Switch to new Json credential provisioning

As part of credential consolidation, update the credential provisioing in StackDriver Module. This is the only module that will continue using Json-based credential. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=211878151
2025-05-15 08:57:12 +02:00 · 2018-09-06 15:16:06 -07:00 · 2018-09-06 15:16:06 -07:00 · be18f55640
commit be18f55640
parent 22e1d905b6
3 changed files with 37 additions and 10 deletions
--- a/java/google/registry/config/BUILD
+++ b/java/google/registry/config/BUILD
@ -9,6 +9,7 @@ java_library(
    srcs = glob(["*.java"]),
    resources = glob(["files/*.yaml"]),
    deps = [
        "//java/google/registry/keyring/api",
        "//java/google/registry/util",
        "@com_google_api_client",
        "@com_google_appengine_api_1_0_sdk",
@ -18,6 +19,7 @@ java_library(
        "@com_google_flogger",
        "@com_google_flogger_system_backend",
        "@com_google_guava",
        "@com_google_http_client",
        "@javax_inject",
        "@joda_time",
        "@org_joda_money",
--- a/java/google/registry/config/CredentialModule.java
+++ b/java/google/registry/config/CredentialModule.java
@ -14,12 +14,19 @@
 package google.registry.config;
 import static java.nio.charset.StandardCharsets.UTF_8;
 import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
 import com.google.api.client.googleapis.javanet.GoogleNetHttpTransport;
 import com.google.api.client.googleapis.util.Utils;
 import com.google.common.collect.ImmutableList;
 import dagger.Module;
 import dagger.Provides;
 import google.registry.config.RegistryConfig.Config;
 import google.registry.keyring.api.KeyModule.Key;
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.security.GeneralSecurityException;
 import javax.inject.Qualifier;
 import javax.inject.Singleton;
@ -48,6 +55,30 @@ public abstract class CredentialModule {
    return credential;
  }
  /** Provides a {@link GoogleCredential} from the service account's JSON key file. */
  @JsonCredential
  @Provides
  @Singleton
  public static GoogleCredential provideJsonCredential(
      @Config("credentialOauthScopes") ImmutableList<String> requiredScopes,
      @Key("jsonCredential") String jsonCredential) {
    GoogleCredential credential;
    try {
      credential =
          GoogleCredential.fromStream(
              new ByteArrayInputStream(jsonCredential.getBytes(UTF_8)),
              // We cannot use UrlFetchTransport as that uses App Engine API.
              GoogleNetHttpTransport.newTrustedTransport(),
              Utils.getDefaultJsonFactory());
    } catch (IOException | GeneralSecurityException e) {
      throw new RuntimeException(e);
    }
    if (credential.createScopedRequired()) {
      credential = credential.createScoped(requiredScopes);
    }
    return credential;
  }
  /** Dagger qualifier for the Application Default Credential. */
  @Qualifier
  public @interface DefaultCredential {}
--- a/java/google/registry/monitoring/whitebox/StackdriverModule.java
+++ b/java/google/registry/monitoring/whitebox/StackdriverModule.java
@ -15,10 +15,7 @@
 package google.registry.monitoring.whitebox;
 import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
 import com.google.api.client.http.javanet.NetHttpTransport;
 import com.google.api.client.json.JsonFactory;
 import com.google.api.services.monitoring.v3.Monitoring;
 import com.google.api.services.monitoring.v3.MonitoringScopes;
 import com.google.api.services.monitoring.v3.model.MonitoredResource;
 import com.google.appengine.api.modules.ModulesService;
 import com.google.common.collect.ImmutableMap;
@ -28,9 +25,8 @@ import com.google.monitoring.metrics.MetricWriter;
 import com.google.monitoring.metrics.stackdriver.StackdriverWriter;
 import dagger.Module;
 import dagger.Provides;
 import google.registry.config.CredentialModule.JsonCredential;
 import google.registry.config.RegistryConfig.Config;
 import java.util.Set;
 import java.util.function.Function;
 import org.joda.time.Duration;
 /** Dagger module for Google Stackdriver service connection objects. */
@ -43,11 +39,9 @@ public final class StackdriverModule {
  @Provides
  static Monitoring provideMonitoring(
-      NetHttpTransport transport,
+      @JsonCredential GoogleCredential credential, @Config("projectId") String projectId) {
-      JsonFactory jsonFactory,
+    return new Monitoring.Builder(
-      Function<Set<String>, GoogleCredential> credential,
+            credential.getTransport(), credential.getJsonFactory(), credential)
      @Config("projectId") String projectId) {
    return new Monitoring.Builder(transport, jsonFactory, credential.apply(MonitoringScopes.all()))
        .setApplicationName(projectId)
        .build();
  }