You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@beam.apache.org by lc...@apache.org on 2016/11/07 21:23:20 UTC
[1/2] incubator-beam git commit: [BEAM-725] Migrate to use the
generic credentials library compatible with Apiary and gRPC instead of the
Apiary only credentials library.
Repository: incubator-beam
Updated Branches:
refs/heads/master b5f847355 -> baa7fb031
[BEAM-725] Migrate to use the generic credentials library compatible with Apiary and gRPC instead of the Apiary only credentials library.
Project: http://git-wip-us.apache.org/repos/asf/incubator-beam/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-beam/commit/bb260ecd
Tree: http://git-wip-us.apache.org/repos/asf/incubator-beam/tree/bb260ecd
Diff: http://git-wip-us.apache.org/repos/asf/incubator-beam/diff/bb260ecd
Branch: refs/heads/master
Commit: bb260ecd34e14a29e7939912a101b3733e379248
Parents: b5f8473
Author: Luke Cwik <lc...@google.com>
Authored: Mon Nov 7 09:40:38 2016 -0800
Committer: Luke Cwik <lc...@google.com>
Committed: Mon Nov 7 13:08:39 2016 -0800
----------------------------------------------------------------------
pom.xml | 21 ++
runners/google-cloud-dataflow-java/pom.xml | 15 +-
.../dataflow/util/DataflowTransport.java | 9 +-
sdks/java/core/pom.xml | 19 +-
.../org/apache/beam/sdk/options/GcpOptions.java | 136 ++-----------
.../beam/sdk/testing/BigqueryMatcher.java | 15 +-
.../apache/beam/sdk/util/CredentialFactory.java | 4 +-
.../org/apache/beam/sdk/util/Credentials.java | 192 -------------------
.../beam/sdk/util/GcpCredentialFactory.java | 41 +++-
.../beam/sdk/util/NoopCredentialFactory.java | 9 +-
.../apache/beam/sdk/util/PubsubGrpcClient.java | 18 +-
.../apache/beam/sdk/util/PubsubJsonClient.java | 9 +-
.../apache/beam/sdk/util/TestCredential.java | 44 +++--
.../org/apache/beam/sdk/util/Transport.java | 9 +-
.../beam/sdk/util/PubsubGrpcClientTest.java | 9 +-
sdks/java/io/google-cloud-platform/pom.xml | 9 +-
.../beam/sdk/io/gcp/datastore/DatastoreV1.java | 25 ++-
.../beam/sdk/io/gcp/datastore/V1TestUtil.java | 25 ++-
18 files changed, 186 insertions(+), 423 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-beam/blob/bb260ecd/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index c1bd5c8..bd6037e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -112,6 +112,7 @@
<datastore.proto.version>1.2.0</datastore.proto.version>
<google-auto-service.version>1.0-rc2</google-auto-service.version>
<google-auto-value.version>1.1</google-auto-value.version>
+ <google-auth.version>0.6.0</google-auth.version>
<google-clients.version>1.22.0</google-clients.version>
<google-cloud-bigdataoss.version>1.4.5</google-cloud-bigdataoss.version>
<google-cloud-dataflow-java-proto-library-all.version>0.5.160304</google-cloud-dataflow-java-proto-library-all.version>
@@ -530,6 +531,26 @@
</dependency>
<dependency>
+ <groupId>com.google.auth</groupId>
+ <artifactId>google-auth-library-credentials</artifactId>
+ <version>${google-auth.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>com.google.auth</groupId>
+ <artifactId>google-auth-library-oauth2-http</artifactId>
+ <version>${google-auth.version}</version>
+ <exclusions>
+ <!-- Exclude an old version of guava that is being pulled in by a transitive
+ dependency of google-api-client -->
+ <exclusion>
+ <groupId>com.google.guava</groupId>
+ <artifactId>guava-jdk5</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+
+ <dependency>
<groupId>com.google.apis</groupId>
<artifactId>google-api-services-bigquery</artifactId>
<version>${bigquery.version}</version>
http://git-wip-us.apache.org/repos/asf/incubator-beam/blob/bb260ecd/runners/google-cloud-dataflow-java/pom.xml
----------------------------------------------------------------------
diff --git a/runners/google-cloud-dataflow-java/pom.xml b/runners/google-cloud-dataflow-java/pom.xml
index 59b1465..6ed41d0 100644
--- a/runners/google-cloud-dataflow-java/pom.xml
+++ b/runners/google-cloud-dataflow-java/pom.xml
@@ -171,11 +171,6 @@
</dependency>
<dependency>
- <groupId>com.google.oauth-client</groupId>
- <artifactId>google-oauth-client</artifactId>
- </dependency>
-
- <dependency>
<groupId>com.google.http-client</groupId>
<artifactId>google-http-client</artifactId>
</dependency>
@@ -202,6 +197,16 @@
</dependency>
<dependency>
+ <groupId>com.google.auth</groupId>
+ <artifactId>google-auth-library-credentials</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>com.google.auth</groupId>
+ <artifactId>google-auth-library-oauth2-http</artifactId>
+ </dependency>
+
+ <dependency>
<groupId>com.google.cloud.bigdataoss</groupId>
<artifactId>util</artifactId>
</dependency>
http://git-wip-us.apache.org/repos/asf/incubator-beam/blob/bb260ecd/runners/google-cloud-dataflow-java/src/main/java/org/apache/beam/runners/dataflow/util/DataflowTransport.java
----------------------------------------------------------------------
diff --git a/runners/google-cloud-dataflow-java/src/main/java/org/apache/beam/runners/dataflow/util/DataflowTransport.java b/runners/google-cloud-dataflow-java/src/main/java/org/apache/beam/runners/dataflow/util/DataflowTransport.java
index 0391594..e0026de 100644
--- a/runners/google-cloud-dataflow-java/src/main/java/org/apache/beam/runners/dataflow/util/DataflowTransport.java
+++ b/runners/google-cloud-dataflow-java/src/main/java/org/apache/beam/runners/dataflow/util/DataflowTransport.java
@@ -20,10 +20,11 @@ package org.apache.beam.runners.dataflow.util;
import static org.apache.beam.sdk.util.Transport.getJsonFactory;
import static org.apache.beam.sdk.util.Transport.getTransport;
-import com.google.api.client.auth.oauth2.Credential;
import com.google.api.client.http.HttpRequestInitializer;
import com.google.api.services.clouddebugger.v2.Clouddebugger;
import com.google.api.services.dataflow.Dataflow;
+import com.google.auth.Credentials;
+import com.google.auth.http.HttpCredentialsAdapter;
import com.google.cloud.hadoop.util.ChainingHttpRequestInitializer;
import com.google.common.collect.ImmutableList;
import java.net.MalformedURLException;
@@ -91,11 +92,13 @@ public class DataflowTransport {
}
private static HttpRequestInitializer chainHttpRequestInitializer(
- Credential credential, HttpRequestInitializer httpRequestInitializer) {
+ Credentials credential, HttpRequestInitializer httpRequestInitializer) {
if (credential == null) {
return httpRequestInitializer;
} else {
- return new ChainingHttpRequestInitializer(credential, httpRequestInitializer);
+ return new ChainingHttpRequestInitializer(
+ new HttpCredentialsAdapter(credential),
+ httpRequestInitializer);
}
}
}
http://git-wip-us.apache.org/repos/asf/incubator-beam/blob/bb260ecd/sdks/java/core/pom.xml
----------------------------------------------------------------------
diff --git a/sdks/java/core/pom.xml b/sdks/java/core/pom.xml
index 77a3309..17ef193 100644
--- a/sdks/java/core/pom.xml
+++ b/sdks/java/core/pom.xml
@@ -239,16 +239,12 @@
<dependency>
<groupId>com.google.auth</groupId>
+ <artifactId>google-auth-library-credentials</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>com.google.auth</groupId>
<artifactId>google-auth-library-oauth2-http</artifactId>
- <version>0.4.0</version>
- <exclusions>
- <!-- Exclude an old version of guava that is being pulled in by a transitive
- dependency of google-api-client -->
- <exclusion>
- <groupId>com.google.guava</groupId>
- <artifactId>guava-jdk5</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
@@ -312,11 +308,6 @@
<dependency>
<groupId>com.google.oauth-client</groupId>
- <artifactId>google-oauth-client-java6</artifactId>
- </dependency>
-
- <dependency>
- <groupId>com.google.oauth-client</groupId>
<artifactId>google-oauth-client</artifactId>
</dependency>
http://git-wip-us.apache.org/repos/asf/incubator-beam/blob/bb260ecd/sdks/java/core/src/main/java/org/apache/beam/sdk/options/GcpOptions.java
----------------------------------------------------------------------
diff --git a/sdks/java/core/src/main/java/org/apache/beam/sdk/options/GcpOptions.java b/sdks/java/core/src/main/java/org/apache/beam/sdk/options/GcpOptions.java
index 0ea6faf..ffdab98 100644
--- a/sdks/java/core/src/main/java/org/apache/beam/sdk/options/GcpOptions.java
+++ b/sdks/java/core/src/main/java/org/apache/beam/sdk/options/GcpOptions.java
@@ -18,8 +18,7 @@
package org.apache.beam.sdk.options;
import com.fasterxml.jackson.annotation.JsonIgnore;
-import com.google.api.client.auth.oauth2.Credential;
-import com.google.api.client.googleapis.auth.oauth2.GoogleOAuthConstants;
+import com.google.auth.Credentials;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Strings;
import com.google.common.io.Files;
@@ -40,31 +39,14 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
- * Options used to configure Google Cloud Platform project and credentials.
+ * Options used to configure Google Cloud Platform specific options such as the project
+ * and credentials.
*
- * <p>These options configure which of the following three different mechanisms for obtaining a
- * credential are used:
- * <ol>
- * <li>
- * It can fetch the
- * <a href="https://developers.google.com/accounts/docs/application-default-credentials">
- * application default credentials</a>.
- * </li>
- * <li>
- * The user can specify a client secrets file and go through the OAuth2
- * webflow. The credential will then be cached in the user's home
- * directory for reuse.
- * </li>
- * <li>
- * The user can specify a file containing a service account private key along
- * with the service account name.
- * </li>
- * </ol>
- *
- * <p>The default mechanism is to use the
+ * <p>These options defer to the
* <a href="https://developers.google.com/accounts/docs/application-default-credentials">
- * application default credentials</a>. The other options can be
- * used by setting the corresponding properties.
+ * application default credentials</a> for authentication. See the
+ * <a href="https://github.com/google/google-auth-library-java">Google Auth Library</a> for
+ * alternative mechanisms for creating credentials.
*/
@Description("Options used to configure Google Cloud Platform project and credentials.")
public interface GcpOptions extends GoogleApiDebugOptions, PipelineOptions {
@@ -78,79 +60,6 @@ public interface GcpOptions extends GoogleApiDebugOptions, PipelineOptions {
void setProject(String value);
/**
- * This option controls which file to use when attempting to create the credentials using the
- * service account method.
- *
- * <p>This option if specified, needs be combined with the
- * {@link GcpOptions#getServiceAccountName() serviceAccountName}.
- */
- @JsonIgnore
- @Description("Controls which file to use when attempting to create the credentials "
- + "using the service account method. This option if specified, needs to be combined with "
- + "the serviceAccountName option.")
- String getServiceAccountKeyfile();
- void setServiceAccountKeyfile(String value);
-
- /**
- * This option controls which service account to use when attempting to create the credentials
- * using the service account method.
- *
- * <p>This option if specified, needs be combined with the
- * {@link GcpOptions#getServiceAccountKeyfile() serviceAccountKeyfile}.
- */
- @JsonIgnore
- @Description("Controls which service account to use when attempting to create the credentials "
- + "using the service account method. This option if specified, needs to be combined with "
- + "the serviceAccountKeyfile option.")
- String getServiceAccountName();
- void setServiceAccountName(String value);
-
- /**
- * This option controls which file to use when attempting to create the credentials
- * using the OAuth 2 webflow. After the OAuth2 webflow, the credentials will be stored
- * within credentialDir.
- */
- @JsonIgnore
- @Description("This option controls which file to use when attempting to create the credentials "
- + "using the OAuth 2 webflow. After the OAuth2 webflow, the credentials will be stored "
- + "within credentialDir.")
- String getSecretsFile();
- void setSecretsFile(String value);
-
- /**
- * This option controls which credential store to use when creating the credentials
- * using the OAuth 2 webflow.
- */
- @Description("This option controls which credential store to use when creating the credentials "
- + "using the OAuth 2 webflow.")
- @Default.String("cloud_dataflow")
- String getCredentialId();
- void setCredentialId(String value);
-
- /**
- * Directory for storing dataflow credentials after execution of the OAuth 2 webflow. Defaults
- * to using the $HOME/.store/data-flow directory.
- */
- @Description("Directory for storing dataflow credentials after execution of the OAuth 2 webflow. "
- + "Defaults to using the $HOME/.store/data-flow directory.")
- @Default.InstanceFactory(CredentialDirFactory.class)
- String getCredentialDir();
- void setCredentialDir(String value);
-
- /**
- * Returns the default credential directory of ${user.home}/.store/data-flow.
- */
- class CredentialDirFactory implements DefaultValueFactory<String> {
- @Override
- public String create(PipelineOptions options) {
- File home = new File(System.getProperty("user.home"));
- File store = new File(home, ".store");
- File dataflow = new File(store, "data-flow");
- return dataflow.getPath();
- }
- }
-
- /**
* The class of the credential factory that should be created and used to create
* credentials. If gcpCredential has not been set explicitly, an instance of this class will
* be constructed and used as a credential factory.
@@ -173,9 +82,8 @@ public interface GcpOptions extends GoogleApiDebugOptions, PipelineOptions {
+ "If no credential has been set explicitly, the default is to use the instance factory "
+ "that constructs a credential based upon the currently set credentialFactoryClass.")
@Default.InstanceFactory(GcpUserCredentialsFactory.class)
- @Hidden
- Credential getGcpCredential();
- void setGcpCredential(Credential value);
+ Credentials getGcpCredential();
+ void setGcpCredential(Credentials value);
/**
* Attempts to infer the default project based upon the environment this application
@@ -251,9 +159,9 @@ public interface GcpOptions extends GoogleApiDebugOptions, PipelineOptions {
* Attempts to load the GCP credentials. See
* {@link CredentialFactory#getCredential()} for more details.
*/
- class GcpUserCredentialsFactory implements DefaultValueFactory<Credential> {
+ class GcpUserCredentialsFactory implements DefaultValueFactory<Credentials> {
@Override
- public Credential create(PipelineOptions options) {
+ public Credentials create(PipelineOptions options) {
GcpOptions gcpOptions = options.as(GcpOptions.class);
try {
CredentialFactory factory = InstanceBuilder.ofType(CredentialFactory.class)
@@ -269,28 +177,6 @@ public interface GcpOptions extends GoogleApiDebugOptions, PipelineOptions {
}
/**
- * The token server URL to use for OAuth 2 authentication. Normally, the default is sufficient,
- * but some specialized use cases may want to override this value.
- */
- @Description("The token server URL to use for OAuth 2 authentication. Normally, the default "
- + "is sufficient, but some specialized use cases may want to override this value.")
- @Default.String(GoogleOAuthConstants.TOKEN_SERVER_URL)
- @Hidden
- String getTokenServerUrl();
- void setTokenServerUrl(String value);
-
- /**
- * The authorization server URL to use for OAuth 2 authentication. Normally, the default is
- * sufficient, but some specialized use cases may want to override this value.
- */
- @Description("The authorization server URL to use for OAuth 2 authentication. Normally, the "
- + "default is sufficient, but some specialized use cases may want to override this value.")
- @Default.String(GoogleOAuthConstants.AUTHORIZATION_SERVER_URL)
- @Hidden
- String getAuthorizationServerEncodedUrl();
- void setAuthorizationServerEncodedUrl(String value);
-
- /**
* A GCS path for storing temporary files in GCP.
*
* <p>Its default to {@link PipelineOptions#getTempLocation}.
http://git-wip-us.apache.org/repos/asf/incubator-beam/blob/bb260ecd/sdks/java/core/src/main/java/org/apache/beam/sdk/testing/BigqueryMatcher.java
----------------------------------------------------------------------
diff --git a/sdks/java/core/src/main/java/org/apache/beam/sdk/testing/BigqueryMatcher.java b/sdks/java/core/src/main/java/org/apache/beam/sdk/testing/BigqueryMatcher.java
index 95208ce..9b8589a 100644
--- a/sdks/java/core/src/main/java/org/apache/beam/sdk/testing/BigqueryMatcher.java
+++ b/sdks/java/core/src/main/java/org/apache/beam/sdk/testing/BigqueryMatcher.java
@@ -19,8 +19,6 @@ package org.apache.beam.sdk.testing;
import static com.google.common.base.Preconditions.checkArgument;
-import com.google.api.client.auth.oauth2.Credential;
-import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
import com.google.api.client.http.HttpTransport;
import com.google.api.client.json.JsonFactory;
import com.google.api.client.util.BackOff;
@@ -32,6 +30,9 @@ import com.google.api.services.bigquery.model.QueryRequest;
import com.google.api.services.bigquery.model.QueryResponse;
import com.google.api.services.bigquery.model.TableCell;
import com.google.api.services.bigquery.model.TableRow;
+import com.google.auth.Credentials;
+import com.google.auth.http.HttpCredentialsAdapter;
+import com.google.auth.oauth2.GoogleCredentials;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Strings;
import com.google.common.collect.Lists;
@@ -136,9 +137,9 @@ public class BigqueryMatcher extends TypeSafeMatcher<PipelineResult>
Bigquery newBigqueryClient(String applicationName) {
HttpTransport transport = Transport.getTransport();
JsonFactory jsonFactory = Transport.getJsonFactory();
- Credential credential = getDefaultCredential(transport, jsonFactory);
+ Credentials credential = getDefaultCredential();
- return new Bigquery.Builder(transport, jsonFactory, credential)
+ return new Bigquery.Builder(transport, jsonFactory, new HttpCredentialsAdapter(credential))
.setApplicationName(applicationName)
.build();
}
@@ -168,10 +169,10 @@ public class BigqueryMatcher extends TypeSafeMatcher<PipelineResult>
!Strings.isNullOrEmpty(value), "Expected valid %s, but was %s", name, value);
}
- private Credential getDefaultCredential(HttpTransport transport, JsonFactory jsonFactory) {
- GoogleCredential credential;
+ private Credentials getDefaultCredential() {
+ GoogleCredentials credential;
try {
- credential = GoogleCredential.getApplicationDefault(transport, jsonFactory);
+ credential = GoogleCredentials.getApplicationDefault();
} catch (IOException e) {
throw new RuntimeException("Failed to get application default credential.", e);
}
http://git-wip-us.apache.org/repos/asf/incubator-beam/blob/bb260ecd/sdks/java/core/src/main/java/org/apache/beam/sdk/util/CredentialFactory.java
----------------------------------------------------------------------
diff --git a/sdks/java/core/src/main/java/org/apache/beam/sdk/util/CredentialFactory.java b/sdks/java/core/src/main/java/org/apache/beam/sdk/util/CredentialFactory.java
index 884a77a..6229650 100644
--- a/sdks/java/core/src/main/java/org/apache/beam/sdk/util/CredentialFactory.java
+++ b/sdks/java/core/src/main/java/org/apache/beam/sdk/util/CredentialFactory.java
@@ -17,7 +17,7 @@
*/
package org.apache.beam.sdk.util;
-import com.google.api.client.auth.oauth2.Credential;
+import com.google.auth.Credentials;
import java.io.IOException;
import java.security.GeneralSecurityException;
@@ -25,5 +25,5 @@ import java.security.GeneralSecurityException;
* Construct an oauth credential to be used by the SDK and the SDK workers.
*/
public interface CredentialFactory {
- Credential getCredential() throws IOException, GeneralSecurityException;
+ Credentials getCredential() throws IOException, GeneralSecurityException;
}
http://git-wip-us.apache.org/repos/asf/incubator-beam/blob/bb260ecd/sdks/java/core/src/main/java/org/apache/beam/sdk/util/Credentials.java
----------------------------------------------------------------------
diff --git a/sdks/java/core/src/main/java/org/apache/beam/sdk/util/Credentials.java b/sdks/java/core/src/main/java/org/apache/beam/sdk/util/Credentials.java
deleted file mode 100644
index 1e77f4d..0000000
--- a/sdks/java/core/src/main/java/org/apache/beam/sdk/util/Credentials.java
+++ /dev/null
@@ -1,192 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.beam.sdk.util;
-
-import static com.google.common.base.Preconditions.checkArgument;
-
-import com.google.api.client.auth.oauth2.Credential;
-import com.google.api.client.extensions.java6.auth.oauth2.AbstractPromptReceiver;
-import com.google.api.client.extensions.java6.auth.oauth2.AuthorizationCodeInstalledApp;
-import com.google.api.client.googleapis.auth.oauth2.GoogleAuthorizationCodeFlow;
-import com.google.api.client.googleapis.auth.oauth2.GoogleClientSecrets;
-import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
-import com.google.api.client.googleapis.auth.oauth2.GoogleOAuthConstants;
-import com.google.api.client.googleapis.javanet.GoogleNetHttpTransport;
-import com.google.api.client.http.GenericUrl;
-import com.google.api.client.http.HttpTransport;
-import com.google.api.client.json.JsonFactory;
-import com.google.api.client.json.jackson2.JacksonFactory;
-import com.google.api.client.util.store.FileDataStoreFactory;
-import java.io.File;
-import java.io.FileReader;
-import java.io.IOException;
-import java.security.GeneralSecurityException;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.List;
-import org.apache.beam.sdk.options.GcpOptions;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * Provides support for loading credentials.
- */
-public class Credentials {
-
- private static final Logger LOG = LoggerFactory.getLogger(Credentials.class);
-
- /**
- * OAuth 2.0 scopes used by a local worker (not on GCE).
- * The scope cloud-platform provides access to all Cloud Platform resources.
- * cloud-platform isn't sufficient yet for talking to datastore so we request
- * those resources separately.
- *
- * <p>Note that trusted scope relationships don't apply to OAuth tokens, so for
- * services we access directly (GCS) as opposed to through the backend
- * (BigQuery, GCE), we need to explicitly request that scope.
- */
- private static final List<String> SCOPES = Arrays.asList(
- "https://www.googleapis.com/auth/cloud-platform",
- "https://www.googleapis.com/auth/devstorage.full_control",
- "https://www.googleapis.com/auth/userinfo.email",
- "https://www.googleapis.com/auth/datastore");
-
- private static class PromptReceiver extends AbstractPromptReceiver {
- @Override
- public String getRedirectUri() {
- return GoogleOAuthConstants.OOB_REDIRECT_URI;
- }
- }
-
- /**
- * Initializes OAuth2 credentials.
- *
- * <p>This can use 3 different mechanisms for obtaining a credential:
- * <ol>
- * <li>
- * It can fetch the
- * <a href="https://developers.google.com/accounts/docs/application-default-credentials">
- * application default credentials</a>.
- * </li>
- * <li>
- * The user can specify a client secrets file and go through the OAuth2
- * webflow. The credential will then be cached in the user's home
- * directory for reuse. Provide the property "secrets_file" to use this
- * mechanism.
- * </li>
- * <li>
- * The user can specify a file containing a service account.
- * Provide the properties "service_account_keyfile" and
- * "service_account_name" to use this mechanism.
- * </li>
- * </ol>
- * The default mechanism is to use the
- * <a href="https://developers.google.com/accounts/docs/application-default-credentials">
- * application default credentials</a>. The other options can be used by providing the
- * corresponding properties.
- */
- public static Credential getCredential(GcpOptions options)
- throws IOException, GeneralSecurityException {
- String keyFile = options.getServiceAccountKeyfile();
- String accountName = options.getServiceAccountName();
-
- if (keyFile != null && accountName != null) {
- try {
- return getCredentialFromFile(keyFile, accountName, SCOPES);
- } catch (GeneralSecurityException e) {
- throw new IOException("Unable to obtain credentials from file", e);
- }
- }
-
- if (options.getSecretsFile() != null) {
- return getCredentialFromClientSecrets(options, SCOPES);
- }
-
- try {
- return GoogleCredential.getApplicationDefault().createScoped(SCOPES);
- } catch (IOException e) {
- throw new RuntimeException("Unable to get application default credentials. Please see "
- + "https://developers.google.com/accounts/docs/application-default-credentials "
- + "for details on how to specify credentials. This version of the SDK is "
- + "dependent on the gcloud core component version 2015.02.05 or newer to "
- + "be able to get credentials from the currently authorized user via gcloud auth.", e);
- }
- }
-
- /**
- * Loads OAuth2 credential from a local file.
- */
- private static Credential getCredentialFromFile(
- String keyFile, String accountId, Collection<String> scopes)
- throws IOException, GeneralSecurityException {
- GoogleCredential credential = new GoogleCredential.Builder()
- .setTransport(Transport.getTransport())
- .setJsonFactory(Transport.getJsonFactory())
- .setServiceAccountId(accountId)
- .setServiceAccountScopes(scopes)
- .setServiceAccountPrivateKeyFromP12File(new File(keyFile))
- .build();
-
- LOG.info("Created credential from file {}", keyFile);
- return credential;
- }
-
- /**
- * Loads OAuth2 credential from client secrets, which may require an
- * interactive authorization prompt.
- */
- private static Credential getCredentialFromClientSecrets(
- GcpOptions options, Collection<String> scopes)
- throws IOException, GeneralSecurityException {
- String clientSecretsFile = options.getSecretsFile();
-
- checkArgument(clientSecretsFile != null);
- HttpTransport httpTransport = GoogleNetHttpTransport.newTrustedTransport();
-
- JsonFactory jsonFactory = JacksonFactory.getDefaultInstance();
- GoogleClientSecrets clientSecrets;
-
- try {
- clientSecrets = GoogleClientSecrets.load(jsonFactory,
- new FileReader(clientSecretsFile));
- } catch (IOException e) {
- throw new RuntimeException(
- "Could not read the client secrets from file: " + clientSecretsFile,
- e);
- }
-
- FileDataStoreFactory dataStoreFactory =
- new FileDataStoreFactory(new java.io.File(options.getCredentialDir()));
-
- GoogleAuthorizationCodeFlow flow = new GoogleAuthorizationCodeFlow.Builder(
- httpTransport, jsonFactory, clientSecrets, scopes)
- .setDataStoreFactory(dataStoreFactory)
- .setTokenServerUrl(new GenericUrl(options.getTokenServerUrl()))
- .setAuthorizationServerEncodedUrl(options.getAuthorizationServerEncodedUrl())
- .build();
-
- // The credentialId identifies the credential if we're using a persistent
- // credential store.
- Credential credential =
- new AuthorizationCodeInstalledApp(flow, new PromptReceiver())
- .authorize(options.getCredentialId());
-
- LOG.info("Got credential from client secret");
- return credential;
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-beam/blob/bb260ecd/sdks/java/core/src/main/java/org/apache/beam/sdk/util/GcpCredentialFactory.java
----------------------------------------------------------------------
diff --git a/sdks/java/core/src/main/java/org/apache/beam/sdk/util/GcpCredentialFactory.java b/sdks/java/core/src/main/java/org/apache/beam/sdk/util/GcpCredentialFactory.java
index 0497e75..feb93f7 100644
--- a/sdks/java/core/src/main/java/org/apache/beam/sdk/util/GcpCredentialFactory.java
+++ b/sdks/java/core/src/main/java/org/apache/beam/sdk/util/GcpCredentialFactory.java
@@ -17,10 +17,11 @@
*/
package org.apache.beam.sdk.util;
-import com.google.api.client.auth.oauth2.Credential;
+import com.google.auth.Credentials;
+import com.google.auth.oauth2.GoogleCredentials;
import java.io.IOException;
-import java.security.GeneralSecurityException;
-import org.apache.beam.sdk.options.GcpOptions;
+import java.util.Arrays;
+import java.util.List;
import org.apache.beam.sdk.options.PipelineOptions;
/**
@@ -28,18 +29,38 @@ import org.apache.beam.sdk.options.PipelineOptions;
* Returns a GCP credential.
*/
public class GcpCredentialFactory implements CredentialFactory {
- private GcpOptions options;
+ /**
+ * The scope cloud-platform provides access to all Cloud Platform resources.
+ * cloud-platform isn't sufficient yet for talking to datastore so we request
+ * those resources separately.
+ *
+ * <p>Note that trusted scope relationships don't apply to OAuth tokens, so for
+ * services we access directly (GCS) as opposed to through the backend
+ * (BigQuery, GCE), we need to explicitly request that scope.
+ */
+ private static final List<String> SCOPES = Arrays.asList(
+ "https://www.googleapis.com/auth/cloud-platform",
+ "https://www.googleapis.com/auth/devstorage.full_control",
+ "https://www.googleapis.com/auth/userinfo.email",
+ "https://www.googleapis.com/auth/datastore",
+ "https://www.googleapis.com/auth/pubsub");
- private GcpCredentialFactory(GcpOptions options) {
- this.options = options;
- }
+ private static final GcpCredentialFactory INSTANCE = new GcpCredentialFactory();
public static GcpCredentialFactory fromOptions(PipelineOptions options) {
- return new GcpCredentialFactory(options.as(GcpOptions.class));
+ return INSTANCE;
}
@Override
- public Credential getCredential() throws IOException, GeneralSecurityException {
- return Credentials.getCredential(options);
+ public Credentials getCredential() throws IOException {
+ try {
+ return GoogleCredentials.getApplicationDefault().createScoped(SCOPES);
+ } catch (IOException e) {
+ throw new RuntimeException("Unable to get application default credentials. Please see "
+ + "https://developers.google.com/accounts/docs/application-default-credentials "
+ + "for details on how to specify credentials. This version of the SDK is "
+ + "dependent on the gcloud core component version 2015.02.05 or newer to "
+ + "be able to get credentials from the currently authorized user via gcloud auth.", e);
+ }
}
}
http://git-wip-us.apache.org/repos/asf/incubator-beam/blob/bb260ecd/sdks/java/core/src/main/java/org/apache/beam/sdk/util/NoopCredentialFactory.java
----------------------------------------------------------------------
diff --git a/sdks/java/core/src/main/java/org/apache/beam/sdk/util/NoopCredentialFactory.java b/sdks/java/core/src/main/java/org/apache/beam/sdk/util/NoopCredentialFactory.java
index 5d92552..29c3e72 100644
--- a/sdks/java/core/src/main/java/org/apache/beam/sdk/util/NoopCredentialFactory.java
+++ b/sdks/java/core/src/main/java/org/apache/beam/sdk/util/NoopCredentialFactory.java
@@ -17,9 +17,8 @@
*/
package org.apache.beam.sdk.util;
-import com.google.api.client.auth.oauth2.Credential;
+import com.google.auth.Credentials;
import java.io.IOException;
-import java.security.GeneralSecurityException;
import org.apache.beam.sdk.options.PipelineOptions;
/**
@@ -27,12 +26,14 @@ import org.apache.beam.sdk.options.PipelineOptions;
* Always returns a null Credential object.
*/
public class NoopCredentialFactory implements CredentialFactory {
+ private static final NoopCredentialFactory INSTANCE = new NoopCredentialFactory();
+
public static NoopCredentialFactory fromOptions(PipelineOptions options) {
- return new NoopCredentialFactory();
+ return INSTANCE;
}
@Override
- public Credential getCredential() throws IOException, GeneralSecurityException {
+ public Credentials getCredential() throws IOException {
return null;
}
}
http://git-wip-us.apache.org/repos/asf/incubator-beam/blob/bb260ecd/sdks/java/core/src/main/java/org/apache/beam/sdk/util/PubsubGrpcClient.java
----------------------------------------------------------------------
diff --git a/sdks/java/core/src/main/java/org/apache/beam/sdk/util/PubsubGrpcClient.java b/sdks/java/core/src/main/java/org/apache/beam/sdk/util/PubsubGrpcClient.java
index 02152ba..201877c 100644
--- a/sdks/java/core/src/main/java/org/apache/beam/sdk/util/PubsubGrpcClient.java
+++ b/sdks/java/core/src/main/java/org/apache/beam/sdk/util/PubsubGrpcClient.java
@@ -20,7 +20,7 @@ package org.apache.beam.sdk.util;
import static com.google.common.base.Preconditions.checkState;
-import com.google.auth.oauth2.GoogleCredentials;
+import com.google.auth.Credentials;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Strings;
import com.google.common.collect.ImmutableList;
@@ -56,7 +56,6 @@ import io.grpc.netty.NegotiationType;
import io.grpc.netty.NettyChannelBuilder;
import java.io.IOException;
import java.util.ArrayList;
-import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.concurrent.Executors;
@@ -74,10 +73,6 @@ import org.apache.beam.sdk.options.PubsubOptions;
public class PubsubGrpcClient extends PubsubClient {
private static final String PUBSUB_ADDRESS = "pubsub.googleapis.com";
private static final int PUBSUB_PORT = 443;
- // Will be needed when credentials are correctly constructed and scoped.
- @SuppressWarnings("unused")
- private static final List<String> PUBSUB_SCOPES =
- Collections.singletonList("https://www.googleapis.com/auth/pubsub");
private static final int LIST_BATCH_SIZE = 1000;
private static final int DEFAULT_TIMEOUT_S = 15;
@@ -92,15 +87,12 @@ public class PubsubGrpcClient extends PubsubClient {
.negotiationType(NegotiationType.TLS)
.sslContext(GrpcSslContexts.forClient().ciphers(null).build())
.build();
- // TODO: GcpOptions needs to support building com.google.auth.oauth2.Credentials from the
- // various command line options. It currently only supports the older
- // com.google.api.client.auth.oauth2.Credentials.
- GoogleCredentials credentials = GoogleCredentials.getApplicationDefault();
+
return new PubsubGrpcClient(timestampLabel,
idLabel,
DEFAULT_TIMEOUT_S,
channel,
- credentials);
+ options.getGcpCredential());
}
@Override
@@ -128,7 +120,7 @@ public class PubsubGrpcClient extends PubsubClient {
/**
* Credentials determined from options and environment.
*/
- private final GoogleCredentials credentials;
+ private final Credentials credentials;
/**
* Label to use for custom timestamps, or {@literal null} if should use Pubsub publish time
@@ -157,7 +149,7 @@ public class PubsubGrpcClient extends PubsubClient {
@Nullable String idLabel,
int timeoutSec,
ManagedChannel publisherChannel,
- GoogleCredentials credentials) {
+ Credentials credentials) {
this.timestampLabel = timestampLabel;
this.idLabel = idLabel;
this.timeoutSec = timeoutSec;
http://git-wip-us.apache.org/repos/asf/incubator-beam/blob/bb260ecd/sdks/java/core/src/main/java/org/apache/beam/sdk/util/PubsubJsonClient.java
----------------------------------------------------------------------
diff --git a/sdks/java/core/src/main/java/org/apache/beam/sdk/util/PubsubJsonClient.java b/sdks/java/core/src/main/java/org/apache/beam/sdk/util/PubsubJsonClient.java
index bdb5c04..215a136 100644
--- a/sdks/java/core/src/main/java/org/apache/beam/sdk/util/PubsubJsonClient.java
+++ b/sdks/java/core/src/main/java/org/apache/beam/sdk/util/PubsubJsonClient.java
@@ -20,7 +20,6 @@ package org.apache.beam.sdk.util;
import static com.google.common.base.Preconditions.checkState;
-import com.google.api.client.auth.oauth2.Credential;
import com.google.api.client.http.HttpRequestInitializer;
import com.google.api.services.pubsub.Pubsub;
import com.google.api.services.pubsub.Pubsub.Builder;
@@ -36,6 +35,8 @@ import com.google.api.services.pubsub.model.PullResponse;
import com.google.api.services.pubsub.model.ReceivedMessage;
import com.google.api.services.pubsub.model.Subscription;
import com.google.api.services.pubsub.model.Topic;
+import com.google.auth.Credentials;
+import com.google.auth.http.HttpCredentialsAdapter;
import com.google.cloud.hadoop.util.ChainingHttpRequestInitializer;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Strings;
@@ -55,11 +56,13 @@ public class PubsubJsonClient extends PubsubClient {
private static class PubsubJsonClientFactory implements PubsubClientFactory {
private static HttpRequestInitializer chainHttpRequestInitializer(
- Credential credential, HttpRequestInitializer httpRequestInitializer) {
+ Credentials credential, HttpRequestInitializer httpRequestInitializer) {
if (credential == null) {
return httpRequestInitializer;
} else {
- return new ChainingHttpRequestInitializer(credential, httpRequestInitializer);
+ return new ChainingHttpRequestInitializer(
+ new HttpCredentialsAdapter(credential),
+ httpRequestInitializer);
}
}
http://git-wip-us.apache.org/repos/asf/incubator-beam/blob/bb260ecd/sdks/java/core/src/main/java/org/apache/beam/sdk/util/TestCredential.java
----------------------------------------------------------------------
diff --git a/sdks/java/core/src/main/java/org/apache/beam/sdk/util/TestCredential.java b/sdks/java/core/src/main/java/org/apache/beam/sdk/util/TestCredential.java
index 4b81a0e..f34527e 100644
--- a/sdks/java/core/src/main/java/org/apache/beam/sdk/util/TestCredential.java
+++ b/sdks/java/core/src/main/java/org/apache/beam/sdk/util/TestCredential.java
@@ -17,35 +17,43 @@
*/
package org.apache.beam.sdk.util;
-import com.google.api.client.auth.oauth2.BearerToken;
-import com.google.api.client.auth.oauth2.Credential;
-import com.google.api.client.auth.oauth2.TokenResponse;
-import com.google.api.client.testing.http.MockHttpTransport;
+import com.google.auth.Credentials;
import java.io.IOException;
+import java.net.URI;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
/**
* Fake credential, for use in testing.
*/
-public class TestCredential extends Credential {
+public class TestCredential extends Credentials {
+ @Override
+ public String getAuthenticationType() {
+ return "Test";
+ }
- private final String token;
+ @Override
+ public Map<String, List<String>> getRequestMetadata() throws IOException {
+ return Collections.emptyMap();
+ }
- public TestCredential() {
- this("NULL");
+ @Override
+ public Map<String, List<String>> getRequestMetadata(URI uri) throws IOException {
+ return Collections.emptyMap();
}
- public TestCredential(String token) {
- super(new Builder(
- BearerToken.authorizationHeaderAccessMethod())
- .setTransport(new MockHttpTransport()));
- this.token = token;
+ @Override
+ public boolean hasRequestMetadata() {
+ return false;
+ }
+
+ @Override
+ public boolean hasRequestMetadataOnly() {
+ return true;
}
@Override
- protected TokenResponse executeRefreshToken() throws IOException {
- TokenResponse response = new TokenResponse();
- response.setExpiresInSeconds(5L * 60);
- response.setAccessToken(token);
- return response;
+ public void refresh() throws IOException {
}
}
http://git-wip-us.apache.org/repos/asf/incubator-beam/blob/bb260ecd/sdks/java/core/src/main/java/org/apache/beam/sdk/util/Transport.java
----------------------------------------------------------------------
diff --git a/sdks/java/core/src/main/java/org/apache/beam/sdk/util/Transport.java b/sdks/java/core/src/main/java/org/apache/beam/sdk/util/Transport.java
index 1f61299..38eecc2 100644
--- a/sdks/java/core/src/main/java/org/apache/beam/sdk/util/Transport.java
+++ b/sdks/java/core/src/main/java/org/apache/beam/sdk/util/Transport.java
@@ -17,7 +17,6 @@
*/
package org.apache.beam.sdk.util;
-import com.google.api.client.auth.oauth2.Credential;
import com.google.api.client.googleapis.javanet.GoogleNetHttpTransport;
import com.google.api.client.http.HttpRequestInitializer;
import com.google.api.client.http.HttpTransport;
@@ -27,6 +26,8 @@ import com.google.api.services.bigquery.Bigquery;
import com.google.api.services.cloudresourcemanager.CloudResourceManager;
import com.google.api.services.pubsub.Pubsub;
import com.google.api.services.storage.Storage;
+import com.google.auth.Credentials;
+import com.google.auth.http.HttpCredentialsAdapter;
import com.google.cloud.hadoop.util.ChainingHttpRequestInitializer;
import com.google.common.collect.ImmutableList;
import java.io.IOException;
@@ -161,11 +162,13 @@ public class Transport {
}
private static HttpRequestInitializer chainHttpRequestInitializer(
- Credential credential, HttpRequestInitializer httpRequestInitializer) {
+ Credentials credential, HttpRequestInitializer httpRequestInitializer) {
if (credential == null) {
return httpRequestInitializer;
} else {
- return new ChainingHttpRequestInitializer(credential, httpRequestInitializer);
+ return new ChainingHttpRequestInitializer(
+ new HttpCredentialsAdapter(credential),
+ httpRequestInitializer);
}
}
}
http://git-wip-us.apache.org/repos/asf/incubator-beam/blob/bb260ecd/sdks/java/core/src/test/java/org/apache/beam/sdk/util/PubsubGrpcClientTest.java
----------------------------------------------------------------------
diff --git a/sdks/java/core/src/test/java/org/apache/beam/sdk/util/PubsubGrpcClientTest.java b/sdks/java/core/src/test/java/org/apache/beam/sdk/util/PubsubGrpcClientTest.java
index cbdf5da..9767cde 100644
--- a/sdks/java/core/src/test/java/org/apache/beam/sdk/util/PubsubGrpcClientTest.java
+++ b/sdks/java/core/src/test/java/org/apache/beam/sdk/util/PubsubGrpcClientTest.java
@@ -20,7 +20,7 @@ package org.apache.beam.sdk.util;
import static org.junit.Assert.assertEquals;
-import com.google.auth.oauth2.GoogleCredentials;
+import com.google.auth.Credentials;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.Iterables;
@@ -52,7 +52,6 @@ import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.JUnit4;
-import org.mockito.Mockito;
/**
* Tests for PubsubGrpcClient.
@@ -60,7 +59,7 @@ import org.mockito.Mockito;
@RunWith(JUnit4.class)
public class PubsubGrpcClientTest {
private ManagedChannel inProcessChannel;
- private GoogleCredentials mockCredentials;
+ private Credentials testCredentials;
private PubsubClient client;
private String channelName;
@@ -83,8 +82,8 @@ public class PubsubGrpcClientTest {
channelName = String.format("%s-%s",
PubsubGrpcClientTest.class.getName(), ThreadLocalRandom.current().nextInt());
inProcessChannel = InProcessChannelBuilder.forName(channelName).directExecutor().build();
- mockCredentials = Mockito.mock(GoogleCredentials.class);
- client = new PubsubGrpcClient(TIMESTAMP_LABEL, ID_LABEL, 10, inProcessChannel, mockCredentials);
+ testCredentials = new TestCredential();
+ client = new PubsubGrpcClient(TIMESTAMP_LABEL, ID_LABEL, 10, inProcessChannel, testCredentials);
}
@After
http://git-wip-us.apache.org/repos/asf/incubator-beam/blob/bb260ecd/sdks/java/io/google-cloud-platform/pom.xml
----------------------------------------------------------------------
diff --git a/sdks/java/io/google-cloud-platform/pom.xml b/sdks/java/io/google-cloud-platform/pom.xml
index 9f7af52..31350a9 100644
--- a/sdks/java/io/google-cloud-platform/pom.xml
+++ b/sdks/java/io/google-cloud-platform/pom.xml
@@ -169,8 +169,13 @@
</dependency>
<dependency>
- <groupId>com.google.oauth-client</groupId>
- <artifactId>google-oauth-client</artifactId>
+ <groupId>com.google.auth</groupId>
+ <artifactId>google-auth-library-credentials</artifactId>
+ </dependency>
+
+ <dependency>
+ <groupId>com.google.auth</groupId>
+ <artifactId>google-auth-library-oauth2-http</artifactId>
</dependency>
<dependency>
http://git-wip-us.apache.org/repos/asf/incubator-beam/blob/bb260ecd/sdks/java/io/google-cloud-platform/src/main/java/org/apache/beam/sdk/io/gcp/datastore/DatastoreV1.java
----------------------------------------------------------------------
diff --git a/sdks/java/io/google-cloud-platform/src/main/java/org/apache/beam/sdk/io/gcp/datastore/DatastoreV1.java b/sdks/java/io/google-cloud-platform/src/main/java/org/apache/beam/sdk/io/gcp/datastore/DatastoreV1.java
index 1d1075c..d1a9a67 100644
--- a/sdks/java/io/google-cloud-platform/src/main/java/org/apache/beam/sdk/io/gcp/datastore/DatastoreV1.java
+++ b/sdks/java/io/google-cloud-platform/src/main/java/org/apache/beam/sdk/io/gcp/datastore/DatastoreV1.java
@@ -31,11 +31,14 @@ import static com.google.datastore.v1.client.DatastoreHelper.makeOrder;
import static com.google.datastore.v1.client.DatastoreHelper.makeUpsert;
import static com.google.datastore.v1.client.DatastoreHelper.makeValue;
-import com.google.api.client.auth.oauth2.Credential;
+import com.google.api.client.http.HttpRequestInitializer;
import com.google.api.client.util.BackOff;
import com.google.api.client.util.BackOffUtils;
import com.google.api.client.util.Sleeper;
+import com.google.auth.Credentials;
+import com.google.auth.http.HttpCredentialsAdapter;
import com.google.auto.value.AutoValue;
+import com.google.cloud.hadoop.util.ChainingHttpRequestInitializer;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.MoreObjects;
import com.google.common.collect.ImmutableList;
@@ -229,6 +232,7 @@ public class DatastoreV1 {
@Nullable public abstract String getNamespace();
public abstract int getNumQuerySplits();
+ @Override
public abstract String toString();
abstract Builder toBuilder();
@@ -1005,17 +1009,20 @@ public class DatastoreV1 {
/** Builds a Cloud Datastore client for the given pipeline options and project. */
public Datastore getDatastore(PipelineOptions pipelineOptions, String projectId) {
+ Credentials credential = pipelineOptions.as(GcpOptions.class).getGcpCredential();
+ HttpRequestInitializer initializer;
+ if (credential != null) {
+ initializer = new ChainingHttpRequestInitializer(
+ new HttpCredentialsAdapter(credential),
+ new RetryHttpRequestInitializer());
+ } else {
+ initializer = new RetryHttpRequestInitializer();
+ }
+
DatastoreOptions.Builder builder =
new DatastoreOptions.Builder()
.projectId(projectId)
- .initializer(
- new RetryHttpRequestInitializer()
- );
-
- Credential credential = pipelineOptions.as(GcpOptions.class).getGcpCredential();
- if (credential != null) {
- builder.credential(credential);
- }
+ .initializer(initializer);
return DatastoreFactory.get().create(builder.build());
}
http://git-wip-us.apache.org/repos/asf/incubator-beam/blob/bb260ecd/sdks/java/io/google-cloud-platform/src/test/java/org/apache/beam/sdk/io/gcp/datastore/V1TestUtil.java
----------------------------------------------------------------------
diff --git a/sdks/java/io/google-cloud-platform/src/test/java/org/apache/beam/sdk/io/gcp/datastore/V1TestUtil.java b/sdks/java/io/google-cloud-platform/src/test/java/org/apache/beam/sdk/io/gcp/datastore/V1TestUtil.java
index b680a0e..76a1fc8 100644
--- a/sdks/java/io/google-cloud-platform/src/test/java/org/apache/beam/sdk/io/gcp/datastore/V1TestUtil.java
+++ b/sdks/java/io/google-cloud-platform/src/test/java/org/apache/beam/sdk/io/gcp/datastore/V1TestUtil.java
@@ -25,10 +25,13 @@ import static com.google.datastore.v1.client.DatastoreHelper.makeKey;
import static com.google.datastore.v1.client.DatastoreHelper.makeUpsert;
import static com.google.datastore.v1.client.DatastoreHelper.makeValue;
-import com.google.api.client.auth.oauth2.Credential;
+import com.google.api.client.http.HttpRequestInitializer;
import com.google.api.client.util.BackOff;
import com.google.api.client.util.BackOffUtils;
import com.google.api.client.util.Sleeper;
+import com.google.auth.Credentials;
+import com.google.auth.http.HttpCredentialsAdapter;
+import com.google.cloud.hadoop.util.ChainingHttpRequestInitializer;
import com.google.datastore.v1.CommitRequest;
import com.google.datastore.v1.Entity;
import com.google.datastore.v1.EntityResult;
@@ -131,17 +134,21 @@ class V1TestUtil {
* Build a new datastore client.
*/
static Datastore getDatastore(PipelineOptions pipelineOptions, String projectId) {
+ Credentials credential = pipelineOptions.as(GcpOptions.class).getGcpCredential();
+ HttpRequestInitializer initializer;
+ if (credential != null) {
+ initializer = new ChainingHttpRequestInitializer(
+ new HttpCredentialsAdapter(credential),
+ new RetryHttpRequestInitializer());
+ } else {
+ initializer = new RetryHttpRequestInitializer();
+ }
+
DatastoreOptions.Builder builder =
new DatastoreOptions.Builder()
.projectId(projectId)
- .initializer(
- new RetryHttpRequestInitializer()
- );
+ .initializer(initializer);
- Credential credential = pipelineOptions.as(GcpOptions.class).getGcpCredential();
- if (credential != null) {
- builder.credential(credential);
- }
return DatastoreFactory.get().create(builder.build());
}
@@ -209,6 +216,7 @@ class V1TestUtil {
*A MutationBuilder that performs upsert operation.
*/
static class UpsertMutationBuilder implements MutationBuilder {
+ @Override
public Mutation.Builder apply(Entity entity) {
return makeUpsert(entity);
}
@@ -218,6 +226,7 @@ class V1TestUtil {
* A MutationBuilder that performs delete operation.
*/
static class DeleteMutationBuilder implements MutationBuilder {
+ @Override
public Mutation.Builder apply(Entity entity) {
return makeDelete(entity.getKey());
}
[2/2] incubator-beam git commit: [BEAM-725] Migrate to use the
generic Google credentials library
Posted by lc...@apache.org.
[BEAM-725] Migrate to use the generic Google credentials library
This closes #1294
Project: http://git-wip-us.apache.org/repos/asf/incubator-beam/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-beam/commit/baa7fb03
Tree: http://git-wip-us.apache.org/repos/asf/incubator-beam/tree/baa7fb03
Diff: http://git-wip-us.apache.org/repos/asf/incubator-beam/diff/baa7fb03
Branch: refs/heads/master
Commit: baa7fb0317afa4a18462ed66ab0a7ba1e8eb2c89
Parents: b5f8473 bb260ec
Author: Luke Cwik <lc...@google.com>
Authored: Mon Nov 7 13:09:19 2016 -0800
Committer: Luke Cwik <lc...@google.com>
Committed: Mon Nov 7 13:09:19 2016 -0800
----------------------------------------------------------------------
pom.xml | 21 ++
runners/google-cloud-dataflow-java/pom.xml | 15 +-
.../dataflow/util/DataflowTransport.java | 9 +-
sdks/java/core/pom.xml | 19 +-
.../org/apache/beam/sdk/options/GcpOptions.java | 136 ++-----------
.../beam/sdk/testing/BigqueryMatcher.java | 15 +-
.../apache/beam/sdk/util/CredentialFactory.java | 4 +-
.../org/apache/beam/sdk/util/Credentials.java | 192 -------------------
.../beam/sdk/util/GcpCredentialFactory.java | 41 +++-
.../beam/sdk/util/NoopCredentialFactory.java | 9 +-
.../apache/beam/sdk/util/PubsubGrpcClient.java | 18 +-
.../apache/beam/sdk/util/PubsubJsonClient.java | 9 +-
.../apache/beam/sdk/util/TestCredential.java | 44 +++--
.../org/apache/beam/sdk/util/Transport.java | 9 +-
.../beam/sdk/util/PubsubGrpcClientTest.java | 9 +-
sdks/java/io/google-cloud-platform/pom.xml | 9 +-
.../beam/sdk/io/gcp/datastore/DatastoreV1.java | 25 ++-
.../beam/sdk/io/gcp/datastore/V1TestUtil.java | 25 ++-
18 files changed, 186 insertions(+), 423 deletions(-)
----------------------------------------------------------------------