use go 1.12

Signed-off-by: hongming <talonwan@yunify.com>

vendor/golang.org/x/oauth2/google/appengine.go

@@ -5,34 +5,85 @@
 package google
 
 import (
-	"context"
+	"sort"
+	"strings"
+	"sync"
 	"time"
 
+	"golang.org/x/net/context"
 	"golang.org/x/oauth2"
 )
 
-// Set at init time by appengine_gen1.go. If nil, we're not on App Engine standard first generation (<= Go 1.9) or App Engine flexible.
+// appengineFlex is set at init time by appengineflex_hook.go. If true, we are on App Engine Flex.
+var appengineFlex bool
+
+// Set at init time by appengine_hook.go. If nil, we're not on App Engine.
 var appengineTokenFunc func(c context.Context, scopes ...string) (token string, expiry time.Time, err error)
 
-// Set at init time by appengine_gen1.go. If nil, we're not on App Engine standard first generation (<= Go 1.9) or App Engine flexible.
+// Set at init time by appengine_hook.go. If nil, we're not on App Engine.
 var appengineAppIDFunc func(c context.Context) string
 
-// AppEngineTokenSource returns a token source that fetches tokens from either
-// the current application's service account or from the metadata server,
-// depending on the App Engine environment. See below for environment-specific
-// details. If you are implementing a 3-legged OAuth 2.0 flow on App Engine that
-// involves user accounts, see oauth2.Config instead.
+// AppEngineTokenSource returns a token source that fetches tokens
+// issued to the current App Engine application's service account.
+// If you are implementing a 3-legged OAuth 2.0 flow on App Engine
+// that involves user accounts, see oauth2.Config instead.
 //
-// First generation App Engine runtimes (<= Go 1.9):
-// AppEngineTokenSource returns a token source that fetches tokens issued to the
-// current App Engine application's service account. The provided context must have
-// come from appengine.NewContext.
-//
-// Second generation App Engine runtimes (>= Go 1.11) and App Engine flexible:
-// AppEngineTokenSource is DEPRECATED on second generation runtimes and on the
-// flexible environment. It delegates to ComputeTokenSource, and the provided
-// context and scopes are not used. Please use DefaultTokenSource (or ComputeTokenSource,
-// which DefaultTokenSource will use in this case) instead.
+// The provided context must have come from appengine.NewContext.
 func AppEngineTokenSource(ctx context.Context, scope ...string) oauth2.TokenSource {
-	return appEngineTokenSource(ctx, scope...)
+	if appengineTokenFunc == nil {
+		panic("google: AppEngineTokenSource can only be used on App Engine.")
+	}
+	scopes := append([]string{}, scope...)
+	sort.Strings(scopes)
+	return &appEngineTokenSource{
+		ctx:    ctx,
+		scopes: scopes,
+		key:    strings.Join(scopes, " "),
+	}
+}
+
+// aeTokens helps the fetched tokens to be reused until their expiration.
+var (
+	aeTokensMu sync.Mutex
+	aeTokens   = make(map[string]*tokenLock) // key is space-separated scopes
+)
+
+type tokenLock struct {
+	mu sync.Mutex // guards t; held while fetching or updating t
+	t  *oauth2.Token
+}
+
+type appEngineTokenSource struct {
+	ctx    context.Context
+	scopes []string
+	key    string // to aeTokens map; space-separated scopes
+}
+
+func (ts *appEngineTokenSource) Token() (*oauth2.Token, error) {
+	if appengineTokenFunc == nil {
+		panic("google: AppEngineTokenSource can only be used on App Engine.")
+	}
+
+	aeTokensMu.Lock()
+	tok, ok := aeTokens[ts.key]
+	if !ok {
+		tok = &tokenLock{}
+		aeTokens[ts.key] = tok
+	}
+	aeTokensMu.Unlock()
+
+	tok.mu.Lock()
+	defer tok.mu.Unlock()
+	if tok.t.Valid() {
+		return tok.t, nil
+	}
+	access, exp, err := appengineTokenFunc(ts.ctx, ts.scopes...)
+	if err != nil {
+		return nil, err
+	}
+	tok.t = &oauth2.Token{
+		AccessToken: access,
+		Expiry:      exp,
+	}
+	return tok.t, nil
 }

vendor/golang.org/x/oauth2/google/appengine_gen1.go

@@ -1,77 +0,0 @@
-// Copyright 2018 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build appengine
-
-// This file applies to App Engine first generation runtimes (<= Go 1.9).
-
-package google
-
-import (
-	"context"
-	"sort"
-	"strings"
-	"sync"
-
-	"golang.org/x/oauth2"
-	"google.golang.org/appengine"
-)
-
-func init() {
-	appengineTokenFunc = appengine.AccessToken
-	appengineAppIDFunc = appengine.AppID
-}
-
-// See comment on AppEngineTokenSource in appengine.go.
-func appEngineTokenSource(ctx context.Context, scope ...string) oauth2.TokenSource {
-	scopes := append([]string{}, scope...)
-	sort.Strings(scopes)
-	return &gaeTokenSource{
-		ctx:    ctx,
-		scopes: scopes,
-		key:    strings.Join(scopes, " "),
-	}
-}
-
-// aeTokens helps the fetched tokens to be reused until their expiration.
-var (
-	aeTokensMu sync.Mutex
-	aeTokens   = make(map[string]*tokenLock) // key is space-separated scopes
-)
-
-type tokenLock struct {
-	mu sync.Mutex // guards t; held while fetching or updating t
-	t  *oauth2.Token
-}
-
-type gaeTokenSource struct {
-	ctx    context.Context
-	scopes []string
-	key    string // to aeTokens map; space-separated scopes
-}
-
-func (ts *gaeTokenSource) Token() (*oauth2.Token, error) {
-	aeTokensMu.Lock()
-	tok, ok := aeTokens[ts.key]
-	if !ok {
-		tok = &tokenLock{}
-		aeTokens[ts.key] = tok
-	}
-	aeTokensMu.Unlock()
-
-	tok.mu.Lock()
-	defer tok.mu.Unlock()
-	if tok.t.Valid() {
-		return tok.t, nil
-	}
-	access, exp, err := appengineTokenFunc(ts.ctx, ts.scopes...)
-	if err != nil {
-		return nil, err
-	}
-	tok.t = &oauth2.Token{
-		AccessToken: access,
-		Expiry:      exp,
-	}
-	return tok.t, nil
-}

vendor/golang.org/x/oauth2/google/appengine_gen2_flex.go

@@ -1,27 +0,0 @@
-// Copyright 2018 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build !appengine
-
-// This file applies to App Engine second generation runtimes (>= Go 1.11) and App Engine flexible.
-
-package google
-
-import (
-	"context"
-	"log"
-	"sync"
-
-	"golang.org/x/oauth2"
-)
-
-var logOnce sync.Once // only spam about deprecation once
-
-// See comment on AppEngineTokenSource in appengine.go.
-func appEngineTokenSource(ctx context.Context, scope ...string) oauth2.TokenSource {
-	logOnce.Do(func() {
-		log.Print("google: AppEngineTokenSource is deprecated on App Engine standard second generation runtimes (>= Go 1.11) and App Engine flexible. Please use DefaultTokenSource or ComputeTokenSource.")
-	})
-	return ComputeTokenSource("")
-}

vendor/golang.org/x/oauth2/google/appengine_hook.go

@@ -0,0 +1,14 @@
+// Copyright 2015 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build appengine appenginevm
+
+package google
+
+import "google.golang.org/appengine"
+
+func init() {
+	appengineTokenFunc = appengine.AccessToken
+	appengineAppIDFunc = appengine.AppID
+}

vendor/golang.org/x/oauth2/google/appengineflex_hook.go

@@ -0,0 +1,11 @@
+// Copyright 2015 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build appenginevm
+
+package google
+
+func init() {
+	appengineFlex = true // Flex doesn't support appengine.AccessToken; depend on metadata server.
+}

vendor/golang.org/x/oauth2/google/default.go

@@ -5,7 +5,6 @@
 package google
 
 import (
-	"context"
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
@@ -15,28 +14,18 @@ import (
 	"runtime"
 
 	"cloud.google.com/go/compute/metadata"
+	"golang.org/x/net/context"
 	"golang.org/x/oauth2"
 )
 
-// Credentials holds Google credentials, including "Application Default Credentials".
+// DefaultCredentials holds "Application Default Credentials".
 // For more details, see:
 // https://developers.google.com/accounts/docs/application-default-credentials
-type Credentials struct {
+type DefaultCredentials struct {
 	ProjectID   string // may be empty
 	TokenSource oauth2.TokenSource
-
-	// JSON contains the raw bytes from a JSON credentials file.
-	// This field may be nil if authentication is provided by the
-	// environment and not with a credentials file, e.g. when code is
-	// running on Google Cloud Platform.
-	JSON []byte
 }
 
-// DefaultCredentials is the old name of Credentials.
-//
-// Deprecated: use Credentials instead.
-type DefaultCredentials = Credentials
-
 // DefaultClient returns an HTTP Client that uses the
 // DefaultTokenSource to obtain authentication credentials.
 func DefaultClient(ctx context.Context, scope ...string) (*http.Client, error) {
@@ -68,17 +57,15 @@ func DefaultTokenSource(ctx context.Context, scope ...string) (oauth2.TokenSourc
 //   2. A JSON file in a location known to the gcloud command-line tool.
 //      On Windows, this is %APPDATA%/gcloud/application_default_credentials.json.
 //      On other systems, $HOME/.config/gcloud/application_default_credentials.json.
-//   3. On Google App Engine standard first generation runtimes (<= Go 1.9) it uses
-//      the appengine.AccessToken function.
-//   4. On Google Compute Engine, Google App Engine standard second generation runtimes
-//      (>= Go 1.11), and Google App Engine flexible environment, it fetches
+//   3. On Google App Engine it uses the appengine.AccessToken function.
+//   4. On Google Compute Engine and Google App Engine Managed VMs, it fetches
 //      credentials from the metadata server.
 //      (In this final case any provided scopes are ignored.)
-func FindDefaultCredentials(ctx context.Context, scopes ...string) (*Credentials, error) {
+func FindDefaultCredentials(ctx context.Context, scope ...string) (*DefaultCredentials, error) {
 	// First, try the environment variable.
 	const envVar = "GOOGLE_APPLICATION_CREDENTIALS"
 	if filename := os.Getenv(envVar); filename != "" {
-		creds, err := readCredentialsFile(ctx, filename, scopes)
+		creds, err := readCredentialsFile(ctx, filename, scope)
 		if err != nil {
 			return nil, fmt.Errorf("google: error getting credentials using %v environment variable: %v", envVar, err)
 		}
@@ -87,24 +74,21 @@ func FindDefaultCredentials(ctx context.Context, scopes ...string) (*Credentials
 
 	// Second, try a well-known file.
 	filename := wellKnownFile()
-	if creds, err := readCredentialsFile(ctx, filename, scopes); err == nil {
+	if creds, err := readCredentialsFile(ctx, filename, scope); err == nil {
 		return creds, nil
 	} else if !os.IsNotExist(err) {
 		return nil, fmt.Errorf("google: error getting credentials using well-known file (%v): %v", filename, err)
 	}
 
-	// Third, if we're on a Google App Engine standard first generation runtime (<= Go 1.9)
-	// use those credentials. App Engine standard second generation runtimes (>= Go 1.11)
-	// and App Engine flexible use ComputeTokenSource and the metadata server.
-	if appengineTokenFunc != nil {
+	// Third, if we're on Google App Engine use those credentials.
+	if appengineTokenFunc != nil && !appengineFlex {
 		return &DefaultCredentials{
 			ProjectID:   appengineAppIDFunc(ctx),
-			TokenSource: AppEngineTokenSource(ctx, scopes...),
+			TokenSource: AppEngineTokenSource(ctx, scope...),
 		}, nil
 	}
 
-	// Fourth, if we're on Google Compute Engine, an App Engine standard second generation runtime,
-	// or App Engine flexible, use the metadata server.
+	// Fourth, if we're on Google Compute Engine use the metadata server.
 	if metadata.OnGCE() {
 		id, _ := metadata.ProjectID()
 		return &DefaultCredentials{
@@ -118,26 +102,6 @@ func FindDefaultCredentials(ctx context.Context, scopes ...string) (*Credentials
 	return nil, fmt.Errorf("google: could not find default credentials. See %v for more information.", url)
 }
 
-// CredentialsFromJSON obtains Google credentials from a JSON value. The JSON can
-// represent either a Google Developers Console client_credentials.json file (as in
-// ConfigFromJSON) or a Google Developers service account key file (as in
-// JWTConfigFromJSON).
-func CredentialsFromJSON(ctx context.Context, jsonData []byte, scopes ...string) (*Credentials, error) {
-	var f credentialsFile
-	if err := json.Unmarshal(jsonData, &f); err != nil {
-		return nil, err
-	}
-	ts, err := f.tokenSource(ctx, append([]string(nil), scopes...))
-	if err != nil {
-		return nil, err
-	}
-	return &DefaultCredentials{
-		ProjectID:   f.ProjectID,
-		TokenSource: ts,
-		JSON:        jsonData,
-	}, nil
-}
-
 func wellKnownFile() string {
 	const f = "application_default_credentials.json"
 	if runtime.GOOS == "windows" {
@@ -151,5 +115,16 @@ func readCredentialsFile(ctx context.Context, filename string, scopes []string)
 	if err != nil {
 		return nil, err
 	}
-	return CredentialsFromJSON(ctx, b, scopes...)
+	var f credentialsFile
+	if err := json.Unmarshal(b, &f); err != nil {
+		return nil, err
+	}
+	ts, err := f.tokenSource(ctx, append([]string(nil), scopes...))
+	if err != nil {
+		return nil, err
+	}
+	return &DefaultCredentials{
+		ProjectID:   f.ProjectID,
+		TokenSource: ts,
+	}, nil
 }

vendor/golang.org/x/oauth2/google/doc.go

@@ -1,40 +0,0 @@
-// Copyright 2018 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package google provides support for making OAuth2 authorized and authenticated
-// HTTP requests to Google APIs. It supports the Web server flow, client-side
-// credentials, service accounts, Google Compute Engine service accounts, and Google
-// App Engine service accounts.
-//
-// A brief overview of the package follows. For more information, please read
-// https://developers.google.com/accounts/docs/OAuth2
-// and
-// https://developers.google.com/accounts/docs/application-default-credentials.
-//
-// OAuth2 Configs
-//
-// Two functions in this package return golang.org/x/oauth2.Config values from Google credential
-// data. Google supports two JSON formats for OAuth2 credentials: one is handled by ConfigFromJSON,
-// the other by JWTConfigFromJSON. The returned Config can be used to obtain a TokenSource or
-// create an http.Client.
-//
-//
-// Credentials
-//
-// The Credentials type represents Google credentials, including Application Default
-// Credentials.
-//
-// Use FindDefaultCredentials to obtain Application Default Credentials.
-// FindDefaultCredentials looks in some well-known places for a credentials file, and
-// will call AppEngineTokenSource or ComputeTokenSource as needed.
-//
-// DefaultClient and DefaultTokenSource are convenience methods. They first call FindDefaultCredentials,
-// then use the credentials to construct an http.Client or an oauth2.TokenSource.
-//
-// Use CredentialsFromJSON to obtain credentials from either of the two JSON formats
-// described in OAuth2 Configs, above. The TokenSource in the returned value is the
-// same as the one obtained from the oauth2.Config returned from ConfigFromJSON or
-// JWTConfigFromJSON, but the Credentials may contain additional information
-// that is useful is some circumstances.
-package google // import "golang.org/x/oauth2/google"

vendor/golang.org/x/oauth2/google/google.go

@@ -2,10 +2,19 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-package google
+// Package google provides support for making OAuth2 authorized and
+// authenticated HTTP requests to Google APIs.
+// It supports the Web server flow, client-side credentials, service accounts,
+// Google Compute Engine service accounts, and Google App Engine service
+// accounts.
+//
+// For more information, please read
+// https://developers.google.com/accounts/docs/OAuth2
+// and
+// https://developers.google.com/accounts/docs/application-default-credentials.
+package google // import "golang.org/x/oauth2/google"
 
 import (
-	"context"
 	"encoding/json"
 	"errors"
 	"fmt"
@@ -13,19 +22,19 @@ import (
 	"time"
 
 	"cloud.google.com/go/compute/metadata"
+	"golang.org/x/net/context"
 	"golang.org/x/oauth2"
 	"golang.org/x/oauth2/jwt"
 )
 
 // Endpoint is Google's OAuth 2.0 endpoint.
 var Endpoint = oauth2.Endpoint{
-	AuthURL:   "https://accounts.google.com/o/oauth2/auth",
-	TokenURL:  "https://oauth2.googleapis.com/token",
-	AuthStyle: oauth2.AuthStyleInParams,
+	AuthURL:  "https://accounts.google.com/o/oauth2/auth",
+	TokenURL: "https://accounts.google.com/o/oauth2/token",
 }
 
 // JWTTokenURL is Google's OAuth 2.0 token URL to use with the JWT flow.
-const JWTTokenURL = "https://oauth2.googleapis.com/token"
+const JWTTokenURL = "https://accounts.google.com/o/oauth2/token"
 
 // ConfigFromJSON uses a Google Developers Console client_credentials.json
 // file to construct a config.

vendor/golang.org/x/oauth2/google/sdk.go

@@ -5,12 +5,9 @@
 package google
 
 import (
-	"bufio"
-	"context"
 	"encoding/json"
 	"errors"
 	"fmt"
-	"io"
 	"net/http"
 	"os"
 	"os/user"
@@ -19,7 +16,9 @@ import (
 	"strings"
 	"time"
 
+	"golang.org/x/net/context"
 	"golang.org/x/oauth2"
+	"golang.org/x/oauth2/internal"
 )
 
 type sdkCredentials struct {
@@ -77,7 +76,7 @@ func NewSDKConfig(account string) (*SDKConfig, error) {
 			return nil, fmt.Errorf("oauth2/google: failed to load SDK properties: %v", err)
 		}
 		defer f.Close()
-		ini, err := parseINI(f)
+		ini, err := internal.ParseINI(f)
 		if err != nil {
 			return nil, fmt.Errorf("oauth2/google: failed to parse SDK properties %q: %v", propertiesPath, err)
 		}
@@ -147,34 +146,6 @@ func (c *SDKConfig) Scopes() []string {
 	return c.conf.Scopes
 }
 
-func parseINI(ini io.Reader) (map[string]map[string]string, error) {
-	result := map[string]map[string]string{
-		"": {}, // root section
-	}
-	scanner := bufio.NewScanner(ini)
-	currentSection := ""
-	for scanner.Scan() {
-		line := strings.TrimSpace(scanner.Text())
-		if strings.HasPrefix(line, ";") {
-			// comment.
-			continue
-		}
-		if strings.HasPrefix(line, "[") && strings.HasSuffix(line, "]") {
-			currentSection = strings.TrimSpace(line[1 : len(line)-1])
-			result[currentSection] = map[string]string{}
-			continue
-		}
-		parts := strings.SplitN(line, "=", 2)
-		if len(parts) == 2 && parts[0] != "" {
-			result[currentSection][strings.TrimSpace(parts[0])] = strings.TrimSpace(parts[1])
-		}
-	}
-	if err := scanner.Err(); err != nil {
-		return nil, fmt.Errorf("error scanning ini: %v", err)
-	}
-	return result, nil
-}
-
 // sdkConfigPath tries to guess where the gcloud config is located.
 // It can be overridden during tests.
 var sdkConfigPath = func() (string, error) {