Use new endpoints for GCS backend authentication

[drebes]

Terraform Version

$ terraform -v
Terraform v0.12.7-dev # from master's HEAD

Description

Sorry for breaking the template here but I'm not sure how to best frame this problem within the existing template.

Google recently changed some OAuth 2.0 authorization flow endpoints from being hosted under google.com to googleapis.com domains. This was related to requests issued from within a GCP VPC network under VPC Service Control restricted perimeters where due to DNS changes *.googleapis.com is available but not the other services under *.google.com. Go Oauth client libraries were already updated in golang/oauth2#310 and since then GCP resources are using the right endpoint and work fine, however the GCS backend is not using the client libraries for this and still has the wrong endpoint hardcoded.

In summary, we need to change:

TokenURL: "https://accounts.google.com/o/oauth2/token",

to

TokenURL: "https://oauth2.googleapis.com/token",

I'll send a PR shortly that fixes this.

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.