LEFT | RIGHT |
1 /* | 1 /* |
2 Copyright 2013 Google Inc | 2 Copyright 2013 Google Inc |
3 | 3 |
4 Licensed under the Apache License, Version 2.0 (the "License"); | 4 Licensed under the Apache License, Version 2.0 (the "License"); |
5 you may not use this file except in compliance with the License. | 5 you may not use this file except in compliance with the License. |
6 You may obtain a copy of the License at | 6 You may obtain a copy of the License at |
7 | 7 |
8 http://www.apache.org/licenses/LICENSE-2.0 | 8 http://www.apache.org/licenses/LICENSE-2.0 |
9 | 9 |
10 Unless required by applicable law or agreed to in writing, software | 10 Unless required by applicable law or agreed to in writing, software |
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
43 /// </para> | 43 /// </para> |
44 /// </summary> | 44 /// </summary> |
45 public class ServiceAccountCredential : IHttpExecuteInterceptor, IHttpUnsucc
essfulResponseHandler, | 45 public class ServiceAccountCredential : IHttpExecuteInterceptor, IHttpUnsucc
essfulResponseHandler, |
46 IConfigurableHttpClientInitializer | 46 IConfigurableHttpClientInitializer |
47 { | 47 { |
48 private static readonly ILogger Logger = ApplicationContext.Logger.ForTy
pe<ServiceAccountCredential>(); | 48 private static readonly ILogger Logger = ApplicationContext.Logger.ForTy
pe<ServiceAccountCredential>(); |
49 | 49 |
50 /// <summary>An initializer class for the service account credential. </
summary> | 50 /// <summary>An initializer class for the service account credential. </
summary> |
51 public class Initializer | 51 public class Initializer |
52 { | 52 { |
53 /// <summary>Gets or sets the service account ID (typically an e-mai
l address).</summary> | 53 /// <summary>Gets the service account ID (typically an e-mail addres
s).</summary> |
54 public string Id { get; private set; } | 54 public string Id { get; private set; } |
55 | 55 |
56 /// <summary>Gets the token server URL.</summary> | 56 /// <summary>Gets the token server URL.</summary> |
57 public string TokenServerUrl { get; private set; } | 57 public string TokenServerUrl { get; private set; } |
58 | 58 |
59 /// <summary> | 59 /// <summary> |
60 /// Gets or sets the email address of the user the application is tr
ying to impersonate in the service· | 60 /// Gets or sets the email address of the user the application is tr
ying to impersonate in the service· |
61 /// account flow or <c>null</c>. | 61 /// account flow or <c>null</c>. |
62 /// </summary> | 62 /// </summary> |
63 public string User { get; set; } | 63 public string User { get; set; } |
(...skipping 13 matching lines...) Expand all Loading... |
77 /// </summary> | 77 /// </summary> |
78 public RSACryptoServiceProvider Key { get; set; } | 78 public RSACryptoServiceProvider Key { get; set; } |
79 | 79 |
80 /// <summary> | 80 /// <summary> |
81 /// Gets or sets the method for presenting the access token to the r
esource server. | 81 /// Gets or sets the method for presenting the access token to the r
esource server. |
82 /// The default value is <seealso cref="BearerToken.AuthorizationHea
derAccessMethod"/>. | 82 /// The default value is <seealso cref="BearerToken.AuthorizationHea
derAccessMethod"/>. |
83 /// </summary> | 83 /// </summary> |
84 public IAccessMethod AccessMethod { get; set; } | 84 public IAccessMethod AccessMethod { get; set; } |
85 | 85 |
86 /// <summary>· | 86 /// <summary>· |
87 /// Gets or sets the factory for creating <see cref="System.Net.Http
.HttpClient"/> instance. | 87 /// Gets or sets the factory for creating a <see cref="System.Net.Ht
tp.HttpClient"/> instance. |
88 /// </summary> | 88 /// </summary> |
89 public IHttpClientFactory HttpClientFactory { get; set; } | 89 public IHttpClientFactory HttpClientFactory { get; set; } |
90 | 90 |
91 /// <summary> | 91 /// <summary> |
92 /// Get or sets the exponential back-off policy. Default value is <
c>UnsuccessfulResponse503</c>, which· | 92 /// Get or sets the exponential back-off policy. Default value is <
c>UnsuccessfulResponse503</c>, which· |
93 /// means that exponential back-off is used on 503 abnormal HTTP res
ponses. | 93 /// means that exponential back-off is used on 503 abnormal HTTP res
ponses. |
94 /// If the value is set to <c>None</c>, no exponential back-off poli
cy is used, and it's up to user to | 94 /// If the value is set to <c>None</c>, no exponential back-off poli
cy is used, and it's up to the user to |
95 /// configure the <seealso cref="Google.Apis.Http.ConfigurableMessag
eHandler"/> in an | 95 /// configure the <seealso cref="Google.Apis.Http.ConfigurableMessag
eHandler"/> in an |
96 /// <seealso cref="Google.Apis.Http.IConfigurableHttpClientInitializ
er"/> to set a specific back-off | 96 /// <seealso cref="Google.Apis.Http.IConfigurableHttpClientInitializ
er"/> to set a specific back-off |
97 /// implementation (using <seealso cref="Google.Apis.Http.BackOffHan
dler"/>). | 97 /// implementation (using <seealso cref="Google.Apis.Http.BackOffHan
dler"/>). |
98 /// </summary> | 98 /// </summary> |
99 public ExponentialBackOffPolicy DefaultExponentialBackOffPolicy { ge
t; set; } | 99 public ExponentialBackOffPolicy DefaultExponentialBackOffPolicy { ge
t; set; } |
100 | 100 |
101 /// <summary>Constructs a new initializer using the given id.</summa
ry> | 101 /// <summary>Constructs a new initializer using the given id.</summa
ry> |
102 public Initializer(string id) | 102 public Initializer(string id) |
103 : this(id, GoogleAuthConsts.TokenUrl) | 103 : this(id, GoogleAuthConsts.TokenUrl) { } |
104 { | |
105 } | |
106 | 104 |
107 /// <summary>Constructs a new initializer using the given id and the
token server URL.</summary> | 105 /// <summary>Constructs a new initializer using the given id and the
token server URL.</summary> |
108 public Initializer(string id, string tokenServerUrl) | 106 public Initializer(string id, string tokenServerUrl) |
109 { | 107 { |
110 Id = id; | 108 Id = id; |
111 TokenServerUrl = tokenServerUrl; | 109 TokenServerUrl = tokenServerUrl; |
112 | 110 |
113 AccessMethod = new BearerToken.AuthorizationHeaderAccessMethod()
; | 111 AccessMethod = new BearerToken.AuthorizationHeaderAccessMethod()
; |
114 Clock = SystemClock.Default; | 112 Clock = SystemClock.Default; |
115 DefaultExponentialBackOffPolicy = ExponentialBackOffPolicy.Unsuc
cessfulResponse503; | 113 DefaultExponentialBackOffPolicy = ExponentialBackOffPolicy.Unsuc
cessfulResponse503; |
(...skipping 142 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
258 /// https://developers.google.com/accounts/docs/OAuth2ServiceAccount#mak
ingrequest. | 256 /// https://developers.google.com/accounts/docs/OAuth2ServiceAccount#mak
ingrequest. |
259 /// </summary> | 257 /// </summary> |
260 /// <param name="taskCancellationToken">Cancellation token to cancel ope
ration</param> | 258 /// <param name="taskCancellationToken">Cancellation token to cancel ope
ration</param> |
261 /// <returns><c>true</c> if a new token was received successfully</retur
ns> | 259 /// <returns><c>true</c> if a new token was received successfully</retur
ns> |
262 private async Task<bool> RequestAccessToken(CancellationToken taskCancel
lationToken) | 260 private async Task<bool> RequestAccessToken(CancellationToken taskCancel
lationToken) |
263 { | 261 { |
264 string serializedHeader = CreateSerializedHeader(); | 262 string serializedHeader = CreateSerializedHeader(); |
265 string serializedPayload = GetSerializedPayload(); | 263 string serializedPayload = GetSerializedPayload(); |
266 | 264 |
267 StringBuilder assertion = new StringBuilder(); | 265 StringBuilder assertion = new StringBuilder(); |
268 assertion.Append(UrlSafeBase64Encode(serializedHeader)); | 266 assertion.Append(UrlSafeBase64Encode(serializedHeader)) |
269 assertion.Append("."); | 267 .Append(".") |
270 assertion.Append(UrlSafeBase64Encode(serializedPayload)); | 268 .Append(UrlSafeBase64Encode(serializedPayload)); |
271 | 269 |
272 // Sign the header and the payload. | 270 // Sign the header and the payload. |
273 var signature = UrlSafeBase64Encode(key.SignData(Encoding.ASCII.GetB
ytes(assertion.ToString()), "SHA256")); | 271 var signature = UrlSafeBase64Encode(key.SignData(Encoding.ASCII.GetB
ytes(assertion.ToString()), "SHA256")); |
274 assertion.Append("."); | 272 assertion.Append(".").Append(signature); |
275 assertion.Append(signature); | |
276 | 273 |
277 // Create the request. | 274 // Create the request. |
278 var request = new GoogleAssertionTokenRequest() | 275 var request = new GoogleAssertionTokenRequest() |
279 { | 276 { |
280 Assertion = assertion.ToString() | 277 Assertion = assertion.ToString() |
281 }; | 278 }; |
282 | 279 |
283 Logger.Debug("Request a new access token. Assertion data is: " + req
uest.Assertion); | 280 Logger.Debug("Request a new access token. Assertion data is: " + req
uest.Assertion); |
284 | 281 |
285 var newToken = await request.ExecuteAsync(httpClient, tokenServerUrl
, taskCancellationToken, Clock); | 282 var newToken = await request.ExecuteAsync(httpClient, tokenServerUrl
, taskCancellationToken, Clock); |
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
332 | 329 |
333 /// <summary>Encodes the byte array into an URL safe base64 string.</sum
mary> | 330 /// <summary>Encodes the byte array into an URL safe base64 string.</sum
mary> |
334 /// <param name="bytes">Byte array to encode</param> | 331 /// <param name="bytes">Byte array to encode</param> |
335 /// <returns>The URL safe base64 string</returns> | 332 /// <returns>The URL safe base64 string</returns> |
336 private string UrlSafeBase64Encode(byte[] bytes) | 333 private string UrlSafeBase64Encode(byte[] bytes) |
337 { | 334 { |
338 return Convert.ToBase64String(bytes).Replace("=", String.Empty).Repl
ace('+', '-').Replace('/', '_'); | 335 return Convert.ToBase64String(bytes).Replace("=", String.Empty).Repl
ace('+', '-').Replace('/', '_'); |
339 } | 336 } |
340 } | 337 } |
341 } | 338 } |
LEFT | RIGHT |