zydronium/google-nomulus

Fork 0

mirror of https://github.com/google/nomulus.git synced 2025-05-02 04:57:51 +02:00

Commit graph

Author SHA1 Message Date

Author	SHA1	Message	Date
jianglai	6352b8a01a	Use self-managed credential in remote api installer RemoteApiOption has a package-private method that takes a Stream representing the content of a JSON and use a GoogleCredential created from it as its credential. This CL uses reflection to change the access modifier of that method in order to supply a credential stream that is self-managed. This is obviously not ideal and prone to breakage in case the getGoogleCredentialStream method is changed. Unfortunately upstream is not willing to make it public citing the reason that GoogleCredential.fromStream() (which getGoogleCredentialStream uses) is a @Beta annotated function (see https://groups.google.com[]forum/#!searchin/domain-registry-eng/remoteapioptions%7Csort:date/domain-registry-eng/Flsah6skszQ/CySZv2XEBwAJ). However this function is introduced 5 years ago as a public function (`b857184bfa`). I think at this point it is safe to assume that it is part of the widely used APIs and will not change without sufficient notice. Note here that RemoteApiOptions creates its own copy of GoogleCredential to be used to call App Engine APIs locally, whereas communications to Nomulus endpoints use the Credential provided in AuthModule. Even though both credentials are created from the same client id, client secret and refresh token (the three elements needed to construct a GoogleCredential this way, see https://github.com/googleapis/google-api-java-client/blob/master/google-api-client/src/main/java/com/google/api/client/googleapis/auth/oauth2/GoogleCredential.java#L842), their refreshes cycles are independent of each other. I verified that refreshing one of the credential does not invalidate the access token of the other credential, as long as it is not expired yet. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=224156131	2018-12-05 16:02:28 -05:00
mmuller	5ff56ac7a0	Make "throws" clause use IOException Now that we've updated the oauth java6 package in the open source build, we can safely replace "Exception" with "IOException" in the throws clause of the method that calls AuthorizationCodeInstalledApp.authorize(). ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=156057190	2017-05-17 12:17:40 -04:00
mmuller	5614760d53	Implement login/logout commands Refactor the auth code into its own dagger module, add tests and use the new interfaces to implement the login and logout commands. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=149108266	2017-03-07 13:45:11 -05:00

jianglai

6352b8a01a

Use self-managed credential in remote api installer

RemoteApiOption has a package-private method that takes a Stream representing the content of a JSON and use a GoogleCredential created from it as its credential. This CL uses reflection to change the access modifier of that method in order to supply a credential stream that is self-managed. This is obviously not ideal and prone to breakage in case the getGoogleCredentialStream method is changed. Unfortunately upstream is not willing to make it public citing the reason that GoogleCredential.fromStream() (which getGoogleCredentialStream uses) is a @Beta annotated function (see https://groups.google.com[]forum/#!searchin/domain-registry-eng/remoteapioptions%7Csort:date/domain-registry-eng/Flsah6skszQ/CySZv2XEBwAJ). However this function is introduced 5 years ago as a public function (b857184bfa). I think at this point it is safe to assume that it is part of the widely used APIs and will not change without sufficient notice.

Note here that RemoteApiOptions creates its own copy of GoogleCredential to be used to call App Engine APIs locally, whereas communications to Nomulus endpoints use the Credential provided in AuthModule. Even though both credentials are created from the same client id, client secret and refresh token (the three elements needed to construct a GoogleCredential this way, see https://github.com/googleapis/google-api-java-client/blob/master/google-api-client/src/main/java/com/google/api/client/googleapis/auth/oauth2/GoogleCredential.java#L842), their refreshes cycles are independent of each other. I verified that refreshing one of the credential does not invalidate the access token of the other credential, as long as it is not expired yet.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=224156131

2018-12-05 16:02:28 -05:00

mmuller

5ff56ac7a0

Make "throws" clause use IOException

Now that we've updated the oauth java6 package in the open source build, we
can safely replace "Exception" with "IOException" in the throws clause of the
method that calls AuthorizationCodeInstalledApp.authorize().

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=156057190

2017-05-17 12:17:40 -04:00

mmuller

5614760d53

Implement login/logout commands

Refactor the auth code into its own dagger module, add tests and use the new interfaces to implement the login and logout commands.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=149108266

2017-03-07 13:45:11 -05:00

3 commits