stackdriver: wip - add logic for retrieving token from gce metadata server in the auth provider

7 years ago · 60617d0bf7
parent 77e4c4249d
commit 60617d0bf7
2 changed files with 15 additions and 14 deletions
--- a/pkg/api/pluginproxy/ds_auth_provider.go
+++ b/pkg/api/pluginproxy/ds_auth_provider.go
@ -55,24 +55,24 @@ func ApplyRoute(ctx context.Context, req *http.Request, proxyPath string, route
 		}
 	}

-	// if route.JwtTokenAuth != nil && len(ds.SecureJsonData["privateKey"]) != 0 {
-	// 	if token, err := tokenProvider.getJwtAccessToken(ctx, data); err != nil {
-	// 		logger.Error("Failed to get access token", "error", err)
-	// 	} else {
-	// 		req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", token))
-	// 	}
-	// }
-
-	if ds.Type == "stackdriver" {
-		defaultCredentials, err := google.FindDefaultCredentials(ctx, route.JwtTokenAuth.Scopes...)
+	gceAutoAuthentication := ds.JsonData.Get("gceAutomaticAuthentication").MustBool()
+	if route.JwtTokenAuth != nil && !gceAutoAuthentication {
+		if token, err := tokenProvider.getJwtAccessToken(ctx, data); err != nil {
+			logger.Error("Failed to get access token", "error", err)
+		} else {
+			req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", token))
+		}
+	}
+
+	if gceAutoAuthentication {
+		tokenSrc, err := google.DefaultTokenSource(ctx, route.JwtTokenAuth.Scopes...)
 		if err != nil {
 			logger.Error("Failed to get default credentials", "error", err)
 		} else {
-			token, err := defaultCredentials.TokenSource.Token()
+			token, err := tokenSrc.Token()
 			if err != nil {
 				logger.Error("Failed to get default access token", "error", err)
 			} else {
-				ds.JsonData.Set("defaultProject", defaultCredentials.ProjectID)
 				req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", token.AccessToken))
 			}
 		}
--- a/pkg/tsdb/stackdriver/stackdriver.go
+++ b/pkg/tsdb/stackdriver/stackdriver.go
@ -521,8 +521,9 @@ func replaceWithMetricPart(metaPartName string, metricType string) []byte {

 func getProjectName(ctx context.Context, dsInfo *models.DataSource, route *plugins.AppPluginRoute) (string, error) {
 	var projectName string
-	gceAutoAuthentication := dsInfo.JsonData.Get("gceAutoAuthentication").MustBool()
-	if gceAutoAuthentication {
+	gceAutomaticAuthentication := dsInfo.JsonData.Get("gceAutomaticAuthentication").MustBool()
+	logger.Info("gceAutomaticAuthentication", "gceAutomaticAuthentication", gceAutomaticAuthentication)
+	if gceAutomaticAuthentication {
 		defaultCredentials, err := google.FindDefaultCredentials(ctx, route.JwtTokenAuth.Scopes...)
 		if err != nil {
 			return "", err