[oauth2] google/internal/externalaccount: allowing PSC Urls
8 views
Skip to first unread message
Gerrit Bot (Gerrit)
Oct 6, 2022, 2:02:46 PM10/6/22
to goph...@pubsubhelper.golang.org, golang-co...@googlegroups.com
Gerrit Bot has uploaded this change for review.
google/internal/externalaccount: allowing PSC Urls
Change-Id: I3fad4197a075332eb466d72aa064412537ea4881
GitHub-Last-Rev: c4e34730c491392d12b1515696f55cf4074c155f
GitHub-Pull-Request: golang/oauth2#594
---
M google/internal/externalaccount/basecredentials.go
1 file changed, 13 insertions(+), 0 deletions(-)
diff --git a/google/internal/externalaccount/basecredentials.go b/google/internal/externalaccount/basecredentials.go
index 2bf5391..9fc3553 100644
--- a/google/internal/externalaccount/basecredentials.go
+++ b/google/internal/externalaccount/basecredentials.go
@@ -74,12 +74,14 @@
regexp.MustCompile(`(?i)^sts\.googleapis\.com$`),
regexp.MustCompile(`(?i)^sts\.[^\.\s\/\\]+\.googleapis\.com$`),
regexp.MustCompile(`(?i)^[^\.\s\/\\]+-sts\.googleapis\.com$`),
+ regexp.MustCompile(`(?i)^sts-[^\.\s\/\\]+\.p\.googleapis\.com$`),
}
validImpersonateURLPatterns = []*regexp.Regexp{
regexp.MustCompile(`^[^\.\s\/\\]+\.iamcredentials\.googleapis\.com$`),
regexp.MustCompile(`^iamcredentials\.googleapis\.com$`),
regexp.MustCompile(`^iamcredentials\.[^\.\s\/\\]+\.googleapis\.com$`),
regexp.MustCompile(`^[^\.\s\/\\]+-iamcredentials\.googleapis\.com$`),
+ regexp.MustCompile(`^iamcredentials-[^\.\s\/\\]+\.p\.googleapis\.com$`),
}
validWorkforceAudiencePattern *regexp.Regexp = regexp.MustCompile(`//iam\.googleapis\.com/locations/[^/]+/workforcePools/`)
)
To view, visit change 439676. To unsubscribe, or for help writing mail filters, visit settings.
Gerrit Bot (Gerrit)
Oct 6, 2022, 2:07:52 PM10/6/22
to goph...@pubsubhelper.golang.org, golang-co...@googlegroups.com
Gerrit Bot has uploaded this change for review.
google/internal/externalaccount: allowing PSC Urls
Change-Id: I46c337f162bf84cbcfa068ce1680e5428c46286a
GitHub-Last-Rev: 09630273c4535b48e43095ed6344557afb55cfda
GitHub-Pull-Request: golang/oauth2#596
---
M google/internal/externalaccount/basecredentials.go
1 file changed, 13 insertions(+), 0 deletions(-)
diff --git a/google/internal/externalaccount/basecredentials.go b/google/internal/externalaccount/basecredentials.go
index 2bf5391..9fc3553 100644
--- a/google/internal/externalaccount/basecredentials.go
+++ b/google/internal/externalaccount/basecredentials.go
@@ -74,12 +74,14 @@
regexp.MustCompile(`(?i)^sts\.googleapis\.com$`),
regexp.MustCompile(`(?i)^sts\.[^\.\s\/\\]+\.googleapis\.com$`),
regexp.MustCompile(`(?i)^[^\.\s\/\\]+-sts\.googleapis\.com$`),
+ regexp.MustCompile(`(?i)^sts-[^\.\s\/\\]+\.p\.googleapis\.com$`),
}
validImpersonateURLPatterns = []*regexp.Regexp{
regexp.MustCompile(`^[^\.\s\/\\]+\.iamcredentials\.googleapis\.com$`),
regexp.MustCompile(`^iamcredentials\.googleapis\.com$`),
regexp.MustCompile(`^iamcredentials\.[^\.\s\/\\]+\.googleapis\.com$`),
regexp.MustCompile(`^[^\.\s\/\\]+-iamcredentials\.googleapis\.com$`),
+ regexp.MustCompile(`^iamcredentials-[^\.\s\/\\]+\.p\.googleapis\.com$`),
}
validWorkforceAudiencePattern *regexp.Regexp = regexp.MustCompile(`//iam\.googleapis\.com/locations/[^/]+/workforcePools/`)
)
To view, visit change 439677. To unsubscribe, or for help writing mail filters, visit settings.
Leo Siracusa (Gerrit)
Oct 6, 2022, 2:42:33 PM10/6/22
to Gerrit Bot, Ryan Kohler, goph...@pubsubhelper.golang.org, Cody Oss, Ryan Kohler, golang-co...@googlegroups.com
Attention is currently required from: Cody Oss.
1 comment:
Patchset:
add tests
To view, visit change 439677. To unsubscribe, or for help writing mail filters, visit settings.
Gerrit Bot (Gerrit)
Oct 10, 2022, 9:25:52 AM10/10/22
to Ryan Kohler, goph...@pubsubhelper.golang.org, golang-co...@googlegroups.com
Attention is currently required from: Cody Oss.
Gerrit Bot uploaded patch set #2 to this change.
google/internal/externalaccount: allowing PSC Urls
Change-Id: I46c337f162bf84cbcfa068ce1680e5428c46286a
GitHub-Last-Rev: 4d1190b904b58ab162a398e01fc33398d11e4636
GitHub-Pull-Request: golang/oauth2#596
---
M google/internal/externalaccount/basecredentials.go
M google/internal/externalaccount/basecredentials_test.go
2 files changed, 33 insertions(+), 0 deletions(-)
To view, visit change 439677. To unsubscribe, or for help writing mail filters, visit settings.
Leo Siracusa (Gerrit)
Oct 13, 2022, 7:26:04 PM10/13/22
to Gerrit Bot, Ryan Kohler, goph...@pubsubhelper.golang.org, Cody Oss, Ryan Kohler, golang-co...@googlegroups.com
Attention is currently required from: Cody Oss.
Patch set 2:Code-Review +1
Cody Oss (Gerrit)
Oct 14, 2022, 10:37:22 AM10/14/22
to Gerrit Bot, Ryan Kohler, goph...@pubsubhelper.golang.org, Leo Siracusa, Ryan Kohler, golang-co...@googlegroups.com
Patch set 2:Run-TryBot +1Auto-Submit +1Code-Review +2
Ryan Kohler (Gerrit)
Oct 14, 2022, 11:30:36 AM10/14/22
to Gerrit Bot, Ryan Kohler, goph...@pubsubhelper.golang.org, Gopher Robot, Cody Oss, Leo Siracusa, golang-co...@googlegroups.com
Attention is currently required from: Leo Siracusa.
1 comment:
Patchset:
add tests
Done
To view, visit change 439677. To unsubscribe, or for help writing mail filters, visit settings.
Gopher Robot (Gerrit)
Oct 14, 2022, 11:30:50 AM10/14/22
to Gerrit Bot, Ryan Kohler, goph...@pubsubhelper.golang.org, golang-...@googlegroups.com, Cody Oss, Leo Siracusa, Ryan Kohler, golang-co...@googlegroups.com
Gopher Robot submitted this change.
Approvals:
Leo Siracusa: Looks good to me, but someone else must approve
Cody Oss: Looks good to me, approved; Run TryBots; Automatically submit change
Gopher Robot: TryBots succeeded
google/internal/externalaccount: allowing PSC Urls
Change-Id: I46c337f162bf84cbcfa068ce1680e5428c46286a
GitHub-Last-Rev: 4d1190b904b58ab162a398e01fc33398d11e4636
GitHub-Pull-Request: golang/oauth2#596
Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/439677
Auto-Submit: Cody Oss <cod...@google.com>
Reviewed-by: Cody Oss <cod...@google.com>
Reviewed-by: Leo Siracusa <leosi...@google.com>
Run-TryBot: Cody Oss <cod...@google.com>
TryBot-Result: Gopher Robot <go...@golang.org>
---
M google/internal/externalaccount/basecredentials.go
M google/internal/externalaccount/basecredentials_test.go
2 files changed, 39 insertions(+), 0 deletions(-)
diff --git a/google/internal/externalaccount/basecredentials.go b/google/internal/externalaccount/basecredentials.go
index 2bf5391..9fc3553 100644
--- a/google/internal/externalaccount/basecredentials.go
+++ b/google/internal/externalaccount/basecredentials.go
@@ -74,12 +74,14 @@
regexp.MustCompile(`(?i)^sts\.googleapis\.com$`),
regexp.MustCompile(`(?i)^sts\.[^\.\s\/\\]+\.googleapis\.com$`),
regexp.MustCompile(`(?i)^[^\.\s\/\\]+-sts\.googleapis\.com$`),
+ regexp.MustCompile(`(?i)^sts-[^\.\s\/\\]+\.p\.googleapis\.com$`),
}
validImpersonateURLPatterns = []*regexp.Regexp{
regexp.MustCompile(`^[^\.\s\/\\]+\.iamcredentials\.googleapis\.com$`),
regexp.MustCompile(`^iamcredentials\.googleapis\.com$`),
regexp.MustCompile(`^iamcredentials\.[^\.\s\/\\]+\.googleapis\.com$`),
regexp.MustCompile(`^[^\.\s\/\\]+-iamcredentials\.googleapis\.com$`),
+ regexp.MustCompile(`^iamcredentials-[^\.\s\/\\]+\.p\.googleapis\.com$`),
}
validWorkforceAudiencePattern *regexp.Regexp = regexp.MustCompile(`//iam\.googleapis\.com/locations/[^/]+/workforcePools/`)
)
diff --git a/google/internal/externalaccount/basecredentials_test.go b/google/internal/externalaccount/basecredentials_test.go
index 5aa0d46..05e0127 100644
--- a/google/internal/externalaccount/basecredentials_test.go
+++ b/google/internal/externalaccount/basecredentials_test.go
@@ -231,6 +231,16 @@
{"https://", false},
{"http://us-east-1.sts.googleapis.com", false},
{"https://us-east-1.sts.googleapis.comevil.com", false},
+ {"https://sts-xyz.p.googleapis.com", true},
+ {"https://sts.pgoogleapis.com", false},
+ {"https://p.googleapis.com", false},
+ {"https://sts.p.com", false},
+ {"http://sts.p.googleapis.com", false},
+ {"https://xyz-sts.p.googleapis.com", false},
+ {"https://sts-xyz.123.p.googleapis.com", false},
+ {"https://sts-xyz.p1.googleapis.com", false},
+ {"https://sts-xyz.p.foo.com", false},
+ {"https://sts-xyz.p.foo.googleapis.com", false},
}
ctx := context.Background()
for _, tt := range urlValidityTests {
@@ -287,6 +297,16 @@
{"https://", false},
{"http://us-east-1.iamcredentials.googleapis.com", false},
{"https://us-east-1.iamcredentials.googleapis.comevil.com", false},
+ {"https://iamcredentials-xyz.p.googleapis.com", true},
+ {"https://iamcredentials.pgoogleapis.com", false},
+ {"https://p.googleapis.com", false},
+ {"https://iamcredentials.p.com", false},
+ {"http://iamcredentials.p.googleapis.com", false},
+ {"https://xyz-iamcredentials.p.googleapis.com", false},
+ {"https://iamcredentials-xyz.123.p.googleapis.com", false},
+ {"https://iamcredentials-xyz.p1.googleapis.com", false},
+ {"https://iamcredentials-xyz.p.foo.com", false},
+ {"https://iamcredentials-xyz.p.foo.googleapis.com", false},
}
ctx := context.Background()
for _, tt := range urlValidityTests {
To view, visit change 439677. To unsubscribe, or for help writing mail filters, visit settings.
Gopher Robot (Gerrit)
Nov 18, 2022, 11:02:54 AM11/18/22
to Gerrit Bot, Ryan Kohler, goph...@pubsubhelper.golang.org, Brad Fitzpatrick, Chris Broadfoot, Shin Fan, Cody Oss, golang-co...@googlegroups.com
Gopher Robot abandoned this change.
Abandoned
GitHub PR golang/oauth2#594 has been closed.
To view, visit change 439676. To unsubscribe, or for help writing mail filters, visit settings.
Reply all
Reply to author
Forward
0 new messages