Skip to content

Commit

Permalink
feat: Add x/oauth2/google/externalaccount/aws/ecs package for Google …
Browse files Browse the repository at this point in the history
…Workload Identity Federation via ECS Metadata
  • Loading branch information
ginokent committed Jul 23, 2024
1 parent c8a6774 commit f759e17
Show file tree
Hide file tree
Showing 13 changed files with 783 additions and 146 deletions.
22 changes: 22 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -93,3 +93,25 @@ updates:
dependencies:
patterns:
- "*"

- package-ecosystem: "gomod"
directory: "/x/oauth2"
schedule:
interval: "weekly"
day: "monday"
time: "11:00"
timezone: "Asia/Tokyo"
commit-message:
prefix: "build(go): "
labels:
- "build"
- "dependencies"
- "go"
assignees:
- "ginokent"
reviewers:
- "ginokent"
groups:
dependencies:
patterns:
- "*"
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -17,3 +17,4 @@ coverage.html

# go
/cmd/sandbox/**
go.work.sum
2 changes: 2 additions & 0 deletions .golangci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ linters:
- exhaustivestruct # https://github.com/mbilski/exhaustivestruct
- gci # unnecessary
- goconst # unnecessary
- godot # unnecessary
- godox # unnecessary
- golint # deprecated https://github.com/golang/lint
- gomnd # deprecated https://github.com/tommy-muehle/go-mnd
Expand Down Expand Up @@ -45,6 +46,7 @@ issues:
exclude-rules:
- path: _test\.go
linters:
- canonicalheader
- containedctx
- cyclop
- dupl
Expand Down
1 change: 1 addition & 0 deletions go.work
Original file line number Diff line number Diff line change
Expand Up @@ -6,4 +6,5 @@ use (
./integrationtest
./log/ilog/implementations/zap
./log/ilog/implementations/zerolog
./x/oauth2
)
146 changes: 0 additions & 146 deletions go.work.sum

This file was deleted.

15 changes: 15 additions & 0 deletions x/oauth2/go.mod
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
module github.com/kunitsucom/util.go/x/oauth2

go 1.21

replace github.com/kunitsucom/util.go => ../../../util.go

require (
github.com/kunitsucom/util.go v0.0.0-00010101000000-000000000000
golang.org/x/oauth2 v0.21.0
)

require (
cloud.google.com/go/compute/metadata v0.3.0 // indirect
github.com/google/go-cmp v0.6.0 // indirect
)
6 changes: 6 additions & 0 deletions x/oauth2/go.sum
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
cloud.google.com/go/compute/metadata v0.3.0 h1:Tz+eQXMEqDIKRsmY3cHTL6FVaynIjX2QxYC4trgAKZc=
cloud.google.com/go/compute/metadata v0.3.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k=
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
golang.org/x/oauth2 v0.21.0 h1:tsimM75w1tF/uws5rbeHzIWxEqElMehnc+iW793zsZs=
golang.org/x/oauth2 v0.21.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
64 changes: 64 additions & 0 deletions x/oauth2/google/externalaccount/aws/ecs/credentials.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
package ecs

import (
"context"
"fmt"

"golang.org/x/oauth2/google"
)

type credentialsFromJSONWithParamsConfig struct {
params google.CredentialsParams
tokenSourceConfigOptions []TokenSourceOption
}

type CredentialsFromJSONOption interface {
apply(cfg *credentialsFromJSONWithParamsConfig)
}

// WithCredentialsFromJSONOptionParams sets the google.CredentialsParams for google.CredentialsFromJSONWithParams.
func WithCredentialsFromJSONOptionParams(params google.CredentialsParams) CredentialsFromJSONOption { //nolint:ireturn
return CredentialsFromJSONOptionParams{params: params}
}

type CredentialsFromJSONOptionParams struct{ params google.CredentialsParams }

func (f CredentialsFromJSONOptionParams) apply(cfg *credentialsFromJSONWithParamsConfig) {
cfg.params = f.params
}

// WithCredentialsFromJSONOptionTokenSourceConfigOptions sets the TokenSourceConfigOption for the credentials.
// This allows customization of the token source configuration when creating credentials from JSON.
func WithCredentialsFromJSONOptionTokenSourceConfigOptions(tokenSourceConfigOptions ...TokenSourceOption) CredentialsFromJSONOption { //nolint:ireturn
return CredentialsFromJSONOptionTokenSourceConfigOption{tokenSourceConfigOptions: tokenSourceConfigOptions}
}

type CredentialsFromJSONOptionTokenSourceConfigOption struct {
tokenSourceConfigOptions []TokenSourceOption
}

func (f CredentialsFromJSONOptionTokenSourceConfigOption) apply(cfg *credentialsFromJSONWithParamsConfig) {
cfg.tokenSourceConfigOptions = f.tokenSourceConfigOptions
}

func CredentialsFromJSON(ctx context.Context, jsonData []byte, opts ...CredentialsFromJSONOption) (*google.Credentials, error) {
cfg := &credentialsFromJSONWithParamsConfig{}

for _, opt := range opts {
opt.apply(cfg)
}

var errNewTokenSource error
tokenSource, err := NewTokenSource(ctx, jsonData, cfg.tokenSourceConfigOptions...)
if err == nil {
return &google.Credentials{TokenSource: tokenSource}, nil
}
errNewTokenSource = fmt.Errorf("NewTokenSource: %w", err)

cred, err := google.CredentialsFromJSONWithParams(ctx, jsonData, cfg.params)
if err == nil {
return cred, nil
}

return nil, fmt.Errorf("ecs.NewTokenSource error = %s, google.CredentialsFromJSONWithParams: %w", errNewTokenSource.Error(), err)
}
Loading

0 comments on commit f759e17

Please sign in to comment.