mirror of
				https://github.com/go-gitea/gitea.git
				synced 2025-10-25 14:10:02 +02:00 
			
		
		
		
	* Add Dependencie Update Script * update gitea.com/lunny/levelqueue * update github.com/PuerkitoBio/goquery * update github.com/alecthomas/chroma * update github.com/blevesearch/bleve/v2 * update github.com/caddyserver/certmagic * update github.com/go-enry/go-enry/v2 * update github.com/go-redis/redis/v8 * update github.com/hashicorp/golang-lru * update github.com/klauspost/compress * update github.com/markbates/goth * update github.com/mholt/archiver/v3 * update github.com/microcosm-cc/bluemonday * update github.com/minio/minio-go/v7 * update github.com/olivere/elastic/v7 * update github.com/xanzy/go-gitlab * update github.com/yuin/goldmark
		
			
				
	
	
		
			80 lines
		
	
	
		
			4.2 KiB
		
	
	
	
		
			Go
		
	
	
	
		
			Vendored
		
	
	
	
			
		
		
	
	
			80 lines
		
	
	
		
			4.2 KiB
		
	
	
	
		
			Go
		
	
	
	
		
			Vendored
		
	
	
	
| // Copyright 2018 The Go Authors. All rights reserved.
 | |
| // Use of this source code is governed by a BSD-style
 | |
| // license that can be found in the LICENSE file.
 | |
| 
 | |
| // Package google provides support for making OAuth2 authorized and authenticated
 | |
| // HTTP requests to Google APIs. It supports the Web server flow, client-side
 | |
| // credentials, service accounts, Google Compute Engine service accounts,
 | |
| // Google App Engine service accounts and workload identity federation
 | |
| // from non-Google cloud platforms.
 | |
| //
 | |
| // A brief overview of the package follows. For more information, please read
 | |
| // https://developers.google.com/accounts/docs/OAuth2
 | |
| // and
 | |
| // https://developers.google.com/accounts/docs/application-default-credentials.
 | |
| // For more information on using workload identity federation, refer to
 | |
| // https://cloud.google.com/iam/docs/how-to#using-workload-identity-federation.
 | |
| //
 | |
| // OAuth2 Configs
 | |
| //
 | |
| // Two functions in this package return golang.org/x/oauth2.Config values from Google credential
 | |
| // data. Google supports two JSON formats for OAuth2 credentials: one is handled by ConfigFromJSON,
 | |
| // the other by JWTConfigFromJSON. The returned Config can be used to obtain a TokenSource or
 | |
| // create an http.Client.
 | |
| //
 | |
| // Workload Identity Federation
 | |
| //
 | |
| // Using workload identity federation, your application can access Google Cloud
 | |
| // resources from Amazon Web Services (AWS), Microsoft Azure or any identity
 | |
| // provider that supports OpenID Connect (OIDC).
 | |
| // Traditionally, applications running outside Google Cloud have used service
 | |
| // account keys to access Google Cloud resources. Using identity federation,
 | |
| // you can allow your workload to impersonate a service account.
 | |
| // This lets you access Google Cloud resources directly, eliminating the
 | |
| // maintenance and security burden associated with service account keys.
 | |
| //
 | |
| // Follow the detailed instructions on how to configure Workload Identity Federation
 | |
| // in various platforms:
 | |
| //
 | |
| //   Amazon Web Services (AWS): https://cloud.google.com/iam/docs/access-resources-aws
 | |
| //   Microsoft Azure: https://cloud.google.com/iam/docs/access-resources-azure
 | |
| //   OIDC identity provider: https://cloud.google.com/iam/docs/access-resources-oidc
 | |
| //
 | |
| // For OIDC providers, the library can retrieve OIDC tokens either from a
 | |
| // local file location (file-sourced credentials) or from a local server
 | |
| // (URL-sourced credentials).
 | |
| // For file-sourced credentials, a background process needs to be continuously
 | |
| // refreshing the file location with a new OIDC token prior to expiration.
 | |
| // For tokens with one hour lifetimes, the token needs to be updated in the file
 | |
| // every hour. The token can be stored directly as plain text or in JSON format.
 | |
| // For URL-sourced credentials, a local server needs to host a GET endpoint to
 | |
| // return the OIDC token. The response can be in plain text or JSON.
 | |
| // Additional required request headers can also be specified.
 | |
| //
 | |
| //
 | |
| // Credentials
 | |
| //
 | |
| // The Credentials type represents Google credentials, including Application Default
 | |
| // Credentials.
 | |
| //
 | |
| // Use FindDefaultCredentials to obtain Application Default Credentials.
 | |
| // FindDefaultCredentials looks in some well-known places for a credentials file, and
 | |
| // will call AppEngineTokenSource or ComputeTokenSource as needed.
 | |
| //
 | |
| // Application Default Credentials also support workload identity federation to
 | |
| // access Google Cloud resources from non-Google Cloud platforms including Amazon
 | |
| // Web Services (AWS), Microsoft Azure or any identity provider that supports
 | |
| // OpenID Connect (OIDC). Workload identity federation is recommended for
 | |
| // non-Google Cloud environments as it avoids the need to download, manage and
 | |
| // store service account private keys locally.
 | |
| //
 | |
| // DefaultClient and DefaultTokenSource are convenience methods. They first call FindDefaultCredentials,
 | |
| // then use the credentials to construct an http.Client or an oauth2.TokenSource.
 | |
| //
 | |
| // Use CredentialsFromJSON to obtain credentials from either of the two JSON formats
 | |
| // described in OAuth2 Configs, above. The TokenSource in the returned value is the
 | |
| // same as the one obtained from the oauth2.Config returned from ConfigFromJSON or
 | |
| // JWTConfigFromJSON, but the Credentials may contain additional information
 | |
| // that is useful is some circumstances.
 | |
| package google // import "golang.org/x/oauth2/google"
 |