All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.facebook.presto.jdbc.internal.google.auth.oauth2.GoogleCredentials Maven / Gradle / Ivy

The newest version!
/*
 * Copyright 2015, Google Inc. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are
 * met:
 *
 *    * Redistributions of source code must retain the above copyright
 * notice, this list of conditions and the following disclaimer.
 *    * Redistributions in binary form must reproduce the above
 * copyright notice, this list of conditions and the following disclaimer
 * in the documentation and/or other materials provided with the
 * distribution.
 *
 *    * Neither the name of Google Inc. nor the names of its
 * contributors may be used to endorse or promote products derived from
 * this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

package com.facebook.presto.jdbc.internal.google.auth.oauth2;

import com.facebook.presto.jdbc.internal.google.api.client.json.GenericJson;
import com.facebook.presto.jdbc.internal.google.api.client.json.JsonFactory;
import com.facebook.presto.jdbc.internal.google.api.client.json.JsonObjectParser;
import com.facebook.presto.jdbc.internal.google.api.client.util.Preconditions;
import com.facebook.presto.jdbc.internal.google.auth.http.HttpTransportFactory;

import java.io.IOException;
import java.io.InputStream;

import java.util.Collection;

/**
 * Base type for credentials for authorizing calls to Google APIs using OAuth2.
 */
public class GoogleCredentials extends OAuth2Credentials {

  private static final long serialVersionUID = -1522852442442473691L;
  static final String USER_FILE_TYPE = "authorized_user";
  static final String SERVICE_ACCOUNT_FILE_TYPE = "service_account";

  private static final DefaultCredentialsProvider defaultCredentialsProvider =
      new DefaultCredentialsProvider();

  /**
   * Returns the credentials instance from the given access token.
   *
   * @param accessToken the access token
   * @return the credentials instance
   * @deprecated Use {@link #create(AccessToken)} instead. This method will be deleted in a later
   *             version.
   */
  @Deprecated
  public static GoogleCredentials of(AccessToken accessToken) {
    return create(accessToken);
  }

  /**
   * Returns the credentials instance from the given access token.
   *
   * @param accessToken the access token
   * @return the credentials instance
   */
  public static GoogleCredentials create(AccessToken accessToken) {
    return GoogleCredentials.newBuilder().setAccessToken(accessToken).build();
  }

  /**
   * Returns the Application Default Credentials.
   *
   * 

Returns the Application Default Credentials which are used to identify and authorize the * whole application. The following are searched (in order) to find the Application Default * Credentials: *

    *
  1. Credentials file pointed to by the {@code GOOGLE_APPLICATION_CREDENTIALS} environment * variable
  2. *
  3. Credentials provided by the Google Cloud SDK * {@code gcloud auth application-default login} command
  4. *
  5. Google App Engine built-in credentials
  6. *
  7. Google Cloud Shell built-in credentials
  8. *
  9. Google Compute Engine built-in credentials
  10. *
* * @return the credentials instance. * @throws IOException if the credentials cannot be created in the current environment. */ public static GoogleCredentials getApplicationDefault() throws IOException { return getApplicationDefault(OAuth2Utils.HTTP_TRANSPORT_FACTORY); } /** * Returns the Application Default Credentials. * *

Returns the Application Default Credentials which are used to identify and authorize the * whole application. The following are searched (in order) to find the Application Default * Credentials: *

    *
  1. Credentials file pointed to by the {@code GOOGLE_APPLICATION_CREDENTIALS} environment * variable
  2. *
  3. Credentials provided by the Google Cloud SDK * {@code gcloud auth application-default login} command
  4. *
  5. Google App Engine built-in credentials
  6. *
  7. Google Cloud Shell built-in credentials
  8. *
  9. Google Compute Engine built-in credentials
  10. *
* * @param transportFactory HTTP transport factory, creates the transport used to get access * tokens. * @return the credentials instance. * @throws IOException if the credentials cannot be created in the current environment. **/ public static GoogleCredentials getApplicationDefault(HttpTransportFactory transportFactory) throws IOException { Preconditions.checkNotNull(transportFactory); return defaultCredentialsProvider.getDefaultCredentials(transportFactory); } /** * Returns credentials defined by a JSON file stream. * *

The stream can contain a Service Account key file in JSON format from the Google Developers * Console or a stored user credential using the format supported by the Cloud SDK.

* * @param credentialsStream the stream with the credential definition. * @return the credential defined by the credentialsStream. * @throws IOException if the credential cannot be created from the stream. **/ public static GoogleCredentials fromStream(InputStream credentialsStream) throws IOException { return fromStream(credentialsStream, OAuth2Utils.HTTP_TRANSPORT_FACTORY); } /** * Returns credentials defined by a JSON file stream. * *

The stream can contain a Service Account key file in JSON format from the Google Developers * Console or a stored user credential using the format supported by the Cloud SDK.

* * @param credentialsStream the stream with the credential definition. * @param transportFactory HTTP transport factory, creates the transport used to get access * tokens. * @return the credential defined by the credentialsStream. * @throws IOException if the credential cannot be created from the stream. **/ public static GoogleCredentials fromStream(InputStream credentialsStream, HttpTransportFactory transportFactory) throws IOException { Preconditions.checkNotNull(credentialsStream); Preconditions.checkNotNull(transportFactory); JsonFactory jsonFactory = OAuth2Utils.JSON_FACTORY; JsonObjectParser parser = new JsonObjectParser(jsonFactory); GenericJson fileContents = parser.parseAndClose( credentialsStream, OAuth2Utils.UTF_8, GenericJson.class); String fileType = (String) fileContents.get("type"); if (fileType == null) { throw new IOException("Error reading credentials from stream, 'type' field not specified."); } if (USER_FILE_TYPE.equals(fileType)) { return UserCredentials.fromJson(fileContents, transportFactory); } if (SERVICE_ACCOUNT_FILE_TYPE.equals(fileType)) { return ServiceAccountCredentials.fromJson(fileContents, transportFactory); } throw new IOException(String.format( "Error reading credentials from stream, 'type' value '%s' not recognized." + " Expecting '%s' or '%s'.", fileType, USER_FILE_TYPE, SERVICE_ACCOUNT_FILE_TYPE)); } /** * Default constructor. **/ protected GoogleCredentials() { this(null); } /** * Constructor with explicit access token. * * @param accessToken Initial or temporary access token. * @deprecated Use {@link #create(AccessToken)} instead. This constructor will either be deleted * or made protected/private in a later version. **/ @Deprecated public GoogleCredentials(AccessToken accessToken) { super(accessToken); } public static Builder newBuilder() { return new Builder(); } public Builder toBuilder() { return new Builder(this); } /** * Indicates whether the credentials require scopes to be specified via a call to * {@link GoogleCredentials#createScoped} before use. * * @return Whether the credentials require scopes to be specified. */ public boolean createScopedRequired() { return false; } /** * If the credentials support scopes, creates a copy of the the identity with the specified * scopes; otherwise, returns the same instance. * * @param scopes Collection of scopes to request. * @return GoogleCredentials with requested scopes. */ public GoogleCredentials createScoped(Collection scopes) { return this; } /** * If the credentials support domain-wide delegation, creates a copy * of the identity so that it impersonates the specified user; * otherwise, returns the same instance. * * @param user User to impersonate. * @return GoogleCredentials with a delegated user. */ public GoogleCredentials createDelegated(String user) { return this; } public static class Builder extends OAuth2Credentials.Builder { protected Builder() {} protected Builder(GoogleCredentials credentials) { setAccessToken(credentials.getAccessToken()); } public GoogleCredentials build() { return new GoogleCredentials(getAccessToken()); } @Override public Builder setAccessToken(AccessToken token) { super.setAccessToken(token); return this; } } }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy