
  def self.scope= new_scope
125
145
  new_scope = Array new_scope unless new_scope.nil?
@@ -134,10 +154,10 @@ module Google
134
154
  # If {#scope} is set, this credential will produce access tokens.
135
155
  # If {#target_audience} is set, this credential will produce ID tokens.
136
156
  #
137
- # @return [String]
157
+ # @return [String, nil]
138
158
  #
139
159
  def self.target_audience
140
- @target_audience
160
+ lookup_auth_param :target_audience
141
161
  end
142
162
 
143
163
  ##
@@ -148,7 +168,7 @@ module Google
148
168
  # If {#scope} is set, this credential will produce access tokens.
149
169
  # If {#target_audience} is set, this credential will produce ID tokens.
150
170
  #
151
- # @param [String] new_target_audience
171
+ # @param [String, nil] new_target_audience
152
172
  #
153
173
  def self.target_audience= new_target_audience
154
174
  @target_audience = new_target_audience
@@ -157,24 +177,33 @@ module Google
157
177
  ##
158
178
  # The environment variables to search for credentials. Values can either be a file path to the
159
179
  # credentials file, or the JSON contents of the credentials file.
180
+ # The env_vars will never be nil. If there are no vars, the empty array is returned.
160
181
  #
161
182
  # @return [Array<String>]
162
183
  #
163
184
  def self.env_vars
164
- return @env_vars unless @env_vars.nil?
185
+ env_vars_internal || []
186
+ end
165
187
 
166
- # Pull values when PATH_ENV_VARS or JSON_ENV_VARS constants exists.
167
- tmp_env_vars = []
168
- tmp_env_vars << const_get(:PATH_ENV_VARS) if const_defined? :PATH_ENV_VARS
169
- tmp_env_vars << const_get(:JSON_ENV_VARS) if const_defined? :JSON_ENV_VARS
170
- tmp_env_vars.flatten.uniq
188
+ ##
189
+ # @private
190
+ # Internal recursive lookup for env_vars.
191
+ #
192
+ def self.env_vars_internal
193
+ lookup_auth_param :env_vars, :env_vars_internal do
194
+ # Pull values when PATH_ENV_VARS or JSON_ENV_VARS constants exists.
195
+ path_env_vars = lookup_local_constant :PATH_ENV_VARS
196
+ json_env_vars = lookup_local_constant :JSON_ENV_VARS
197
+ (Array(path_env_vars) + Array(json_env_vars)).flatten.uniq if path_env_vars || json_env_vars
198
+ end
171
199
  end
172
200
 
173
201
  ##
174
202
  # Sets the environment variables to search for credentials.
203
+ # Setting to `nil` "unsets" the value, and defaults to the superclass
204
+ # (or to the empty array if there is no superclass).
175
205
  #
176
- # @param [Array<String>] new_env_vars
177
- # @return [Array<String>]
206
+ # @param [String, Array<String>, nil] new_env_vars
178
207
  #
179
208
  def self.env_vars= new_env_vars
180
209
  new_env_vars = Array new_env_vars unless new_env_vars.nil?
@@ -183,29 +212,72 @@ module Google
183
212
 
184
213
  ##
185
214
  # The file paths to search for credentials files.
215
+ # The paths will never be nil. If there are no paths, the empty array is returned.
186
216
  #
187
217
  # @return [Array<String>]
188
218
  #
189
219
  def self.paths
190
- return @paths unless @paths.nil?
220
+ paths_internal || []
221
+ end
191
222
 
192
- tmp_paths = []
193
- # Pull in values is the DEFAULT_PATHS constant exists.
194
- tmp_paths << const_get(:DEFAULT_PATHS) if const_defined? :DEFAULT_PATHS
195
- tmp_paths.flatten.uniq
223
+ ##
224
+ # @private
225
+ # Internal recursive lookup for paths.
226
+ #
227
+ def self.paths_internal
228
+ lookup_auth_param :paths, :paths_internal do
229
+ # Pull in values if the DEFAULT_PATHS constant exists.
230
+ vals = lookup_local_constant :DEFAULT_PATHS
231
+ vals ? Array(vals).flatten.uniq : nil
232
+ end
196
233
  end
197
234
 
198
235
  ##
199
236
  # Set the file paths to search for credentials files.
237
+ # Setting to `nil` "unsets" the value, and defaults to the superclass
238
+ # (or to the empty array if there is no superclass).
200
239
  #
201
- # @param [Array<String>] new_paths
202
- # @return [Array<String>]
240
+ # @param [String, Array<String>, nil] new_paths
203
241
  #
204
242
  def self.paths= new_paths
205
243
  new_paths = Array new_paths unless new_paths.nil?
206
244
  @paths = new_paths
207
245
  end
208
246
 
247
+ ##
248
+ # @private
249
+ # Return the given parameter value, defaulting up the class hierarchy.
250
+ #
251
+ # First returns the value of the instance variable, if set.
252
+ # Next, calls the given block if provided. (This is generally used to
253
+ # look up legacy constant-based values.)
254
+ # Otherwise, calls the superclass method if present.
255
+ # Returns nil if all steps fail.
256
+ #
257
+ # @param name [Symbol] The parameter name
258
+ # @param method_name [Symbol] The lookup method name, if different
259
+ # @return [Object] The value
260
+ #
261
+ def self.lookup_auth_param name, method_name = name
262
+ val = instance_variable_get "@#{name}".to_sym
263
+ val = yield if val.nil? && block_given?
264
+ return val unless val.nil?
265
+ return superclass.send method_name if superclass.respond_to? method_name
266
+ nil
267
+ end
268
+
269
+ ##
270
+ # @private
271
+ # Return the value of the given constant if it is defined directly in
272
+ # this class, or nil if not.
273
+ #
274
+ # @param [Symbol] Name of the constant
275
+ # @return [Object] The value
276
+ #
277
+ def self.lookup_local_constant name
278
+ const_defined?(name, false) ? const_get(name) : nil
279
+ end
280
+
209
281
  ##
210
282
  # The Signet::OAuth2::Client object the Credentials instance is using.
211
283
  #
@@ -282,16 +354,17 @@ module Google
282
354
  verify_keyfile_provided! keyfile
283
355
  @project_id = options["project_id"] || options["project"]
284
356
  @quota_project_id = options["quota_project_id"]
285
- if keyfile.is_a? Signet::OAuth2::Client
357
+ case keyfile
358
+ when Signet::OAuth2::Client
286
359
  update_from_signet keyfile
287
- elsif keyfile.is_a? Hash
360
+ when Hash
288
361
  update_from_hash keyfile, options
289
362
  else
290
363
  update_from_filepath keyfile, options
291
364
  end
292
365
  CredentialsLoader.warn_if_cloud_sdk_credentials @client.client_id
293
366
  @project_id ||= CredentialsLoader.load_gcloud_project_id
294
- @client.fetch_access_token!
367
+ @client.fetch_access_token! if @client.needs_access_token?
295
368
  @env_vars = nil
296
369
  @paths = nil
297
370
  @scope = nil
@@ -336,8 +409,15 @@ module Google
336
409
  env_vars.each do |env_var|
337
410
  str = ENV[env_var]
338
411
  next if str.nil?
339
- return new str, options if ::File.file? str
340
- return new ::JSON.parse(str), options rescue nil
412
+ io =
413
+ if ::File.file? str
414
+ ::StringIO.new ::File.read str
415
+ else
416
+ json = ::JSON.parse str rescue nil
417
+ json ? ::StringIO.new(str) : nil
418
+ end
419
+ next if io.nil?
420
+ return from_io io, options
341
421
  end
342
422
  nil
343
423
  end
@@ -345,11 +425,11 @@ module Google
345
425
  ##
346
426
  # @private Lookup Credentials from default file paths.
347
427
  def self.from_default_paths options
348
- paths
349
- .select { |p| ::File.file? p }
350
- .each do |file|
351
- return new file, options
352
- end
428
+ paths.each do |path|
429
+ next unless path && ::File.file?(path)
430
+ io = ::StringIO.new ::File.read path
431
+ return from_io io, options
432
+ end
353
433
  nil
354
434
  end
355
435
 
@@ -357,14 +437,34 @@ module Google
357
437
  # @private Lookup Credentials using Google::Auth.get_application_default.
358
438
  def self.from_application_default options
359
439
  scope = options[:scope] || self.scope
360
- auth_opts = { target_audience: options[:target_audience] || target_audience }
440
+ auth_opts = {
441
+ token_credential_uri: options[:token_credential_uri] || token_credential_uri,
442
+ audience: options[:audience] || audience,
443
+ target_audience: options[:target_audience] || target_audience,
444
+ enable_self_signed_jwt: options[:enable_self_signed_jwt] && options[:scope].nil?
445
+ }
361
446
  client = Google::Auth.get_application_default scope, auth_opts
362
447
  new client, options
363
448
  end
364
449
 
450
+ # @private Read credentials from a JSON stream.
451
+ def self.from_io io, options
452
+ creds_input = {
453
+ json_key_io: io,
454
+ scope: options[:scope] || scope,
455
+ target_audience: options[:target_audience] || target_audience,
456
+ enable_self_signed_jwt: options[:enable_self_signed_jwt] && options[:scope].nil?,
457
+ token_credential_uri: options[:token_credential_uri] || token_credential_uri,
458
+ audience: options[:audience] || audience
459
+ }
460
+ client = Google::Auth::DefaultCredentials.make_creds creds_input
461
+ new client
462
+ end
463
+
365
464
  private_class_method :from_env_vars,
366
465
  :from_default_paths,
367
- :from_application_default
466
+ :from_application_default,
467
+ :from_io
368
468
 
369
469
  protected
370
470
 
@@ -389,9 +489,11 @@ module Google
389
489
 
390
490
  # returns a new Hash with string keys instead of symbol keys.
391
491
  def stringify_hash_keys hash
392
- Hash[hash.map { |k, v| [k.to_s, v] }]
492
+ hash.to_h.transform_keys(&:to_s)
393
493
  end
394
494
 
495
+ # rubocop:disable Metrics/AbcSize
496
+
395
497
  def client_options options
396
498
  # Keyfile options have higher priority over constructor defaults
397
499
  options["token_credential_uri"] ||= self.class.token_credential_uri
@@ -413,6 +515,8 @@ module Google
413
515
  signing_key: OpenSSL::PKey::RSA.new(options["private_key"]) }
414
516
  end
415
517
 
518
+ # rubocop:enable Metrics/AbcSize
519
+
416
520
  def update_from_signet client
417
521
  @project_id ||= client.project_id if client.respond_to? :project_id
418
522
  @quota_project_id ||= client.quota_project_id if client.respond_to? :quota_project_id
@@ -1,33 +1,17 @@
1
- # Copyright 2015, Google Inc.
2
- # All rights reserved.
1
+ # Copyright 2015 Google, Inc.
3
2
  #
4
- # Redistribution and use in source and binary forms, with or without
5
- # modification, are permitted provided that the following conditions are
6
- # met:
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
7
6
  #
8
- # * Redistributions of source code must retain the above copyright
9
- # notice, this list of conditions and the following disclaimer.
10
- # * Redistributions in binary form must reproduce the above
11
- # copyright notice, this list of conditions and the following disclaimer
12
- # in the documentation and/or other materials provided with the
13
- # distribution.
14
- # * Neither the name of Google Inc. nor the names of its
15
- # contributors may be used to endorse or promote products derived from
16
- # this software without specific prior written permission.
7
+ # http://www.apache.org/licenses/LICENSE-2.0
17
8
  #
18
- # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19
- # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20
- # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21
- # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22
- # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23
- # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24
- # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25
- # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26
- # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27
- # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28
- # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29
-
30
- require "memoist"
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
14
+
31
15
  require "os"
32
16
  require "rbconfig"
33
17
 
@@ -38,7 +22,6 @@ module Google
38
22
  # CredentialsLoader contains the behaviour used to locate and find default
39
23
  # credentials files on the file system.
40
24
  module CredentialsLoader
41
- extend Memoist
42
25
  ENV_VAR = "GOOGLE_APPLICATION_CREDENTIALS".freeze
43
26
  PRIVATE_KEY_VAR = "GOOGLE_PRIVATE_KEY".freeze
44
27
  CLIENT_EMAIL_VAR = "GOOGLE_CLIENT_EMAIL".freeze
@@ -49,27 +32,23 @@ module Google
49
32
  PROJECT_ID_VAR = "GOOGLE_PROJECT_ID".freeze
50
33
  GCLOUD_POSIX_COMMAND = "gcloud".freeze
51
34
  GCLOUD_WINDOWS_COMMAND = "gcloud.cmd".freeze
52
- GCLOUD_CONFIG_COMMAND =
53
- "config config-helper --format json --verbosity none".freeze
35
+ GCLOUD_CONFIG_COMMAND = "config config-helper --format json --verbosity none".freeze
54
36
 
55
37
  CREDENTIALS_FILE_NAME = "application_default_credentials.json".freeze
56
- NOT_FOUND_ERROR =
57
- "Unable to read the credential file specified by #{ENV_VAR}".freeze
38
+ NOT_FOUND_ERROR = "Unable to read the credential file specified by #{ENV_VAR}".freeze
58
39
  WELL_KNOWN_PATH = "gcloud/#{CREDENTIALS_FILE_NAME}".freeze
59
40
  WELL_KNOWN_ERROR = "Unable to read the default credential file".freeze
60
41
 
61
- SYSTEM_DEFAULT_ERROR =
62
- "Unable to read the system default credential file".freeze
42
+ SYSTEM_DEFAULT_ERROR = "Unable to read the system default credential file".freeze
63
43
 
64
- CLOUD_SDK_CLIENT_ID = "764086051850-6qr4p6gpi6hn506pt8ejuq83di341hur.app"\
65
- "s.googleusercontent.com".freeze
44
+ CLOUD_SDK_CLIENT_ID = "764086051850-6qr4p6gpi6hn506pt8ejuq83di341hur.app" \
45
+ "s.googleusercontent.com".freeze
66
46
 
67
- CLOUD_SDK_CREDENTIALS_WARNING = "Your application has authenticated using end user "\
68
- "credentials from Google Cloud SDK. We recommend that most server applications use "\
69
- "service accounts instead. If your application continues to use end user credentials "\
70
- 'from Cloud SDK, you might receive a "quota exceeded" or "API not enabled" error. For '\
71
- "more information about service accounts, see "\
72
- "https://cloud.google.com/docs/authentication/. To suppress this message, set the "\
47
+ CLOUD_SDK_CREDENTIALS_WARNING =
48
+ "Your application has authenticated using end user credentials from Google Cloud SDK. We recommend that most " \
49
+ "server applications use service accounts instead. If your application continues to use end user credentials " \
50
+ 'from Cloud SDK, you might receive a "quota exceeded" or "API not enabled" error. For more information about ' \
51
+ "service accounts, see https://cloud.google.com/docs/authentication/. To suppress this message, set the " \
73
52
  "GOOGLE_AUTH_SUPPRESS_CREDENTIALS_WARNINGS environment variable.".freeze
74
53
 
75
54
  # make_creds proxies the construction of a credentials instance
@@ -103,7 +82,7 @@ module Google
103
82
  return make_creds options.merge(json_key_io: f)
104
83
  end
105
84
  elsif service_account_env_vars? || authorized_user_env_vars?
106
- return make_creds options
85
+ make_creds options
107
86
  end
108
87
  rescue StandardError => e
109
88
  raise "#{NOT_FOUND_ERROR}: #{e}"
@@ -175,7 +154,7 @@ module Google
175
154
  def load_gcloud_project_id
176
155
  gcloud = GCLOUD_WINDOWS_COMMAND if OS.windows?
177
156
  gcloud = GCLOUD_POSIX_COMMAND unless OS.windows?
178
- gcloud_json = IO.popen("#{gcloud} #{GCLOUD_CONFIG_COMMAND}", &:read)
157
+ gcloud_json = IO.popen("#{gcloud} #{GCLOUD_CONFIG_COMMAND}", in: :close, err: :close, &:read)
179
158
  config = MultiJson.load gcloud_json
180
159
  config["configuration"]["properties"]["core"]["project"]
181
160
  rescue StandardError
@@ -1,31 +1,16 @@
1
- # Copyright 2015, Google Inc.
2
- # All rights reserved.
1
+ # Copyright 2015 Google, Inc.
3
2
  #
4
- # Redistribution and use in source and binary forms, with or without
5
- # modification, are permitted provided that the following conditions are
6
- # met:
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
7
6
  #
8
- # * Redistributions of source code must retain the above copyright
9
- # notice, this list of conditions and the following disclaimer.
10
- # * Redistributions in binary form must reproduce the above
11
- # copyright notice, this list of conditions and the following disclaimer
12
- # in the documentation and/or other materials provided with the
13
- # distribution.
14
- # * Neither the name of Google Inc. nor the names of its
15
- # contributors may be used to endorse or promote products derived from
16
- # this software without specific prior written permission.
7
+ # http://www.apache.org/licenses/LICENSE-2.0
17
8
  #
18
- # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19
- # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20
- # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21
- # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22
- # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23
- # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24
- # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25
- # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26
- # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27
- # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28
- # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
29
14
 
30
15
  require "multi_json"
31
16
  require "stringio"
@@ -1,31 +1,16 @@
1
- # Copyright 2015, Google Inc.
2
- # All rights reserved.
1
+ # Copyright 2015 Google, Inc.
3
2
  #
4
- # Redistribution and use in source and binary forms, with or without
5
- # modification, are permitted provided that the following conditions are
6
- # met:
3
+ # Licensed under the Apache License, Version 2.0 (the "License");
4
+ # you may not use this file except in compliance with the License.
5
+ # You may obtain a copy of the License at
7
6
  #
8
- # * Redistributions of source code must retain the above copyright
9
- # notice, this list of conditions and the following disclaimer.
10
- # * Redistributions in binary form must reproduce the above
11
- # copyright notice, this list of conditions and the following disclaimer
12
- # in the documentation and/or other materials provided with the
13
- # distribution.
14
- # * Neither the name of Google Inc. nor the names of its
15
- # contributors may be used to endorse or promote products derived from
16
- # this software without specific prior written permission.
7
+ # http://www.apache.org/licenses/LICENSE-2.0
17
8
  #
18
- # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19
- # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20
- # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21
- # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22
- # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23
- # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24
- # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25
- # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26
- # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27
- # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28
- # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
9
+ # Unless required by applicable law or agreed to in writing, software
10
+ # distributed under the License is distributed on an "AS IS" BASIS,
11
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
+ # See the License for the specific language governing permissions and
13
+ # limitations under the License.
29
14
 
30
15
  require "googleauth/signet"
31
16
  require "googleauth/credentials_loader"
@@ -68,7 +53,7 @@ module Google
68
53
  # Returns a reference to the #apply method, suitable for passing as
69
54
  # a closure
70
55
  def updater_proc
71
- lambda(&method(:apply))
56
+ proc { |a_hash, _opts = {}| apply a_hash }
72
57
  end
73
58
  end
74
59
  end