From 0a17e92795c3816a4c583bbffda92fc827832f2d Mon Sep 17 00:00:00 2001
From: Matt Duftler <duftler@google.com>
Date: Thu, 17 Oct 2019 17:19:47 -0400
Subject: [PATCH] refactor(gcs): Bump kork version and update google
 credentials to latest style. (#605)

---
 front50-gcs/front50-gcs.gradle                |  1 +
 .../front50/model/GcsStorageService.java      | 29 ++++++++++---------
 gradle.properties                             |  1 +
 3 files changed, 17 insertions(+), 14 deletions(-)

diff --git a/front50-gcs/front50-gcs.gradle b/front50-gcs/front50-gcs.gradle
index d0f8da708..6e35a008a 100644
--- a/front50-gcs/front50-gcs.gradle
+++ b/front50-gcs/front50-gcs.gradle
@@ -24,6 +24,7 @@ dependencies {
   implementation "com.netflix.spinnaker.clouddriver:clouddriver-google-common:$clouddriverVersion"
   implementation "org.apache.commons:commons-lang3"
   implementation "com.google.apis:google-api-services-storage"
+  implementation 'com.google.auth:google-auth-library-oauth2-http'
   implementation "com.netflix.spinnaker.kork:kork-hystrix"
   implementation "com.netflix.spinnaker.kork:kork-security"
   implementation "net.logstash.logback:logstash-logback-encoder"
diff --git a/front50-gcs/src/main/java/com/netflix/spinnaker/front50/model/GcsStorageService.java b/front50-gcs/src/main/java/com/netflix/spinnaker/front50/model/GcsStorageService.java
index 3763e6d98..d72cf08dc 100644
--- a/front50-gcs/src/main/java/com/netflix/spinnaker/front50/model/GcsStorageService.java
+++ b/front50-gcs/src/main/java/com/netflix/spinnaker/front50/model/GcsStorageService.java
@@ -20,7 +20,6 @@
 
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
-import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
 import com.google.api.client.googleapis.javanet.GoogleNetHttpTransport;
 import com.google.api.client.googleapis.services.AbstractGoogleClientRequest;
 import com.google.api.client.http.ByteArrayContent;
@@ -36,6 +35,8 @@
 import com.google.api.services.storage.model.Bucket;
 import com.google.api.services.storage.model.Objects;
 import com.google.api.services.storage.model.StorageObject;
+import com.google.auth.http.HttpCredentialsAdapter;
+import com.google.auth.oauth2.GoogleCredentials;
 import com.google.common.annotations.VisibleForTesting;
 import com.google.common.collect.ImmutableMap;
 import com.netflix.spectator.api.Clock;
@@ -112,22 +113,23 @@ public ObjectMapper getObjectMapper() {
     return this.objectMapper;
   }
 
-  private GoogleCredential loadCredential(
-      HttpTransport transport, JsonFactory factory, String jsonPath) throws IOException {
-    GoogleCredential credential;
+  private GoogleCredentials loadCredential(String jsonPath) throws IOException {
+    GoogleCredentials credentials = null;
+
     if (!jsonPath.isEmpty()) {
       FileInputStream stream = new FileInputStream(jsonPath);
-      credential =
-          GoogleCredential.fromStream(stream, transport, factory)
-              .createScoped(Collections.singleton(StorageScopes.DEVSTORAGE_FULL_CONTROL));
+      credentials = GoogleCredentials.fromStream(stream);
       log.info("Loaded credentials from {}", value("jsonPath", jsonPath));
     } else {
       log.info(
           "spinnaker.gcs.enabled without spinnaker.gcs.jsonPath. "
               + "Using default application credentials. Using default credentials.");
-      credential = GoogleCredential.getApplicationDefault();
+      credentials = GoogleCredentials.getApplicationDefault();
     }
-    return credential;
+
+    return credentials.createScopedRequired()
+        ? credentials.createScoped(Collections.singleton(StorageScopes.DEVSTORAGE_FULL_CONTROL))
+        : credentials;
   }
 
   @VisibleForTesting
@@ -218,11 +220,11 @@ public GcsStorageService(
     try {
       HttpTransport httpTransport = GoogleNetHttpTransport.newTrustedTransport();
       JsonFactory jsonFactory = JacksonFactory.getDefaultInstance();
-      GoogleCredential credential = loadCredential(httpTransport, jsonFactory, credentialsPath);
+      GoogleCredentials credentials = loadCredential(credentialsPath);
       HttpRequestInitializer requestInitializer =
-          new HttpRequestInitializer() {
+          new HttpCredentialsAdapter(credentials) {
             public void initialize(HttpRequest request) throws IOException {
-              credential.initialize(request);
+              super.initialize(request);
               request.setConnectTimeout(connectTimeoutSec * 1000);
               request.setReadTimeout(readTimeoutSec * 1000);
             }
@@ -230,9 +232,8 @@ public void initialize(HttpRequest request) throws IOException {
 
       String applicationName = "Spinnaker/" + applicationVersion;
       storage =
-          new Storage.Builder(httpTransport, jsonFactory, credential)
+          new Storage.Builder(httpTransport, jsonFactory, requestInitializer)
               .setApplicationName(applicationName)
-              .setHttpRequestInitializer(requestInitializer)
               .build();
     } catch (IOException | java.security.GeneralSecurityException e) {
       throw new IllegalStateException(e);
diff --git a/gradle.properties b/gradle.properties
index ba66e22ed..be0c4c665 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -2,6 +2,7 @@
 clouddriverVersion=5.3.0
 fiatVersion=1.5.1
 enablePublishing=false
+korkVersion=6.12.2
 spinnakerGradleVersion=7.0.1
 korkVersion=6.12.1
 includeProviders=azure,gcs,oracle,redis,s3,swift,sql