Skip to content

Commit

Permalink
feat(google_drive): Load Google oauth2 creds from Vault
Browse files Browse the repository at this point in the history
  • Loading branch information
ondrejsika committed Oct 23, 2023
1 parent a4d18d8 commit ec2103c
Show file tree
Hide file tree
Showing 4 changed files with 103 additions and 8 deletions.
7 changes: 1 addition & 6 deletions cmd/google_drive/get_token/get_token.go
Original file line number Diff line number Diff line change
Expand Up @@ -16,10 +16,7 @@ var Cmd = &cobra.Command{
Aliases: []string{"u"},
Args: cobra.NoArgs,
Run: func(c *cobra.Command, args []string) {
google_drive_utils.GetToken(
FlagClientId,
FlagClientSecret,
)
google_drive_utils.GetToken(FlagClientId, FlagClientSecret)
},
}

Expand All @@ -31,12 +28,10 @@ func init() {
"",
"Google Drive Client ID",
)
Cmd.MarkFlagRequired("client-id")
Cmd.Flags().StringVar(
&FlagClientSecret,
"client-secret",
"",
"Google Drive Client Secret",
)
Cmd.MarkFlagRequired("client-secret")
}
3 changes: 1 addition & 2 deletions cmd/google_drive/upload/upload.go
Original file line number Diff line number Diff line change
Expand Up @@ -34,18 +34,17 @@ func init() {
"",
"Google Drive Client ID",
)
Cmd.MarkFlagRequired("client-id")
Cmd.Flags().StringVar(
&FlagClientSecret,
"client-secret",
"",
"Google Drive Client Secret",
)
Cmd.MarkFlagRequired("client-secret")
Cmd.Flags().StringVar(
&FlagAccessToken,
"access-token",
"",
"Google Drive Access Token",
)
Cmd.MarkFlagRequired("access-token")
}
44 changes: 44 additions & 0 deletions utils/google_drive_utils/google_drive_utils.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,17 @@ import (
"path/filepath"
"time"

"github.com/sikalabs/slu/utils/vault_google_drive_utils"
"golang.org/x/oauth2"
drive "google.golang.org/api/drive/v3"
"google.golang.org/api/option"
)

func Upload(clientId, clientSecret, accessToken, fileToUpload string) {
if clientId == "" && clientSecret == "" {
clientId, clientSecret = GetGoogleDriveUploadSecretsFromVaultOrEnvOrDie()
}

conf := &oauth2.Config{
ClientID: clientId,
ClientSecret: clientSecret,
Expand Down Expand Up @@ -54,6 +59,10 @@ func Upload(clientId, clientSecret, accessToken, fileToUpload string) {
}

func GetToken(clientId, clientSecret string) {
if clientId == "" && clientSecret == "" {
clientId, clientSecret = GetGoogleDriveUploadSecretsFromVaultOrEnvOrDie()
}

ctx := context.Background()
conf := &oauth2.Config{
ClientID: clientId,
Expand Down Expand Up @@ -83,3 +92,38 @@ func GetToken(clientId, clientSecret string) {
time.Sleep(1 * time.Second)
}
}

func GetGoogleDriveUploadSecretsFromVaultOrEnvOrDie() (
string, string,
) {
clientIdVault, clientSecretVault,
_ := vault_google_drive_utils.GetGoogleDriveUploadSecrets("secret/data/slu/google-drive-upload/client")

// Client ID
var clientId string
clientIdEnv := os.Getenv("SLU_GOOGLE_DRIVE_UPLOAD_CLIENT_ID")
if clientIdVault != "" {
clientId = clientIdVault
}
if clientIdEnv != "" {
clientId = clientIdEnv
}
if clientId == "" {
log.Fatalln("SLU_GOOGLE_DRIVE_UPLOAD_CLIENT_ID is empty")
}

// Client Secret
var clientSecret string
clientSecretEnv := os.Getenv("SLU_GOOGLE_DRIVE_UPLOAD_CLIENT_SECRET")
if clientIdVault != "" {
clientSecret = clientSecretVault
}
if clientIdEnv != "" {
clientSecret = clientSecretEnv
}
if clientSecret == "" {
log.Fatalln("SLU_GOOGLE_DRIVE_UPLOAD_CLIENT_SECRET is empty")
}

return clientId, clientSecret
}
57 changes: 57 additions & 0 deletions utils/vault_google_drive_utils/vault_google_drive_utils.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
package vault_google_drive_utils

import (
"fmt"

"github.com/sikalabs/slu/config"
"github.com/sikalabs/slu/utils/vault_utils"
)

func GetGoogleDriveUploadSecrets(vaultPath string) (string, string, error) {
conf := config.ReadConfig()
sec := config.ReadSecrets()

client, err := vault_utils.GetClient(conf.SluVault.Url)
if err != nil {
return "", "", err
}
client.SetToken(sec.SluVault.Token)

secret, err := client.Logical().Read(vaultPath)
if err != nil {
return "", "", err
}
if secret == nil {
return "", "", fmt.Errorf("secret " + vaultPath + " not found")
}
data, ok := secret.Data["data"].(map[string]interface{})
if !ok {
return "", "", fmt.Errorf("wrong data")
}
clientId, err := getString(data, "CLIENT_ID", true)
if err != nil {
return "", "", err
}
clientSecret, err := getString(data, "CLIENT_SECRET", true)
if err != nil {
return "", "", err
}
return clientId, clientSecret, nil
}

func getString(data map[string]interface{}, key string, required bool) (string, error) {
val, ok := data[key]
if !ok {
if !required {
return "", nil
}
return "", fmt.Errorf("key \"%s\" not found", key)
}
if val == nil {
if !required {
return "", nil
}
return "", fmt.Errorf("no value for key \"%s\"", key)
}
return val.(string), nil
}

0 comments on commit ec2103c

Please sign in to comment.