settings.go 4.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140
  1. // Copyright 2017 Google LLC.
  2. // Use of this source code is governed by a BSD-style
  3. // license that can be found in the LICENSE file.
  4. // Package internal supports the options and transport packages.
  5. package internal
  6. import (
  7. "crypto/tls"
  8. "errors"
  9. "net/http"
  10. "golang.org/x/oauth2"
  11. "golang.org/x/oauth2/google"
  12. "google.golang.org/api/internal/impersonate"
  13. "google.golang.org/grpc"
  14. )
  15. // DialSettings holds information needed to establish a connection with a
  16. // Google API service.
  17. type DialSettings struct {
  18. Endpoint string
  19. DefaultEndpoint string
  20. DefaultMTLSEndpoint string
  21. Scopes []string
  22. DefaultScopes []string
  23. EnableJwtWithScope bool
  24. TokenSource oauth2.TokenSource
  25. Credentials *google.Credentials
  26. CredentialsFile string // if set, Token Source is ignored.
  27. CredentialsJSON []byte
  28. UserAgent string
  29. APIKey string
  30. Audiences []string
  31. DefaultAudience string
  32. HTTPClient *http.Client
  33. GRPCDialOpts []grpc.DialOption
  34. GRPCConn *grpc.ClientConn
  35. GRPCConnPool ConnPool
  36. GRPCConnPoolSize int
  37. NoAuth bool
  38. TelemetryDisabled bool
  39. ClientCertSource func(*tls.CertificateRequestInfo) (*tls.Certificate, error)
  40. CustomClaims map[string]interface{}
  41. SkipValidation bool
  42. ImpersonationConfig *impersonate.Config
  43. EnableDirectPath bool
  44. // Google API system parameters. For more information please read:
  45. // https://cloud.google.com/apis/docs/system-parameters
  46. QuotaProject string
  47. RequestReason string
  48. }
  49. // GetScopes returns the user-provided scopes, if set, or else falls back to the
  50. // default scopes.
  51. func (ds *DialSettings) GetScopes() []string {
  52. if len(ds.Scopes) > 0 {
  53. return ds.Scopes
  54. }
  55. return ds.DefaultScopes
  56. }
  57. // GetAudience returns the user-provided audience, if set, or else falls back to the default audience.
  58. func (ds *DialSettings) GetAudience() string {
  59. if ds.HasCustomAudience() {
  60. return ds.Audiences[0]
  61. }
  62. return ds.DefaultAudience
  63. }
  64. // HasCustomAudience returns true if a custom audience is provided by users.
  65. func (ds *DialSettings) HasCustomAudience() bool {
  66. return len(ds.Audiences) > 0
  67. }
  68. // Validate reports an error if ds is invalid.
  69. func (ds *DialSettings) Validate() error {
  70. if ds.SkipValidation {
  71. return nil
  72. }
  73. hasCreds := ds.APIKey != "" || ds.TokenSource != nil || ds.CredentialsFile != "" || ds.Credentials != nil
  74. if ds.NoAuth && hasCreds {
  75. return errors.New("options.WithoutAuthentication is incompatible with any option that provides credentials")
  76. }
  77. // Credentials should not appear with other options.
  78. // We currently allow TokenSource and CredentialsFile to coexist.
  79. // TODO(jba): make TokenSource & CredentialsFile an error (breaking change).
  80. nCreds := 0
  81. if ds.Credentials != nil {
  82. nCreds++
  83. }
  84. if ds.CredentialsJSON != nil {
  85. nCreds++
  86. }
  87. if ds.CredentialsFile != "" {
  88. nCreds++
  89. }
  90. if ds.APIKey != "" {
  91. nCreds++
  92. }
  93. if ds.TokenSource != nil {
  94. nCreds++
  95. }
  96. if len(ds.Scopes) > 0 && len(ds.Audiences) > 0 {
  97. return errors.New("WithScopes is incompatible with WithAudience")
  98. }
  99. // Accept only one form of credentials, except we allow TokenSource and CredentialsFile for backwards compatibility.
  100. if nCreds > 1 && !(nCreds == 2 && ds.TokenSource != nil && ds.CredentialsFile != "") {
  101. return errors.New("multiple credential options provided")
  102. }
  103. if ds.GRPCConn != nil && ds.GRPCConnPool != nil {
  104. return errors.New("WithGRPCConn is incompatible with WithConnPool")
  105. }
  106. if ds.HTTPClient != nil && ds.GRPCConnPool != nil {
  107. return errors.New("WithHTTPClient is incompatible with WithConnPool")
  108. }
  109. if ds.HTTPClient != nil && ds.GRPCConn != nil {
  110. return errors.New("WithHTTPClient is incompatible with WithGRPCConn")
  111. }
  112. if ds.HTTPClient != nil && ds.GRPCDialOpts != nil {
  113. return errors.New("WithHTTPClient is incompatible with gRPC dial options")
  114. }
  115. if ds.HTTPClient != nil && ds.QuotaProject != "" {
  116. return errors.New("WithHTTPClient is incompatible with QuotaProject")
  117. }
  118. if ds.HTTPClient != nil && ds.RequestReason != "" {
  119. return errors.New("WithHTTPClient is incompatible with RequestReason")
  120. }
  121. if ds.HTTPClient != nil && ds.ClientCertSource != nil {
  122. return errors.New("WithHTTPClient is incompatible with WithClientCertSource")
  123. }
  124. if ds.ClientCertSource != nil && (ds.GRPCConn != nil || ds.GRPCConnPool != nil || ds.GRPCConnPoolSize != 0 || ds.GRPCDialOpts != nil) {
  125. return errors.New("WithClientCertSource is currently only supported for HTTP. gRPC settings are incompatible")
  126. }
  127. if ds.ImpersonationConfig != nil && len(ds.ImpersonationConfig.Scopes) == 0 && len(ds.Scopes) == 0 {
  128. return errors.New("WithImpersonatedCredentials requires scopes being provided")
  129. }
  130. return nil
  131. }