Package gsutil implements a hacky shim that makes gsutil use LUCI local auth.

It constructs a special .boto config file that instructs gsutil to use local HTTP endpoint as token_uri (it's the one that exchanges OAuth2 refresh token for an access token). This endpoint is implemented on top of LUCI auth.

Thus gsutil thinks it's using 3-legged OAuth2 flow, while in fact it is getting the token through LUCI protocols.



This section is empty.


This section is empty.


func PrepareStateDir

func PrepareStateDir(b *Boto) (string, error)

PrepareStateDir prepares a directory (based on b.StateDir) for gsutil to keep its state and drops .boto config there.

Returns path to the created .boto file.


type Boto

type Boto struct {
	StateDir          string // value of GSUtil.state_dir
	RefreshToken      string // value of Credentials.gs_oauth2_refresh_token
	GCEServiceAccount string // value of GoogleCompute.service_account
	ProviderLabel     string // value of OAuth2.provider_label
	ProviderAuthURI   string // value of OAuth2.provider_authorization_uri
	ProviderTokenURI  string // value of OAuth2.provider_token_uri

Boto represents a subset of .boto gsutil configuration file.

func (*Boto) Write

func (b *Boto) Write(path string) error

Write creates the config file.

type Server

type Server struct {
	// Source is used to obtain OAuth2 tokens.
	Source oauth2.TokenSource
	// StateDir is where to drop new .boto file and where to keep gsutil state.
	StateDir string
	// Port is a local TCP port to bind to or 0 to allow the OS to pick one.
	Port int
	// contains filtered or unexported fields

Server runs a local server that handles requests to token_uri.

It also manages a directory with gsutil state, since part of the state is the cached OAuth2 token that we don't want to put into default global ~/.gsutil state directory.

func (*Server) Start

func (s *Server) Start(ctx context.Context) (botoCfg string, err error)

Start launches background goroutine with the serving loop and prepares .boto.

Returns absolute path to new .boto file. It is always inside StateDir. Caller is responsible for creating StateDir (and later deleting it, if necessary).

The provided context is used as base context for request handlers and for logging. The server must be eventually stopped with Stop().

func (*Server) Stop

func (s *Server) Stop(ctx context.Context) error

Stop closes the listening socket, notifies pending requests to abort and stops the internal serving goroutine.

Safe to call multiple times. Once stopped, the server cannot be started again (make a new instance of Server instead).

Uses the given context for the deadline when waiting for the serving loop to stop.

Source Files