...

Source file src/cloud.google.com/go/auth/internal/transport/transport.go

Documentation: cloud.google.com/go/auth/internal/transport

     1  // Copyright 2023 Google LLC
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //      http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  // Package transport provided internal helpers for the two transport packages
    16  // (grpctransport and httptransport).
    17  package transport
    18  
    19  import (
    20  	"fmt"
    21  
    22  	"cloud.google.com/go/auth/credentials"
    23  )
    24  
    25  // CloneDetectOptions clones a user set detect option into some new memory that
    26  // we can internally manipulate before sending onto the detect package.
    27  func CloneDetectOptions(oldDo *credentials.DetectOptions) *credentials.DetectOptions {
    28  	if oldDo == nil {
    29  		// it is valid for users not to set this, but we will need to to default
    30  		// some options for them in this case so return some initialized memory
    31  		// to work with.
    32  		return &credentials.DetectOptions{}
    33  	}
    34  	newDo := &credentials.DetectOptions{
    35  		// Simple types
    36  		Audience:          oldDo.Audience,
    37  		Subject:           oldDo.Subject,
    38  		EarlyTokenRefresh: oldDo.EarlyTokenRefresh,
    39  		TokenURL:          oldDo.TokenURL,
    40  		STSAudience:       oldDo.STSAudience,
    41  		CredentialsFile:   oldDo.CredentialsFile,
    42  		UseSelfSignedJWT:  oldDo.UseSelfSignedJWT,
    43  		UniverseDomain:    oldDo.UniverseDomain,
    44  
    45  		// These fields are are pointer types that we just want to use exactly
    46  		// as the user set, copy the ref
    47  		Client:             oldDo.Client,
    48  		AuthHandlerOptions: oldDo.AuthHandlerOptions,
    49  	}
    50  
    51  	// Smartly size this memory and copy below.
    52  	if oldDo.CredentialsJSON != nil {
    53  		newDo.CredentialsJSON = make([]byte, len(oldDo.CredentialsJSON))
    54  		copy(newDo.CredentialsJSON, oldDo.CredentialsJSON)
    55  	}
    56  	if oldDo.Scopes != nil {
    57  		newDo.Scopes = make([]string, len(oldDo.Scopes))
    58  		copy(newDo.Scopes, oldDo.Scopes)
    59  	}
    60  
    61  	return newDo
    62  }
    63  
    64  // ValidateUniverseDomain verifies that the universe domain configured for the
    65  // client matches the universe domain configured for the credentials.
    66  func ValidateUniverseDomain(clientUniverseDomain, credentialsUniverseDomain string) error {
    67  	if clientUniverseDomain != credentialsUniverseDomain {
    68  		return fmt.Errorf(
    69  			"the configured universe domain (%q) does not match the universe "+
    70  				"domain found in the credentials (%q). If you haven't configured "+
    71  				"the universe domain explicitly, \"googleapis.com\" is the default",
    72  			clientUniverseDomain,
    73  			credentialsUniverseDomain)
    74  	}
    75  	return nil
    76  }
    77  

View as plain text