/
cache.go
109 lines (97 loc) · 2.87 KB
/
cache.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
package server
import (
"context"
"encoding/json"
"fmt"
"io/ioutil"
"net/http"
"net/url"
"strconv"
"github.com/ikedam/gtokenserver/internal/util"
"github.com/ikedam/gtokenserver/log"
"golang.org/x/oauth2"
"golang.org/x/oauth2/google"
)
type cachedDefaultCredentials struct {
Credentials *google.Credentials
ClientID string
ProjectID string
email string
numericProjectID int64
}
func newCachedDefaultCredentials(credentials *google.Credentials, projectID string) (*cachedDefaultCredentials, error) {
clientID, err := util.GetIDOfCredentials(credentials)
if err != nil {
return nil, err
}
if projectID == "" {
projectID = credentials.ProjectID
}
return &cachedDefaultCredentials{
Credentials: credentials,
ClientID: clientID,
ProjectID: projectID,
}, nil
}
func (c *cachedDefaultCredentials) GetEmail() (string, error) {
if c.email != "" {
return c.email, nil
}
email, err := util.GetEmailOfCredentials(c.Credentials)
if err != nil {
return "", err
}
c.email = email
return email, nil
}
type projectResponseHolder struct {
ProjectNumber string `json:"projectNumber"`
}
func (c *cachedDefaultCredentials) GetNumericProjectID() (int64, error) {
if c.ProjectID == "" {
return 0, nil
}
if c.numericProjectID != 0 {
return c.numericProjectID, nil
}
// https://cloud.google.com/resource-manager/reference/rest/v1/projects/get
// It sounds really strange, but you need to enable API for service accounts.
// It always works for authorized users.
client := oauth2.NewClient(
context.Background(),
c.Credentials.TokenSource,
)
rsp, err := client.Get(fmt.Sprintf(
"https://cloudresourcemanager.googleapis.com/v1/projects/%v",
url.PathEscape(c.ProjectID),
))
if err != nil {
return 0, fmt.Errorf("failed to resolve numeric project number: %w", err)
}
defer rsp.Body.Close()
body, err := ioutil.ReadAll(rsp.Body)
if err != nil {
return 0, fmt.Errorf("failed to resolve numeric project number: %w", err)
}
if rsp.StatusCode != http.StatusOK {
log.WithField("status", rsp.StatusCode).
WithField("body", string(body)).
Debugf("Unexpected response from project endpoint")
return 0, fmt.Errorf("unexpected response from project endpoint: %v", rsp.StatusCode)
}
var projectResponse projectResponseHolder
if err := json.Unmarshal(body, &projectResponse); err != nil {
log.WithField("body", string(body)).
Debugf("Unexpected response from project endpoint")
return 0, fmt.Errorf("unexpected response from project endpoint: %v", rsp.StatusCode)
}
numericProjectID, err := strconv.ParseInt(projectResponse.ProjectNumber, 10, 64)
if err != nil {
return 0, fmt.Errorf("unexpected response from project endpoint: %w", err)
}
c.numericProjectID = numericProjectID
return numericProjectID, nil
}
func (c *cachedDefaultCredentials) Token() (*oauth2.Token, error) {
return c.Credentials.TokenSource.Token()
}