winding-lines commented on code in PR #3541:
URL: https://github.com/apache/arrow-rs/pull/3541#discussion_r1085297606
##########
object_store/src/gcp/credential.rs:
##########
@@ -195,6 +218,88 @@ impl OAuthProvider {
}
}
+fn reader_credentials_file<T>(
+ service_account_path: impl AsRef<std::path::Path>,
+) -> Result<T>
+where
+ T: serde::de::DeserializeOwned,
+{
+ let file = File::open(service_account_path).context(OpenCredentialsSnafu)?;
+ let reader = BufReader::new(file);
+ serde_json::from_reader(reader).context(DecodeCredentialsSnafu)
+}
+
+/// A deserialized `service-account-********.json`-file.
+#[derive(serde::Deserialize, Debug)]
+pub(crate) struct ServiceAccountCredentials {
+ /// The private key in RSA format.
+ pub private_key: String,
+
+ /// The email address associated with the service account.
+ pub client_email: String,
+
+ /// Base URL for GCS
+ #[serde(default = "default_gcs_base_url")]
+ pub gcs_base_url: String,
+
+ /// Disable oauth and use empty tokens.
+ #[serde(default = "default_disable_oauth")]
+ pub disable_oauth: bool,
+}
+
+pub(crate) fn default_gcs_base_url() -> String {
+ "https://storage.googleapis.com".to_owned()
+}
+
+pub(crate) fn default_disable_oauth() -> bool {
+ false
+}
+
+impl ServiceAccountCredentials {
+ /// Create a new [`ServiceAccountCredentials`] from a file.
+ pub fn from_file<P: AsRef<std::path::Path>>(path: P) -> Result<Self> {
+ reader_credentials_file(path)
+ }
+
+ /// Create a new [`ServiceAccountCredentials`] from a string.
+ pub fn from_key(key: &str) -> Result<Self> {
+ serde_json::from_str(key).context(DecodeCredentialsSnafu)
+ }
+
+ /// Create an [`OAuthProvider`] from this credentials struct.
+ pub fn token_provider(
+ self,
+ scope: &str,
+ audience: &str,
+ ) -> Result<Box<dyn TokenProvider>> {
+ Ok(Box::new(OAuthProvider::new(
+ self.client_email,
+ self.private_key,
+ scope.to_string(),
+ audience.to_string(),
+ )?) as Box<dyn TokenProvider>)
+ }
+}
+
+/// A no-op provider that returns empty tokens
+#[derive(Debug)]
+pub struct NoOpProvider;
+
+#[async_trait]
+impl TokenProvider for NoOpProvider {
+ /// Fetch a fresh token
+ async fn fetch_token(
+ &self,
+ _client: &Client,
+ _retry: &RetryConfig,
+ ) -> Result<TemporaryToken<String>> {
+ Ok(TemporaryToken {
+ token: "".to_string(),
+ expiry: Instant::now(),
+ })
+ }
+}
+
Review Comment:
Good catch, deleted.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
