ResiLien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #3553 from lwander/f-gcp-oauth 

provider/google: OAuth2 support
This commit is contained in:
Dave Cunningham 2015-10-22 00:44:16 -04:00
parent 932f0ddbeb bba2c3221d
commit 53b64909ec
2 changed files with 17 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
builtin/providers/google/config.go
View File

@ -36,6 +36,13 @@ type Config struct {
func (c *Config) loadAndValidate() error { func (c *Config) loadAndValidate() error {
var account accountFile var account accountFile
clientScopes := []string{
"https://www.googleapis.com/auth/compute",
"https://www.googleapis.com/auth/cloud-platform",
"https://www.googleapis.com/auth/ndev.clouddns.readwrite",
"https://www.googleapis.com/auth/devstorage.full_control",
}
if c.AccountFile == "" { if c.AccountFile == "" {
c.AccountFile = os.Getenv("GOOGLE_ACCOUNT_FILE") c.AccountFile = os.Getenv("GOOGLE_ACCOUNT_FILE")
@ -79,13 +86,6 @@ func (c *Config) loadAndValidate() error {
} }
} }
clientScopes := []string{
"https://www.googleapis.com/auth/compute",
"https://www.googleapis.com/auth/cloud-platform",
"https://www.googleapis.com/auth/ndev.clouddns.readwrite",
"https://www.googleapis.com/auth/devstorage.full_control",
}
// Get the token for use in our requests // Get the token for use in our requests
log.Printf("[INFO] Requesting Google token...") log.Printf("[INFO] Requesting Google token...")
log.Printf("[INFO] -- Email: %s", account.ClientEmail) log.Printf("[INFO] -- Email: %s", account.ClientEmail)
@ -105,16 +105,12 @@ func (c *Config) loadAndValidate() error {
client = conf.Client(oauth2.NoContext) client = conf.Client(oauth2.NoContext)
} else { } else {
log.Printf("[INFO] Requesting Google token via GCE Service Role...") log.Printf("[INFO] Authenticating using DefaultClient");
client = &http.Client{ err := error(nil)
Transport: &oauth2.Transport{ client, err = google.DefaultClient(oauth2.NoContext, clientScopes...)
// Fetch from Google Compute Engine's metadata server to retrieve if err != nil {
// an access token for the provided account. return err
// If no account is specified, "default" is used.
Source: google.ComputeTokenSource(""),
},
} }
} }
// Build UserAgent // Build UserAgent

6
builtin/providers/google/provider.go
View File

@ -15,7 +15,7 @@ func Provider() terraform.ResourceProvider {
Schema: map[string]*schema.Schema{ Schema: map[string]*schema.Schema{
"account_file": &schema.Schema{ "account_file": &schema.Schema{
Type: schema.TypeString, Type: schema.TypeString,
Required: true, Optional: true,
DefaultFunc: schema.EnvDefaultFunc("GOOGLE_ACCOUNT_FILE", nil), DefaultFunc: schema.EnvDefaultFunc("GOOGLE_ACCOUNT_FILE", nil),
ValidateFunc: validateAccountFile, ValidateFunc: validateAccountFile,
}, },
@ -78,6 +78,10 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) {
} }
func validateAccountFile(v interface{}, k string) (warnings []string, errors []error) { func validateAccountFile(v interface{}, k string) (warnings []string, errors []error) {
if v == nil {
return
}
value := v.(string) value := v.(string)
if value == "" { if value == "" {