salrashid123/impersonatedIdToken.go

## impersonatedIdToken.go
package main
/*
>>>>>>>  update 1/11/20:  this does not work anymore since i migrated the identity token and impersonated tokento separte modules.

//

https://github.com/salrashid123/oauth2/blob/master/idtoken/idtoken.go#L130
*/
import (
	"context"
	"io/ioutil"
	"log"
	"net/http"
	"time"

	sal "github.com/salrashid123/oauth2/impersonate"
	idsal "github.com/salrashid123/oauth2/idtoken"
	"golang.org/x/oauth2"
	"golang.org/x/oauth2/google"
)

func main() {

	ctx := context.Background()
	data, err := ioutil.ReadFile("/path/to/svc.json")
	if err != nil {
		log.Fatal(err)
	}
	sacreds, err := google.CredentialsFromJSON(ctx, data, "https://www.googleapis.com/auth/cloud-platform")

	sourceTok := sacreds.TokenSource
	if err != nil {
		log.Fatal(err)
	}

	targetPrincipal := "impersonated-account@project.iam.gserviceaccount.com"
	lifetime := 30 * time.Second
	delegates := []string{}
	targetScopes := []string{"https://www.googleapis.com/auth/cloud-platform"}

	impersonatedTokenSource, err := sal.ImpersonatedTokenSource(
		&sal.ImpersonatedTokenConfig{
			RootTokenSource: sourceTok,
			TargetPrincipal: targetPrincipal,
			Lifetime:        lifetime,
			Delegates:       delegates,
			TargetScopes:    targetScopes,
		},
	)

	impersonatedCreds := &google.Credentials{
		TokenSource: impersonatedTokenSource,
	}

	targetAudience := "https://foo.bar"

	idTokenSource, err := idsal.IdTokenSource(
		&idsal.IdTokenConfig{
			Credentials: impersonatedCreds,
			Audiences:   []string{targetAudience},
			IAMExtension: idsal.IAMExtension{
				IncludeEmail: true,
			},
		},
	)
	client := &http.Client{
		Transport: &oauth2.Transport{
			Source: idTokenSource,
		},
	}

	url := "https://httpbin.org/get"

	resp, err := client.Get(url)
	if err != nil {
		log.Fatal(err)
	}
	log.Printf("Response: %v", resp.Status)

	responseData, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		log.Fatal(err)
	}

	log.Printf(string(responseData))

}
	package main
	/*
	>>>>>>> update 1/11/20: this does not work anymore since i migrated the identity token and impersonated tokento separte modules.

	//

	https://github.com/salrashid123/oauth2/blob/master/idtoken/idtoken.go#L130
	*/
	import (
	"context"
	"io/ioutil"
	"log"
	"net/http"
	"time"

	sal "github.com/salrashid123/oauth2/impersonate"
	idsal "github.com/salrashid123/oauth2/idtoken"
	"golang.org/x/oauth2"
	"golang.org/x/oauth2/google"
	)

	func main() {

	ctx := context.Background()
	data, err := ioutil.ReadFile("/path/to/svc.json")
	if err != nil {
	log.Fatal(err)
	}
	sacreds, err := google.CredentialsFromJSON(ctx, data, "https://www.googleapis.com/auth/cloud-platform")

	sourceTok := sacreds.TokenSource
	if err != nil {
	log.Fatal(err)
	}

	targetPrincipal := "impersonated-account@project.iam.gserviceaccount.com"
	lifetime := 30 * time.Second
	delegates := []string{}
	targetScopes := []string{"https://www.googleapis.com/auth/cloud-platform"}

	impersonatedTokenSource, err := sal.ImpersonatedTokenSource(
	&sal.ImpersonatedTokenConfig{
	RootTokenSource: sourceTok,
	TargetPrincipal: targetPrincipal,
	Lifetime: lifetime,
	Delegates: delegates,
	TargetScopes: targetScopes,
	},
	)

	impersonatedCreds := &google.Credentials{
	TokenSource: impersonatedTokenSource,
	}

	targetAudience := "https://foo.bar"

	idTokenSource, err := idsal.IdTokenSource(
	&idsal.IdTokenConfig{
	Credentials: impersonatedCreds,
	Audiences: []string{targetAudience},
	IAMExtension: idsal.IAMExtension{
	IncludeEmail: true,
	},
	},
	)
	client := &http.Client{
	Transport: &oauth2.Transport{
	Source: idTokenSource,
	},
	}

	url := "https://httpbin.org/get"

	resp, err := client.Get(url)
	if err != nil {
	log.Fatal(err)
	}
	log.Printf("Response: %v", resp.Status)

	responseData, err := ioutil.ReadAll(resp.Body)
	if err != nil {
	log.Fatal(err)
	}

	log.Printf(string(responseData))

	}