This is an automated email from the ASF dual-hosted git repository.
exceptionfactory pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git
The following commit(s) were added to refs/heads/main by this push:
new 86317abd928 NIFI-15756 Added property for Scope in Google Drive
components (#11053)
86317abd928 is described below
commit 86317abd9287fc613b4a0e25f20c7fe3b3eb1cc8
Author: Pierre Villard <[email protected]>
AuthorDate: Fri Mar 27 03:06:59 2026 +0100
NIFI-15756 Added property for Scope in Google Drive components (#11053)
Signed-off-by: David Handermann <[email protected]>
---
.../processors/gcp/drive/FetchGoogleDrive.java | 6 +--
.../processors/gcp/drive/GoogleDriveApiScope.java | 49 ++++++++++++++++++++++
.../processors/gcp/drive/GoogleDriveTrait.java | 19 +++++++++
.../nifi/processors/gcp/drive/ListGoogleDrive.java | 6 +--
.../nifi/processors/gcp/drive/PutGoogleDrive.java | 6 +--
5 files changed, 77 insertions(+), 9 deletions(-)
diff --git
a/nifi-extension-bundles/nifi-gcp-bundle/nifi-gcp-processors/src/main/java/org/apache/nifi/processors/gcp/drive/FetchGoogleDrive.java
b/nifi-extension-bundles/nifi-gcp-bundle/nifi-gcp-processors/src/main/java/org/apache/nifi/processors/gcp/drive/FetchGoogleDrive.java
index bc635a004ef..419981a1d23 100644
---
a/nifi-extension-bundles/nifi-gcp-bundle/nifi-gcp-processors/src/main/java/org/apache/nifi/processors/gcp/drive/FetchGoogleDrive.java
+++
b/nifi-extension-bundles/nifi-gcp-bundle/nifi-gcp-processors/src/main/java/org/apache/nifi/processors/gcp/drive/FetchGoogleDrive.java
@@ -22,6 +22,7 @@ import com.google.api.client.http.HttpRequest;
import com.google.api.client.http.HttpRequestFactory;
import com.google.api.client.http.HttpResponse;
import com.google.api.services.drive.Drive;
+import com.google.api.services.drive.DriveScopes;
import com.google.api.services.drive.model.File;
import com.google.api.services.drive.model.User;
import org.apache.nifi.annotation.behavior.InputRequirement;
@@ -95,8 +96,6 @@ import static
org.apache.nifi.processors.gcp.drive.GoogleDriveAttributes.WEB_CON
import static
org.apache.nifi.processors.gcp.drive.GoogleDriveAttributes.WEB_CONTENT_LINK_DESC;
import static
org.apache.nifi.processors.gcp.drive.GoogleDriveAttributes.WEB_VIEW_LINK;
import static
org.apache.nifi.processors.gcp.drive.GoogleDriveAttributes.WEB_VIEW_LINK_DESC;
-import static
org.apache.nifi.processors.gcp.util.GoogleUtils.GOOGLE_CLOUD_PLATFORM_SCOPE;
-
@InputRequirement(InputRequirement.Requirement.INPUT_REQUIRED)
@Tags({"google", "drive", "storage", "fetch"})
@CapabilityDescription("Fetches files from a Google Drive Folder. Designed to
be used in tandem with ListGoogleDrive. " +
@@ -275,6 +274,7 @@ public class FetchGoogleDrive extends AbstractProcessor
implements GoogleDriveTr
GOOGLE_SPREADSHEET_EXPORT_TYPE,
GOOGLE_PRESENTATION_EXPORT_TYPE,
GOOGLE_DRAWING_EXPORT_TYPE,
+ GOOGLE_DRIVE_SCOPE,
ProxyConfiguration.createProxyConfigPropertyDescriptor(ProxyAwareTransportFactory.PROXY_SPECS),
CONNECT_TIMEOUT,
READ_TIMEOUT
@@ -304,7 +304,7 @@ public class FetchGoogleDrive extends AbstractProcessor
implements GoogleDriveTr
driveService = createDriveService(
context,
new ProxyAwareTransportFactory(proxyConfiguration).create(),
- GOOGLE_CLOUD_PLATFORM_SCOPE
+ resolveScopes(context, DriveScopes.DRIVE,
DriveScopes.DRIVE_FILE)
);
}
diff --git
a/nifi-extension-bundles/nifi-gcp-bundle/nifi-gcp-processors/src/main/java/org/apache/nifi/processors/gcp/drive/GoogleDriveApiScope.java
b/nifi-extension-bundles/nifi-gcp-bundle/nifi-gcp-processors/src/main/java/org/apache/nifi/processors/gcp/drive/GoogleDriveApiScope.java
new file mode 100644
index 00000000000..937aa75074c
--- /dev/null
+++
b/nifi-extension-bundles/nifi-gcp-bundle/nifi-gcp-processors/src/main/java/org/apache/nifi/processors/gcp/drive/GoogleDriveApiScope.java
@@ -0,0 +1,49 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.nifi.processors.gcp.drive;
+
+import org.apache.nifi.components.DescribedValue;
+
+public enum GoogleDriveApiScope implements DescribedValue {
+ DRIVE_SCOPES("Drive Scopes",
+ "Uses Drive-specific scopes. Recommended for most setups including
service accounts with domain-wide delegation."),
+ CLOUD_PLATFORM("Cloud Platform",
+ "Uses the broader cloud-platform scope. Required when using
Workload Identity Federation with service account impersonation.");
+
+ private final String displayName;
+ private final String description;
+
+ GoogleDriveApiScope(final String displayName, final String description) {
+ this.displayName = displayName;
+ this.description = description;
+ }
+
+ @Override
+ public String getDisplayName() {
+ return displayName;
+ }
+
+ @Override
+ public String getDescription() {
+ return description;
+ }
+
+ @Override
+ public String getValue() {
+ return name();
+ }
+}
diff --git
a/nifi-extension-bundles/nifi-gcp-bundle/nifi-gcp-processors/src/main/java/org/apache/nifi/processors/gcp/drive/GoogleDriveTrait.java
b/nifi-extension-bundles/nifi-gcp-bundle/nifi-gcp-processors/src/main/java/org/apache/nifi/processors/gcp/drive/GoogleDriveTrait.java
index 122d9d45488..ad22d6ff0c9 100644
---
a/nifi-extension-bundles/nifi-gcp-bundle/nifi-gcp-processors/src/main/java/org/apache/nifi/processors/gcp/drive/GoogleDriveTrait.java
+++
b/nifi-extension-bundles/nifi-gcp-bundle/nifi-gcp-processors/src/main/java/org/apache/nifi/processors/gcp/drive/GoogleDriveTrait.java
@@ -51,6 +51,17 @@ public interface GoogleDriveTrait {
String OLD_CONNECT_TIMEOUT_PROPERTY_NAME = "connect-timeout";
String OLD_READ_TIMEOUT_PROPERTY_NAME = "read-timeout";
+ PropertyDescriptor GOOGLE_DRIVE_SCOPE = new PropertyDescriptor.Builder()
+ .name("Google Drive API Scope")
+ .description("""
+ Specifies the OAuth2 scope to request when accessing
Google Drive.
+ 'Drive Scopes' uses drive-specific scopes and is
recommended for most setups, including service accounts with domain-wide
delegation.
+ 'Cloud Platform' uses the broader cloud-platform scope,
which is required when using Workload Identity Federation with service account
impersonation.""")
+ .required(true)
+ .defaultValue(GoogleDriveApiScope.DRIVE_SCOPES)
+ .allowableValues(GoogleDriveApiScope.class)
+ .build();
+
JsonFactory JSON_FACTORY = GsonFactory.getDefaultInstance();
PropertyDescriptor CONNECT_TIMEOUT = new PropertyDescriptor.Builder()
@@ -115,6 +126,14 @@ public interface GoogleDriveTrait {
return gcpCredentialsService.getGoogleCredentials();
}
+ default String[] resolveScopes(final ProcessContext context, final
String... driveSpecificScopes) {
+ final String scopeValue =
context.getProperty(GOOGLE_DRIVE_SCOPE).getValue();
+ if (GoogleDriveApiScope.CLOUD_PLATFORM.getValue().equals(scopeValue)) {
+ return new String[] {GoogleUtils.GOOGLE_CLOUD_PLATFORM_SCOPE};
+ }
+ return driveSpecificScopes;
+ }
+
default GoogleDriveFileInfo.Builder createGoogleDriveFileInfoBuilder(final
File file) {
return new GoogleDriveFileInfo.Builder()
.id(file.getId())
diff --git
a/nifi-extension-bundles/nifi-gcp-bundle/nifi-gcp-processors/src/main/java/org/apache/nifi/processors/gcp/drive/ListGoogleDrive.java
b/nifi-extension-bundles/nifi-gcp-bundle/nifi-gcp-processors/src/main/java/org/apache/nifi/processors/gcp/drive/ListGoogleDrive.java
index cf8857c6864..943c34a439f 100644
---
a/nifi-extension-bundles/nifi-gcp-bundle/nifi-gcp-processors/src/main/java/org/apache/nifi/processors/gcp/drive/ListGoogleDrive.java
+++
b/nifi-extension-bundles/nifi-gcp-bundle/nifi-gcp-processors/src/main/java/org/apache/nifi/processors/gcp/drive/ListGoogleDrive.java
@@ -18,6 +18,7 @@ package org.apache.nifi.processors.gcp.drive;
import com.google.api.client.http.HttpTransport;
import com.google.api.services.drive.Drive;
+import com.google.api.services.drive.DriveScopes;
import com.google.api.services.drive.model.File;
import com.google.api.services.drive.model.FileList;
import com.google.api.services.drive.model.User;
@@ -101,8 +102,6 @@ import static
org.apache.nifi.processors.gcp.drive.GoogleDriveAttributes.WEB_CON
import static
org.apache.nifi.processors.gcp.drive.GoogleDriveAttributes.WEB_CONTENT_LINK_DESC;
import static
org.apache.nifi.processors.gcp.drive.GoogleDriveAttributes.WEB_VIEW_LINK;
import static
org.apache.nifi.processors.gcp.drive.GoogleDriveAttributes.WEB_VIEW_LINK_DESC;
-import static
org.apache.nifi.processors.gcp.util.GoogleUtils.GOOGLE_CLOUD_PLATFORM_SCOPE;
-
@PrimaryNodeOnly
@TriggerSerially
@Tags({"google", "drive", "storage"})
@@ -199,6 +198,7 @@ public class ListGoogleDrive extends
AbstractListProcessor<GoogleDriveFileInfo>
TRACKING_TIME_WINDOW,
INITIAL_LISTING_TARGET,
RECORD_WRITER,
+ GOOGLE_DRIVE_SCOPE,
ProxyConfiguration.createProxyConfigPropertyDescriptor(ProxyAwareTransportFactory.PROXY_SPECS),
CONNECT_TIMEOUT,
READ_TIMEOUT
@@ -229,7 +229,7 @@ public class ListGoogleDrive extends
AbstractListProcessor<GoogleDriveFileInfo>
HttpTransport httpTransport = new
ProxyAwareTransportFactory(proxyConfiguration).create();
- driveService = createDriveService(context, httpTransport,
GOOGLE_CLOUD_PLATFORM_SCOPE);
+ driveService = createDriveService(context, httpTransport,
resolveScopes(context, DriveScopes.DRIVE, DriveScopes.DRIVE_METADATA_READONLY));
}
@Override
diff --git
a/nifi-extension-bundles/nifi-gcp-bundle/nifi-gcp-processors/src/main/java/org/apache/nifi/processors/gcp/drive/PutGoogleDrive.java
b/nifi-extension-bundles/nifi-gcp-bundle/nifi-gcp-processors/src/main/java/org/apache/nifi/processors/gcp/drive/PutGoogleDrive.java
index da7b2a9b699..d0bd63b5e25 100644
---
a/nifi-extension-bundles/nifi-gcp-bundle/nifi-gcp-processors/src/main/java/org/apache/nifi/processors/gcp/drive/PutGoogleDrive.java
+++
b/nifi-extension-bundles/nifi-gcp-bundle/nifi-gcp-processors/src/main/java/org/apache/nifi/processors/gcp/drive/PutGoogleDrive.java
@@ -26,6 +26,7 @@ import com.google.api.client.http.InputStreamContent;
import com.google.api.client.util.DateTime;
import com.google.api.services.drive.Drive;
import com.google.api.services.drive.DriveRequest;
+import com.google.api.services.drive.DriveScopes;
import com.google.api.services.drive.model.File;
import com.google.api.services.drive.model.FileList;
import org.apache.nifi.annotation.behavior.InputRequirement;
@@ -100,8 +101,6 @@ import static
org.apache.nifi.processors.gcp.drive.GoogleDriveAttributes.SIZE_DE
import static
org.apache.nifi.processors.gcp.drive.GoogleDriveAttributes.TIMESTAMP;
import static
org.apache.nifi.processors.gcp.drive.GoogleDriveAttributes.TIMESTAMP_DESC;
import static
org.apache.nifi.processors.gcp.util.GoogleUtils.GCP_CREDENTIALS_PROVIDER_SERVICE;
-import static
org.apache.nifi.processors.gcp.util.GoogleUtils.GOOGLE_CLOUD_PLATFORM_SCOPE;
-
@SeeAlso({ListGoogleDrive.class, FetchGoogleDrive.class})
@InputRequirement(Requirement.INPUT_REQUIRED)
@Tags({"google", "drive", "storage", "put"})
@@ -172,6 +171,7 @@ public class PutGoogleDrive extends AbstractProcessor
implements GoogleDriveTrai
CONFLICT_RESOLUTION,
CHUNKED_UPLOAD_THRESHOLD,
CHUNKED_UPLOAD_SIZE,
+ GOOGLE_DRIVE_SCOPE,
ProxyConfiguration.createProxyConfigPropertyDescriptor(ProxyAwareTransportFactory.PROXY_SPECS),
CONNECT_TIMEOUT,
READ_TIMEOUT
@@ -317,7 +317,7 @@ public class PutGoogleDrive extends AbstractProcessor
implements GoogleDriveTrai
final HttpTransport httpTransport = new
ProxyAwareTransportFactory(proxyConfiguration).create();
- driveService = createDriveService(context, httpTransport,
GOOGLE_CLOUD_PLATFORM_SCOPE);
+ driveService = createDriveService(context, httpTransport,
resolveScopes(context, DriveScopes.DRIVE, DriveScopes.DRIVE_METADATA));
}
@Override
