From 4d280f093130980dd0ac085844c3cbaa4aa472e2 Mon Sep 17 00:00:00 2001
From: Dave Cunningham <dcunnin@google.com>
Date: Wed, 11 Feb 2015 21:21:24 -0500
Subject: [PATCH] Use new oauth2 golang library

---
 builtin/providers/google/config.go | 44 ++++++++++++++++++------------
 1 file changed, 27 insertions(+), 17 deletions(-)

diff --git a/builtin/providers/google/config.go b/builtin/providers/google/config.go
index 3d61ad6be..009f00092 100644
--- a/builtin/providers/google/config.go
+++ b/builtin/providers/google/config.go
@@ -8,14 +8,12 @@ import (
 	"os"
 
 	"code.google.com/p/google-api-go-client/compute/v1"
-	// oauth2 "github.com/rasa/oauth2-fork-b3f9a68"
-	"github.com/golang/oauth2"
 
-	// oauth2 "github.com/rasa/oauth2-fork-b3f9a68/google"
-	"github.com/golang/oauth2/google"
+	"golang.org/x/oauth2"
+	"golang.org/x/oauth2/google"
+	"golang.org/x/oauth2/jwt"
 )
 
-const clientScopes string = "https://www.googleapis.com/auth/compute"
 
 // Config is the configuration structure used to instantiate the Google
 // provider.
@@ -41,8 +39,7 @@ func (c *Config) loadAndValidate() error {
 		c.Region = os.Getenv("GOOGLE_REGION")
 	}
 
-	var f *oauth2.Options
-	var err error
+	var client *http.Client
 
 	if c.AccountFile != "" {
 		if err := loadJSON(&account, c.AccountFile); err != nil {
@@ -52,29 +49,42 @@ func (c *Config) loadAndValidate() error {
 				err)
 		}
 
+		clientScopes := []string{"https://www.googleapis.com/auth/compute"}
+
 		// Get the token for use in our requests
 		log.Printf("[INFO] Requesting Google token...")
 		log.Printf("[INFO]   -- Email: %s", account.ClientEmail)
 		log.Printf("[INFO]   -- Scopes: %s", clientScopes)
 		log.Printf("[INFO]   -- Private Key Length: %d", len(account.PrivateKey))
 
-		f, err = oauth2.New(
-			oauth2.JWTClient(account.ClientEmail, []byte(account.PrivateKey)),
-			oauth2.Scope(clientScopes),
-			google.JWTEndpoint())
+		conf := jwt.Config{
+			Email:      account.ClientEmail,
+			PrivateKey: []byte(account.PrivateKey),
+			Scopes:     clientScopes,
+			TokenURL:   "https://accounts.google.com/o/oauth2/token",
+		}
+
+		// Initiate an http.Client. The following GET request will be
+		// authorized and authenticated on the behalf of
+		// your service account.
+		client = conf.Client(oauth2.NoContext)
 
 	} else {
 		log.Printf("[INFO] Requesting Google token via GCE Service Role...")
-		f, err = oauth2.New(google.ComputeEngineAccount(""))
+		client = &http.Client{
+			Transport: &oauth2.Transport{
+				// Fetch from Google Compute Engine's metadata server to retrieve
+				// an access token for the provided account.
+				// If no account is specified, "default" is used.
+				Source: google.ComputeTokenSource(""),
+			},
+		}
 
 	}
 
-	if err != nil {
-		return fmt.Errorf("Error retrieving auth token: %s", err)
-	}
-
 	log.Printf("[INFO] Instantiating GCE client...")
-	c.clientCompute, err = compute.New(&http.Client{Transport: f.NewTransport()})
+	var err error
+	c.clientCompute, err = compute.New(client)
 	if err != nil {
 		return err
 	}