• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2018 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 package com.android.tradefed.util;
17 
18 import com.android.tradefed.auth.ICredentialFactory;
19 import com.android.tradefed.config.GlobalConfiguration;
20 import com.android.tradefed.host.HostOptions;
21 import com.android.tradefed.log.LogUtil.CLog;
22 import com.android.tradefed.util.gcs.GoogleApiClientUtilBase;
23 
24 import com.google.api.client.auth.oauth2.Credential;
25 import com.google.auth.Credentials;
26 import com.google.common.annotations.VisibleForTesting;
27 
28 import java.io.File;
29 import java.io.IOException;
30 import java.security.GeneralSecurityException;
31 import java.util.ArrayList;
32 import java.util.Arrays;
33 import java.util.Collection;
34 import java.util.List;
35 
36 /** Utils for create Google API client. */
37 public class GoogleApiClientUtil extends GoogleApiClientUtilBase {
38 
39     private static GoogleApiClientUtil sInstance = null;
40 
getInstance()41     private static GoogleApiClientUtil getInstance() {
42         if (sInstance == null) {
43             sInstance = new GoogleApiClientUtil();
44         }
45         return sInstance;
46     }
47 
48 
49 
50     /**
51      * Try to create credential with different key files or from local host.
52      *
53      * <p>1. If primaryKeyFile is set, try to use it to create credential. 2. Try to get
54      * corresponding key files from {@link HostOptions}. 3. Try to use backup key files. 4. Use
55      * local default credential.
56      *
57      * @param scopes scopes for the credential.
58      * @param primaryKeyFile the primary json key file; it can be null.
59      * @param hostOptionKeyFileName {@link HostOptions}'service-account-json-key-file option's key;
60      *     it can be null.
61      * @param backupKeyFiles backup key files.
62      * @return a {@link Credential}
63      * @throws IOException
64      * @throws GeneralSecurityException
65      */
createCredential( Collection<String> scopes, File primaryKeyFile, String hostOptionKeyFileName, File... backupKeyFiles)66     public static Credentials createCredential(
67             Collection<String> scopes,
68             File primaryKeyFile,
69             String hostOptionKeyFileName,
70             File... backupKeyFiles)
71             throws IOException, GeneralSecurityException {
72         return getInstance()
73                 .doCreateCredential(scopes, primaryKeyFile, hostOptionKeyFileName, backupKeyFiles);
74     }
75 
76     /**
77      * Try to create credential with different key files or from local host.
78      *
79      * <p>1. Use {@link ICredentialFactory} if useCredentialFactory is true and a {@link
80      * ICredentialFactory} is configured. If primaryKeyFile is set, try to use it to create
81      * credential. 2. Try to get corresponding key files from {@link HostOptions}. 3. Try to use
82      * backup key files. 4. Use local default credential.
83      *
84      * @param scopes scopes for the credential.
85      * @param useCredentialFactory use credential factory if it's configured.
86      * @param primaryKeyFile the primary json key file; it can be null.
87      * @param hostOptionKeyFileName {@link HostOptions}'service-account-json-key-file option's key;
88      *     it can be null.
89      * @param backupKeyFiles backup key files.
90      * @return a {@link Credential}
91      * @throws IOException
92      * @throws GeneralSecurityException
93      */
createCredential( Collection<String> scopes, boolean useCredentialFactory, File primaryKeyFile, String hostOptionKeyFileName, File... backupKeyFiles)94     public static Credentials createCredential(
95             Collection<String> scopes,
96             boolean useCredentialFactory,
97             File primaryKeyFile,
98             String hostOptionKeyFileName,
99             File... backupKeyFiles)
100             throws IOException, GeneralSecurityException {
101         Credentials credential = null;
102         if (useCredentialFactory) {
103             credential = getInstance().doCreateCredentialFromCredentialFactory(scopes);
104             // TODO(b/186766552): Throw exception once all hosts configured CredentialFactory.
105             if (credential != null) {
106                 return credential;
107             }
108             CLog.i("No CredentialFactory configured, fallback to key files.");
109         }
110         return getInstance()
111                 .doCreateCredential(scopes, primaryKeyFile, hostOptionKeyFileName, backupKeyFiles);
112     }
113 
114     @VisibleForTesting
doCreateCredential( Collection<String> scopes, File primaryKeyFile, String hostOptionKeyFileName, File... backupKeyFiles)115     Credentials doCreateCredential(
116             Collection<String> scopes,
117             File primaryKeyFile,
118             String hostOptionKeyFileName,
119             File... backupKeyFiles)
120             throws IOException, GeneralSecurityException {
121 
122         List<File> keyFiles = new ArrayList<File>();
123         if (primaryKeyFile != null) {
124             keyFiles.add(primaryKeyFile);
125         }
126         File hostOptionKeyFile = null;
127         if (hostOptionKeyFileName != null) {
128             try {
129                 hostOptionKeyFile =
130                         GlobalConfiguration.getInstance()
131                                 .getHostOptions()
132                                 .getServiceAccountJsonKeyFiles()
133                                 .get(hostOptionKeyFileName);
134                 if (hostOptionKeyFile != null) {
135                     keyFiles.add(hostOptionKeyFile);
136                 }
137             } catch (IllegalStateException e) {
138                 CLog.d("Global configuration haven't been initialized.");
139             }
140         }
141         keyFiles.addAll(Arrays.asList(backupKeyFiles));
142         for (File keyFile : keyFiles) {
143             if (keyFile != null) {
144                 if (keyFile.exists() && keyFile.canRead()) {
145                     CLog.d("Using %s.", keyFile.getAbsolutePath());
146                     return doCreateCredentialFromJsonKeyFile(keyFile, scopes);
147                 } else {
148                     CLog.i("No access to %s.", keyFile.getAbsolutePath());
149                 }
150             }
151         }
152         return doCreateDefaultCredential(scopes);
153     }
154 
155 
156     @VisibleForTesting
doCreateCredentialFromCredentialFactory(Collection<String> scopes)157     Credentials doCreateCredentialFromCredentialFactory(Collection<String> scopes)
158             throws IOException {
159         try {
160             if (GlobalConfiguration.getInstance().getCredentialFactory() != null) {
161                 return GlobalConfiguration.getInstance()
162                         .getCredentialFactory()
163                         .createCredential(scopes);
164             }
165             CLog.w("No CredentialFactory configured.");
166         } catch (IllegalStateException e) {
167             System.out.println(
168                     "GlobalConfiguration is not initialized yet,"
169                             + "can not get CredentialFactory.");
170         }
171         return null;
172     }
173 
174 
175 }
176