diff --git a/java/google/registry/module/backend/BackendComponent.java b/java/google/registry/module/backend/BackendComponent.java index 53073e658..9ef32033a 100644 --- a/java/google/registry/module/backend/BackendComponent.java +++ b/java/google/registry/module/backend/BackendComponent.java @@ -32,14 +32,11 @@ import google.registry.keyring.kms.KmsModule; import google.registry.module.backend.BackendRequestComponent.BackendRequestComponentModule; import google.registry.monitoring.whitebox.StackdriverModule; import google.registry.rde.JSchModule; -import google.registry.request.Modules.AppIdentityCredentialModule; import google.registry.request.Modules.DatastoreServiceModule; -import google.registry.request.Modules.GoogleCredentialModule; import google.registry.request.Modules.Jackson2Module; import google.registry.request.Modules.NetHttpTransportModule; import google.registry.request.Modules.URLFetchServiceModule; import google.registry.request.Modules.UrlFetchTransportModule; -import google.registry.request.Modules.UseAppIdentityCredentialForGoogleApisModule; import google.registry.request.Modules.UserServiceModule; import google.registry.request.auth.AuthModule; import google.registry.util.AppEngineServiceUtilsImpl.AppEngineServiceUtilsModule; @@ -52,7 +49,6 @@ import javax.inject.Singleton; @Component( modules = { AppEngineServiceUtilsModule.class, - AppIdentityCredentialModule.class, AuthModule.class, BackendRequestComponentModule.class, BigqueryModule.class, @@ -63,7 +59,6 @@ import javax.inject.Singleton; google.registry.keyring.api.DummyKeyringModule.class, DriveModule.class, GcsServiceModule.class, - GoogleCredentialModule.class, GroupsModule.class, GroupssettingsModule.class, JSchModule.class, @@ -77,7 +72,6 @@ import javax.inject.Singleton; SystemSleeperModule.class, URLFetchServiceModule.class, UrlFetchTransportModule.class, - UseAppIdentityCredentialForGoogleApisModule.class, UserServiceModule.class, VoidDnsWriterModule.class, }) diff --git a/java/google/registry/module/frontend/FrontendComponent.java b/java/google/registry/module/frontend/FrontendComponent.java index 263f4b6b7..ee2e04792 100644 --- a/java/google/registry/module/frontend/FrontendComponent.java +++ b/java/google/registry/module/frontend/FrontendComponent.java @@ -25,12 +25,9 @@ import google.registry.keyring.api.KeyModule; import google.registry.keyring.kms.KmsModule; import google.registry.module.frontend.FrontendRequestComponent.FrontendRequestComponentModule; import google.registry.monitoring.whitebox.StackdriverModule; -import google.registry.request.Modules.AppIdentityCredentialModule; -import google.registry.request.Modules.GoogleCredentialModule; import google.registry.request.Modules.Jackson2Module; import google.registry.request.Modules.NetHttpTransportModule; import google.registry.request.Modules.UrlFetchTransportModule; -import google.registry.request.Modules.UseAppIdentityCredentialForGoogleApisModule; import google.registry.request.Modules.UserServiceModule; import google.registry.request.auth.AuthModule; import google.registry.ui.ConsoleDebug.ConsoleConfigModule; @@ -44,7 +41,6 @@ import javax.inject.Singleton; @Component( modules = { AppEngineServiceUtilsModule.class, - AppIdentityCredentialModule.class, AuthModule.class, ConfigModule.class, ConsoleConfigModule.class, @@ -52,7 +48,6 @@ import javax.inject.Singleton; CustomLogicFactoryModule.class, google.registry.keyring.api.DummyKeyringModule.class, FrontendRequestComponentModule.class, - GoogleCredentialModule.class, Jackson2Module.class, KeyModule.class, KmsModule.class, @@ -62,7 +57,6 @@ import javax.inject.Singleton; SystemClockModule.class, SystemSleeperModule.class, UrlFetchTransportModule.class, - UseAppIdentityCredentialForGoogleApisModule.class, UserServiceModule.class, }) interface FrontendComponent { diff --git a/java/google/registry/module/pubapi/PubApiComponent.java b/java/google/registry/module/pubapi/PubApiComponent.java index da606f81b..383ba559c 100644 --- a/java/google/registry/module/pubapi/PubApiComponent.java +++ b/java/google/registry/module/pubapi/PubApiComponent.java @@ -25,12 +25,9 @@ import google.registry.keyring.api.KeyModule; import google.registry.keyring.kms.KmsModule; import google.registry.module.pubapi.PubApiRequestComponent.PubApiRequestComponentModule; import google.registry.monitoring.whitebox.StackdriverModule; -import google.registry.request.Modules.AppIdentityCredentialModule; -import google.registry.request.Modules.GoogleCredentialModule; import google.registry.request.Modules.Jackson2Module; import google.registry.request.Modules.NetHttpTransportModule; import google.registry.request.Modules.UrlFetchTransportModule; -import google.registry.request.Modules.UseAppIdentityCredentialForGoogleApisModule; import google.registry.request.Modules.UserServiceModule; import google.registry.request.auth.AuthModule; import google.registry.util.AppEngineServiceUtilsImpl.AppEngineServiceUtilsModule; @@ -43,14 +40,12 @@ import javax.inject.Singleton; @Component( modules = { AppEngineServiceUtilsModule.class, - AppIdentityCredentialModule.class, AuthModule.class, ConfigModule.class, CredentialModule.class, CustomLogicFactoryModule.class, google.registry.keyring.api.DummyKeyringModule.class, PubApiRequestComponentModule.class, - GoogleCredentialModule.class, Jackson2Module.class, KeyModule.class, KmsModule.class, @@ -60,7 +55,6 @@ import javax.inject.Singleton; SystemClockModule.class, SystemSleeperModule.class, UrlFetchTransportModule.class, - UseAppIdentityCredentialForGoogleApisModule.class, UserServiceModule.class, }) interface PubApiComponent { diff --git a/java/google/registry/module/tools/ToolsComponent.java b/java/google/registry/module/tools/ToolsComponent.java index 26495260a..bcf3b296b 100644 --- a/java/google/registry/module/tools/ToolsComponent.java +++ b/java/google/registry/module/tools/ToolsComponent.java @@ -27,13 +27,10 @@ import google.registry.groups.GroupssettingsModule; import google.registry.keyring.api.KeyModule; import google.registry.keyring.kms.KmsModule; import google.registry.module.tools.ToolsRequestComponent.ToolsRequestComponentModule; -import google.registry.request.Modules.AppIdentityCredentialModule; import google.registry.request.Modules.DatastoreServiceModule; -import google.registry.request.Modules.GoogleCredentialModule; import google.registry.request.Modules.Jackson2Module; import google.registry.request.Modules.NetHttpTransportModule; import google.registry.request.Modules.UrlFetchTransportModule; -import google.registry.request.Modules.UseAppIdentityCredentialForGoogleApisModule; import google.registry.request.Modules.UserServiceModule; import google.registry.request.auth.AuthModule; import google.registry.util.AppEngineServiceUtilsImpl.AppEngineServiceUtilsModule; @@ -46,7 +43,6 @@ import javax.inject.Singleton; @Component( modules = { AppEngineServiceUtilsModule.class, - AppIdentityCredentialModule.class, AuthModule.class, ConfigModule.class, CredentialModule.class, @@ -56,7 +52,6 @@ import javax.inject.Singleton; google.registry.keyring.api.DummyKeyringModule.class, DriveModule.class, GcsServiceModule.class, - GoogleCredentialModule.class, GroupsModule.class, GroupssettingsModule.class, Jackson2Module.class, @@ -68,7 +63,6 @@ import javax.inject.Singleton; SystemSleeperModule.class, ToolsRequestComponentModule.class, UrlFetchTransportModule.class, - UseAppIdentityCredentialForGoogleApisModule.class, UserServiceModule.class, }) interface ToolsComponent { diff --git a/java/google/registry/request/Modules.java b/java/google/registry/request/Modules.java index 5b9cdf0ff..af043552a 100644 --- a/java/google/registry/request/Modules.java +++ b/java/google/registry/request/Modules.java @@ -15,13 +15,9 @@ package google.registry.request; import static com.google.appengine.api.datastore.DatastoreServiceFactory.getDatastoreService; -import static java.nio.charset.StandardCharsets.UTF_8; import com.google.api.client.extensions.appengine.http.UrlFetchTransport; -import com.google.api.client.googleapis.auth.oauth2.GoogleCredential; -import com.google.api.client.googleapis.extensions.appengine.auth.oauth2.AppIdentityCredential; import com.google.api.client.googleapis.javanet.GoogleNetHttpTransport; -import com.google.api.client.http.HttpRequestInitializer; import com.google.api.client.http.HttpTransport; import com.google.api.client.http.javanet.NetHttpTransport; import com.google.api.client.json.JsonFactory; @@ -31,15 +27,8 @@ import com.google.appengine.api.urlfetch.URLFetchService; import com.google.appengine.api.urlfetch.URLFetchServiceFactory; import com.google.appengine.api.users.UserService; import com.google.appengine.api.users.UserServiceFactory; -import dagger.Binds; import dagger.Module; import dagger.Provides; -import google.registry.keyring.api.KeyModule.Key; -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.util.Set; -import java.util.function.Function; -import javax.inject.Provider; import javax.inject.Singleton; /** Dagger modules for App Engine services and other vendor classes. */ @@ -120,88 +109,4 @@ public final class Modules { } } } - - /** - * Dagger module providing {@link AppIdentityCredential}. - * - *

This can be used to authenticate to Google APIs using the identity of your GAE app. - * - * @see UseAppIdentityCredentialForGoogleApisModule - */ - @Module - public static final class AppIdentityCredentialModule { - @Provides - static Function, AppIdentityCredential> provideAppIdentityCredential() { - return AppIdentityCredential::new; - } - } - - /** - * Dagger module causing Google APIs requests to be authorized with your GAE app identity. - * - *

You must also use the {@link AppIdentityCredentialModule}. - */ - @Module - public abstract static class UseAppIdentityCredentialForGoogleApisModule { - @Binds - abstract Function, ? extends HttpRequestInitializer> provideHttpRequestInitializer( - Function, AppIdentityCredential> credential); - } - - /** - * Module indicating Google API requests should be authorized with JSON {@link GoogleCredential}. - * - *

This is useful when configuring a component that runs the registry outside of the App Engine - * environment, for example, in a command line environment. - * - *

You must also use the {@link GoogleCredentialModule}. - */ - @Module - public abstract static class UseGoogleCredentialForGoogleApisModule { - @Binds - abstract Function, ? extends HttpRequestInitializer> provideHttpRequestInitializer( - Function, GoogleCredential> credential); - } - - /** - * Dagger module providing {@link GoogleCredential} from a JSON key file contents. - * - *

This satisfies the {@link HttpRequestInitializer} interface for authenticating Google APIs - * requests, just like {@link AppIdentityCredential}. - * - *

But we consider GAE authentication more desirable and easier to manage operations-wise. So - * this authentication method should only be used for the following situations: - * - *

    - *
  1. Locally-running programs (which aren't executing on the App Engine platform) - *
  2. Spreadsheet service (which can't use {@link AppIdentityCredential} due to an old library) - *
- * - * @see google.registry.keyring.api.Keyring#getJsonCredential() - */ - @Module - public static final class GoogleCredentialModule { - - @Provides - @Singleton - static GoogleCredential provideGoogleCredential( - NetHttpTransport netHttpTransport, - JsonFactory jsonFactory, - @Key("jsonCredential") String jsonCredential) { - try { - return GoogleCredential.fromStream( - new ByteArrayInputStream(jsonCredential.getBytes(UTF_8)), - netHttpTransport, - jsonFactory); - } catch (IOException e) { - throw new RuntimeException(e); - } - } - - @Provides - static Function, GoogleCredential> provideScopedGoogleCredential( - final Provider googleCredentialProvider) { - return scopes -> googleCredentialProvider.get().createScoped(scopes); - } - } } diff --git a/java/google/registry/tools/RegistryToolComponent.java b/java/google/registry/tools/RegistryToolComponent.java index e069ff12d..6dbae7c08 100644 --- a/java/google/registry/tools/RegistryToolComponent.java +++ b/java/google/registry/tools/RegistryToolComponent.java @@ -24,13 +24,10 @@ import google.registry.dns.writer.dnsupdate.DnsUpdateWriterModule; import google.registry.keyring.api.KeyModule; import google.registry.keyring.kms.KmsModule; import google.registry.rde.RdeModule; -import google.registry.request.Modules.AppIdentityCredentialModule; import google.registry.request.Modules.DatastoreServiceModule; -import google.registry.request.Modules.GoogleCredentialModule; import google.registry.request.Modules.Jackson2Module; import google.registry.request.Modules.URLFetchServiceModule; import google.registry.request.Modules.UrlFetchTransportModule; -import google.registry.request.Modules.UseAppIdentityCredentialForGoogleApisModule; import google.registry.request.Modules.UserServiceModule; import google.registry.util.AppEngineServiceUtilsImpl.AppEngineServiceUtilsModule; import google.registry.util.SystemClock.SystemClockModule; @@ -50,7 +47,6 @@ import javax.inject.Singleton; AppEngineConnectionFlags.FlagsModule.class, AppEngineServiceUtilsModule.class, // TODO(b/36866706): Find a way to replace this with a command-line friendly version - AppIdentityCredentialModule.class, AuthModule.class, BigqueryModule.class, ConfigModule.class, @@ -61,7 +57,6 @@ import javax.inject.Singleton; DefaultRequestFactoryModule.class, DefaultRequestFactoryModule.RequestFactoryModule.class, DnsUpdateWriterModule.class, - GoogleCredentialModule.class, Jackson2Module.class, KeyModule.class, KmsModule.class, @@ -71,8 +66,6 @@ import javax.inject.Singleton; SystemSleeperModule.class, URLFetchServiceModule.class, UrlFetchTransportModule.class, - // TODO(b/36866706): Find a way to replace this with a command-line friendly version - UseAppIdentityCredentialForGoogleApisModule.class, UserServiceModule.class, VoidDnsWriterModule.class, WhoisModule.class,