zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-05-13 16:07:15 +02:00
Code Issues Projects Releases Packages Wiki Activity

Introduce simplified Default credential provision

Browse source 
As the first step in credential consolidation, we replace
injection of application default credential in for KMS and
Drive.

Tests:
- for Drive, tested with exportDomainLists and exportReservedTerms.
- For KMS, used CLI commands (get_keyring_secret and update_kms_keyring) to change and
  restore secret for one key.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=211819859
This commit is contained in:
weiminyu 2018-09-06 09:29:21 -07:00 committed by jianglai
parent 4c3207647f
commit 9436ce6f0e
15 changed files with 148 additions and 42 deletions
Download patch file Download diff file Expand all files Collapse all files

14
java/google/registry/keyring/kms/KmsModule.java
View file

@ -14,17 +14,13 @@
package google.registry.keyring.kms;
import com.google.api.client.http.HttpRequestInitializer;
import com.google.api.client.http.HttpTransport;
import com.google.api.client.json.JsonFactory;
import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
import com.google.api.services.cloudkms.v1.CloudKMS;
import com.google.api.services.cloudkms.v1.CloudKMSScopes;
import dagger.Binds;
import dagger.Module;
import dagger.Provides;
import google.registry.config.CredentialModule.DefaultCredential;
import google.registry.config.RegistryConfig.Config;
import java.util.Set;
import java.util.function.Function;
/** Dagger module for Cloud KMS connection objects. */
@Module
@ -32,11 +28,9 @@ public abstract class KmsModule {
@Provides
static CloudKMS provideKms(
HttpTransport transport,
JsonFactory jsonFactory,
Function<Set<String>, ? extends HttpRequestInitializer> credential,
@DefaultCredential GoogleCredential credential,
@Config("cloudKmsProjectId") String projectId) {
return new CloudKMS.Builder(transport, jsonFactory, credential.apply(CloudKMSScopes.all()))
return new CloudKMS.Builder(credential.getTransport(), credential.getJsonFactory(), credential)
.setApplicationName(projectId)
.build();
}