diff --git a/credentials/google/google.go b/credentials/google/google.go index 07d0d0dc29cc..27c85e16facb 100644 --- a/credentials/google/google.go +++ b/credentials/google/google.go @@ -35,63 +35,56 @@ const tokenRequestTimeout = 30 * time.Second var logger = grpclog.Component("credentials") -// NewDefaultCredentials returns a credentials bundle that is configured to work -// with google services. +// DefaultCredsOptions constructs options to build DefaultCreds. +type DefaultCredsOptions struct { + // PerRPCCreds is a per RPC credentials that is passed to a bundle. + PerRPCCreds credentials.PerRPCCredentials +} + +// NewDefaultCredentialsWithOptions returns a credentials bundle that is +// configured to work with google services. // // This API is experimental. -func NewDefaultCredentials() credentials.Bundle { +func NewDefaultCredentialsWithOptions(opts DefaultCredsOptions) credentials.Bundle { + perRPC := opts.PerRPCCreds + if perRPC == nil { + ctx, cancel := context.WithTimeout(context.Background(), tokenRequestTimeout) + defer cancel() + var err error + perRPC, err = oauth.NewApplicationDefault(ctx) + if err != nil { + logger.Warningf("google default creds: failed to create application oauth: %v", err) + } + } c := &creds{ newPerRPCCreds: func() credentials.PerRPCCredentials { - ctx, cancel := context.WithTimeout(context.Background(), tokenRequestTimeout) - defer cancel() - perRPCCreds, err := oauth.NewApplicationDefault(ctx) - if err != nil { - logger.Warningf("google default creds: failed to create application oauth: %v", err) - } - return perRPCCreds + return perRPC }, } bundle, err := c.NewWithMode(internal.CredsBundleModeFallback) if err != nil { - logger.Warningf("google default creds: failed to create new creds: %v", err) + logger.Warningf("compute engine creds with per rpc: failed to create new creds: %v", err) } return bundle } -// NewComputeEngineCredentials returns a credentials bundle that is configured to work -// with google services. This API must only be used when running on GCE. Authentication configured -// by this API represents the GCE VM's default service account. +// NewDefaultCredentials returns a credentials bundle that is configured to work +// with google services. // // This API is experimental. -func NewComputeEngineCredentials() credentials.Bundle { - return NewComputeEngineCredsWithOptions(ComputeEngineCredsOptions{}) -} - -// ComputeEngineCredsOptions constructs compite engine credentials with options. -type ComputeEngineCredsOptions struct { - // PerRPCCreds is a per RPC credentials that is passed to a bundle. - PerRPCCreds credentials.PerRPCCredentials +func NewDefaultCredentials() credentials.Bundle { + return NewDefaultCredentialsWithOptions(DefaultCredsOptions{}) } -// NewComputeEngineCredsWithOptions returns a credentials bundle that is configured to work -// with google services. This API must only be used when running on GCE. +// NewComputeEngineCredentials returns a credentials bundle that is configured to work +// with google services. This API must only be used when running on GCE. Authentication configured +// by this API represents the GCE VM's default service account. // // This API is experimental. -func NewComputeEngineCredsWithOptions(perRPCOpts ComputeEngineCredsOptions) credentials.Bundle { - perRPC := oauth.NewComputeEngine() - if perRPCOpts.PerRPCCreds != nil { - perRPC = perRPCOpts.PerRPCCreds - } - c := &creds{ - newPerRPCCreds: func() credentials.PerRPCCredentials { - return perRPC - }, - } - bundle, err := c.NewWithMode(internal.CredsBundleModeFallback) - if err != nil { - logger.Warningf("compute engine creds with per rpc: failed to create new creds: %v", err) - } - return bundle +func NewComputeEngineCredentials() credentials.Bundle { + return NewDefaultCredentialsWithOptions(DefaultCredsOptions{ + PerRPCCreds: oauth.NewComputeEngine(), + }) } // creds implements credentials.Bundle.