You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@jclouds.apache.org by danbroudy <no...@github.com> on 2015/01/27 03:39:35 UTC
[jclouds-labs-google] JCLOUDS-808: Enables working with .json key
files, adding GoogleComputeEngineCredenti... (#124)
...alSupplier
This is WIP branch with an idea of how to move towards using JSON key files instead of PEM keys.
Something along the lines of the following:
```
ComputeServiceContext context = ContextBuilder.newBuilder("google-compute-engine")
.credentialsSupplier(new GoogleComputeEngineCredentialSupplier("/path/to/file.json))
.buildView(ComputeServiceContext.class);
```
This also (optionally) changes how the live tests are run.
If you set the parameter `test.google-compute-engine.json-key` to /path/to/file.json it will populate
`test.google-compute-engine.identity` and `test.google-compute-engine.credential` from the file.
This will also require documentation updates ect.
@nacx WDYT?
You can view, comment on, or merge this pull request online at:
https://github.com/jclouds/jclouds-labs-google/pull/124
-- Commit Summary --
* Enables working with .json key files, adding GoogleComputeEngineCredentialSupplier
-- File Changes --
A google-compute-engine/src/main/java/org/jclouds/googlecomputeengine/GoogleComputeEngineCredentialSupplier.java (73)
M google-compute-engine/src/test/java/org/jclouds/googlecomputeengine/compute/GoogleComputeEngineServiceLiveTest.java (18)
M google-compute-engine/src/test/java/org/jclouds/googlecomputeengine/internal/BaseGoogleComputeEngineApiLiveTest.java (2)
-- Patch Links --
https://github.com/jclouds/jclouds-labs-google/pull/124.patch
https://github.com/jclouds/jclouds-labs-google/pull/124.diff
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs-google/pull/124
Re: [jclouds-labs-google] JCLOUDS-808: Enables working with .json key
files, adding GoogleComputeEngineCredenti... (#124)
Posted by Ignasi Barrera <no...@github.com>.
Thanks @danbroudy! Just two minor final comments (no need for a new commit/review). I'll merge it once squashed. Thanks!
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs-google/pull/124#issuecomment-72179832
Re: [jclouds-labs-google] JCLOUDS-808: Enables working with .json key
files, adding GoogleComputeEngineCredenti... (#124)
Posted by Ignasi Barrera <no...@github.com>.
> +
> +import com.google.common.base.Supplier;
> +import com.google.gson.JsonObject;
> +import com.google.gson.JsonParser;
> +
> +/*
> + * Provides an easy way to pass in credentials using the json-key format.
> + * Just provide the path to the .json file and this extracts and sets identity
> + * and credentials from the json.
> + */
> +public class GoogleCredentialsFromJson implements Supplier<Credentials>{
> +
> + private String jsonKeyString;
> +
> + public GoogleCredentialsFromJson(String jsonString){
> + jsonKeyString = jsonString;
[minor] Prevent a null string from being passed here.
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs-google/pull/124/files#r23833301
Re: [jclouds-labs-google] JCLOUDS-808: Enables working with .json key
files, adding GoogleComputeEngineCredenti... (#124)
Posted by danbroudy <no...@github.com>.
> +
> + private GoogleComputeEngineCredentialSupplierFromJson(String jsonString){
> + creds = parseJsonKeyString(jsonString);
> + }
> +
> + /**
> + * Function for parsing JSON Key file downloaded from GCP developers console.
> + *
> + * @param pathToJsonFile.
> + * @return Credentials object with Credentials.identity and Credentials.credential correctly set.
> + */
> + public static Credentials parseJsonKeyString(String jsonString) {
> + // Parse JsonFile to extract Service Account and PrivateKey.
> + final JsonObject json = new JsonParser().parse(jsonString).getAsJsonObject();
> + String client_email = json.get("client_email").toString().replace("\"", "");
> + String private_key = StringEscapeUtils.unescapeJava(json.get("private_key").toString().replace("\"", ""));
Without the unescapeJava it was was incorrectly treating \n as two separate characters instead of newlines. The client email doesn't have any \n characters so it is a non-issue.
I found a simpler way to fix the newline character.
`json.get("private_key").toString().replace("\"", "").replace("\\n", "\n");`
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs-google/pull/124/files#r23739041
Re: [jclouds-labs-google] JCLOUDS-808: Enables working with .json key
files, adding GoogleComputeEngineCredenti... (#124)
Posted by Ignasi Barrera <no...@github.com>.
Great. Thanks! Pushed to master as [cee2b703](https://git1-us-west.apache.org/repos/asf?p=jclouds-labs-google.git;a=commit;h=cee2b703).
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs-google/pull/124#issuecomment-72625024
Re: [jclouds-labs-google] JCLOUDS-808: Enables working with .json key
files, adding GoogleComputeEngineCredenti... (#124)
Posted by Ignasi Barrera <no...@github.com>.
> +
> +import com.google.common.base.Supplier;
> +import com.google.gson.JsonObject;
> +import com.google.gson.JsonParser;
> +
> +/*
> + * Provides an easy way to pass in credentials using the json-key format.
> + * Just provide the path to the .json file and this extracts and sets identity
> + * and credentials from the json.
> + */
> +public class GoogleComputeEngineCredentialSupplierFromJson implements Supplier<Credentials>{
> +
> + private Credentials creds;
> +
> + private GoogleComputeEngineCredentialSupplierFromJson(String jsonString){
> + creds = parseJsonKeyString(jsonString);
Defer the parsing of the json String to the `get` method, to properly implement the Supplier contract.
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs-google/pull/124/files#r23723223
Re: [jclouds-labs-google] JCLOUDS-808: Enables working with .json key
files, adding GoogleComputeEngineCredenti... (#124)
Posted by danbroudy <no...@github.com>.
Im now looking into integrating with GCS. Not ready to merge yet
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs-google/pull/124#issuecomment-71950645
Re: [jclouds-labs-google] JCLOUDS-808: Enables working with .json key
files, adding GoogleComputeEngineCredenti... (#124)
Posted by danbroudy <no...@github.com>.
I moved GoogleCredentalsFromJson into googlecloud so that in the future it can be used with google-cloud-storage. Happy to squash if you agree this move is a good idea.
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs-google/pull/124#issuecomment-72091083
Re: [jclouds-labs-google] JCLOUDS-808: Enables working with .json key
files, adding GoogleComputeEngineCredenti... (#124)
Posted by Ignasi Barrera <no...@github.com>.
> +package org.jclouds.googlecloud;
> +
> +import org.jclouds.domain.Credentials;
> +
> +import com.google.common.base.Supplier;
> +import com.google.gson.JsonObject;
> +import com.google.gson.JsonParser;
> +
> +/*
> + * Provides an easy way to pass in credentials using the json-key format.
> + * Just provide the path to the .json file and this extracts and sets identity
> + * and credentials from the json.
> + */
> +public class GoogleCredentialsFromJson implements Supplier<Credentials>{
> +
> + private String jsonKeyString;
[minor] Make this final.
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs-google/pull/124/files#r23833290
Re: [jclouds-labs-google] JCLOUDS-808: Enables working with .json key
files, adding GoogleComputeEngineCredenti... (#124)
Posted by danbroudy <no...@github.com>.
I think `GoogleComputeEngineCredentialSupplierFromJson` is too long of a name and I am open to suggestions.
Also passing in a JSON string into the eclipse maven build was causing problems so I left it that you pass in a file when running the tests but pass in a JSON string when instantiating a `GoogleComputeEngineCredentialSupplierFromJson` normally
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs-google/pull/124#issuecomment-71896830
Re: [jclouds-labs-google] JCLOUDS-808: Enables working with .json key
files, adding GoogleComputeEngineCredenti... (#124)
Posted by Ignasi Barrera <no...@github.com>.
Out of curiosity. Can this auth approach be used now with the cloud storage provider?
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs-google/pull/124#issuecomment-72470949
Re: [jclouds-labs-google] JCLOUDS-808: Enables working with .json key
files, adding GoogleComputeEngineCredenti... (#124)
Posted by Ignasi Barrera <no...@github.com>.
> +import org.jclouds.domain.Credentials;
> +
> +import com.google.common.base.Supplier;
> +import com.google.gson.JsonObject;
> +import com.google.gson.JsonParser;
> +
> +/*
> + * Provides an easy way to pass in credentials using the json-key format.
> + * Just provide the path to the .json file and this extracts and sets identity
> + * and credentials from the json.
> + */
> +public class GoogleComputeEngineCredentialSupplierFromJson implements Supplier<Credentials>{
> +
> + private Credentials creds;
> +
> + private GoogleComputeEngineCredentialSupplierFromJson(String jsonString){
Should be public so it can be constructed and passed to the context builder.
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs-google/pull/124/files#r23723162
Re: [jclouds-labs-google] JCLOUDS-808: Enables working with .json key
files, adding GoogleComputeEngineCredenti... (#124)
Posted by Ignasi Barrera <no...@github.com>.
> + * this work for additional information regarding copyright ownership.
> + * The ASF licenses this file to You under the Apache License, Version 2.0
> + * (the "License"); you may not use this file except in compliance with
> + * the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing, software
> + * distributed under the License is distributed on an "AS IS" BASIS,
> + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
> + * See the License for the specific language governing permissions and
> + * limitations under the License.
> + */
> +package org.jclouds.googlecomputeengine;
> +
> +import org.apache.commons.lang.StringEscapeUtils;
Where does this class come from? Can't see the `commons-lang` in the dependency tree. Is it worth adding a dependency just to escape a String?
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs-google/pull/124/files#r23723610
Re: [jclouds-labs-google] JCLOUDS-808: Enables working with .json key
files, adding GoogleComputeEngineCredenti... (#124)
Posted by Ignasi Barrera <no...@github.com>.
> + */
> +public class GoogleComputeEngineCredentialSupplierFromJson implements Supplier<Credentials>{
> +
> + private Credentials creds;
> +
> + private GoogleComputeEngineCredentialSupplierFromJson(String jsonString){
> + creds = parseJsonKeyString(jsonString);
> + }
> +
> + /**
> + * Function for parsing JSON Key file downloaded from GCP developers console.
> + *
> + * @param pathToJsonFile.
> + * @return Credentials object with Credentials.identity and Credentials.credential correctly set.
> + */
> + public static Credentials parseJsonKeyString(String jsonString) {
Better make this method private and call supplier.get() in the tests.
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs-google/pull/124/files#r23723311
Re: [jclouds-labs-google] JCLOUDS-808: Enables working with .json key
files, adding GoogleComputeEngineCredenti... (#124)
Posted by danbroudy <no...@github.com>.
Updated. Thanks for the feedback!
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs-google/pull/124#issuecomment-72253640
Re: [jclouds-labs-google] JCLOUDS-808: Enables working with .json key
files, adding GoogleComputeEngineCredenti... (#124)
Posted by Ignasi Barrera <no...@github.com>.
>I left it that you pass in a file when running the tests but pass in a JSON string when instantiating a GoogleComputeEngineCredentialSupplierFromJson normally
That looks good to me. This is the same we do in other apis like Chef. Thanks!
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs-google/pull/124#issuecomment-71916293
Re: [jclouds-labs-google] JCLOUDS-808: Enables working with .json key
files, adding GoogleComputeEngineCredenti... (#124)
Posted by Ignasi Barrera <no...@github.com>.
> +
> + private GoogleComputeEngineCredentialSupplierFromJson(String jsonString){
> + creds = parseJsonKeyString(jsonString);
> + }
> +
> + /**
> + * Function for parsing JSON Key file downloaded from GCP developers console.
> + *
> + * @param pathToJsonFile.
> + * @return Credentials object with Credentials.identity and Credentials.credential correctly set.
> + */
> + public static Credentials parseJsonKeyString(String jsonString) {
> + // Parse JsonFile to extract Service Account and PrivateKey.
> + final JsonObject json = new JsonParser().parse(jsonString).getAsJsonObject();
> + String client_email = json.get("client_email").toString().replace("\"", "");
> + String private_key = StringEscapeUtils.unescapeJava(json.get("private_key").toString().replace("\"", ""));
Out of curiosity: is the `unescapeJava` needed here but not when parsing the client email?
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs-google/pull/124/files#r23723454
Re: [jclouds-labs-google] JCLOUDS-808: Enables working with .json key
files, adding GoogleComputeEngineCredenti... (#124)
Posted by Ignasi Barrera <no...@github.com>.
> + * Provides an easy way to pass in credentials using the json-key format.
> + * Just provide the path to the .json file and this extracts and sets identity
> + * and credentials from the json.
> + */
> +public class GoogleComputeEngineCredentialSupplierFromJson implements Supplier<Credentials>{
> +
> + private Credentials creds;
> +
> + private GoogleComputeEngineCredentialSupplierFromJson(String jsonString){
> + creds = parseJsonKeyString(jsonString);
> + }
> +
> + /**
> + * Function for parsing JSON Key file downloaded from GCP developers console.
> + *
> + * @param pathToJsonFile.
This is no longer a path to a file.
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs-google/pull/124/files#r23723327
Re: [jclouds-labs-google] JCLOUDS-808: Enables working with .json key
files, adding GoogleComputeEngineCredenti... (#124)
Posted by danbroudy <no...@github.com>.
I set it up in a way that it would be easy to extend to google cloud storage. It is not currently being used with google cloud storage in this commit.
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs-google/pull/124#issuecomment-72570969
Re: [jclouds-labs-google] JCLOUDS-808: Enables working with .json key
files, adding GoogleComputeEngineCredenti... (#124)
Posted by Ignasi Barrera <no...@github.com>.
> + */
> +package org.jclouds.googlecomputeengine;
> +
> +import org.apache.commons.lang.StringEscapeUtils;
> +import org.jclouds.domain.Credentials;
> +
> +import com.google.common.base.Supplier;
> +import com.google.gson.JsonObject;
> +import com.google.gson.JsonParser;
> +
> +/*
> + * Provides an easy way to pass in credentials using the json-key format.
> + * Just provide the path to the .json file and this extracts and sets identity
> + * and credentials from the json.
> + */
> +public class GoogleComputeEngineCredentialSupplierFromJson implements Supplier<Credentials>{
What about just `CredentialsFromJson` or `GoogleComputeEngineCredentialsFromJson `?
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs-google/pull/124/files#r23723105
Re: [jclouds-labs-google] JCLOUDS-808: Enables working with .json key
files, adding GoogleComputeEngineCredenti... (#124)
Posted by danbroudy <no...@github.com>.
> + * this work for additional information regarding copyright ownership.
> + * The ASF licenses this file to You under the Apache License, Version 2.0
> + * (the "License"); you may not use this file except in compliance with
> + * the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing, software
> + * distributed under the License is distributed on an "AS IS" BASIS,
> + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
> + * See the License for the specific language governing permissions and
> + * limitations under the License.
> + */
> +package org.jclouds.googlecomputeengine;
> +
> +import org.apache.commons.lang.StringEscapeUtils;
Dependency removed.
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs-google/pull/124/files#r23739061
Re: [jclouds-labs-google] JCLOUDS-808: Enables working with .json key
files, adding GoogleComputeEngineCredenti... (#124)
Posted by Ignasi Barrera <no...@github.com>.
Cool @danbroudy! I like the supplier approach, as the json file contains both the identity and credential.
I'd only change the name of the supplier so it reflects it is for the json file format, and assume a json string as an input (as we do with the PEM string in the default auth) and delegate the file read to users. This way we don't get coupled to how the json file is stored. Makes sense?
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs-google/pull/124#issuecomment-71804916
Re: [jclouds-labs-google] JCLOUDS-808: Enables working with .json key
files, adding GoogleComputeEngineCredenti... (#124)
Posted by Ignasi Barrera <no...@github.com>.
Closed #124.
---
Reply to this email directly or view it on GitHub:
https://github.com/jclouds/jclouds-labs-google/pull/124#event-229145338