Delete deprecated gcpkms.NewClientWith* APIs.

#tinkApiChange PiperOrigin-RevId: 532362241
ouzhi · May 16, 2023 · 95495b8 · 95495b8
1 parent bec533c
commit 95495b8
Show file tree

Hide file tree

Showing 5 changed files with 10 additions and 102 deletions.
diff --git a/go/go.mod b/go/go.mod
@@ -7,7 +7,6 @@ require (
 	github.com/google/go-cmp v0.5.8
 	github.com/hashicorp/vault/api v1.4.1
 	golang.org/x/crypto v0.6.0
-	golang.org/x/oauth2 v0.5.0
 	google.golang.org/api v0.86.0
 	google.golang.org/protobuf v1.28.0
 )
@@ -56,6 +55,7 @@ require (
 	go.opencensus.io v0.23.0 // indirect
 	go.uber.org/atomic v1.9.0 // indirect
 	golang.org/x/net v0.7.0 // indirect
+	golang.org/x/oauth2 v0.5.0 // indirect
 	golang.org/x/sys v0.5.0 // indirect
 	golang.org/x/text v0.7.0 // indirect
 	golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1 // indirect

diff --git a/go/integration/gcpkms/BUILD.bazel b/go/integration/gcpkms/BUILD.bazel
@@ -17,8 +17,6 @@ go_library(
         "//tink",
         "@org_golang_google_api//cloudkms/v1:cloudkms",
         "@org_golang_google_api//option",
-        "@org_golang_x_oauth2//:oauth2",
-        "@org_golang_x_oauth2//google",
     ],
 )
 
@@ -44,6 +42,7 @@ go_test(
         "//keyset",
         "//subtle/random",
         "//tink",
+        "@org_golang_google_api//option",
     ],
 )
 

diff --git a/go/integration/gcpkms/gcp_kms_client.go b/go/integration/gcpkms/gcp_kms_client.go
@@ -22,15 +22,11 @@ import (
 	"context"
 	"errors"
 	"fmt"
-	"net/http"
-	"os"
 	"runtime"
 	"strings"
 
 	"google.golang.org/api/cloudkms/v1"
 	"google.golang.org/api/option"
-	"golang.org/x/oauth2/google"
-	"golang.org/x/oauth2"
 	"github.com/google/tink/go/core/registry"
 	"github.com/google/tink/go/tink"
 )
@@ -72,97 +68,6 @@ func NewClientWithOptions(ctx context.Context, uriPrefix string, opts ...option.
 	}, nil
 }
 
-// ClientConfig defines the configuration that can be provided to configure
-// a GCP KMS client.
-//
-// Deprecated: Use NewClientWithOptions instead to provide client options.
-type ClientConfig struct {
-	// HTTP transport for use with the GCP KMS client.
-	// If it is nil, default config will be used.
-	HTTPTransport *http.Transport
-}
-
-// NewClientWithConfig returns a new GCP KMS client
-// using the provided ClientConfig.
-// It will use default credentials to handle keys with uriPrefix prefix.
-// uriPrefix must have the following format: 'gcp-kms://[:path]'.
-//
-// Deprecated: Use NewClientWithOptions instead.
-// To provide a custom HTTP client, use option.WithHTTPClient.
-func NewClientWithConfig(uriPrefix string, config *ClientConfig) (registry.KMSClient, error) {
-	if !strings.HasPrefix(strings.ToLower(uriPrefix), gcpPrefix) {
-		return nil, fmt.Errorf("uriPrefix must start with %s", gcpPrefix)
-	}
-
-	ctx := context.Background()
-	client, err := google.DefaultClient(ctx, cloudkms.CloudPlatformScope)
-	if err != nil {
-		return nil, err
-	}
-	if config != nil && config.HTTPTransport != nil {
-		t, ok := client.Transport.(*oauth2.Transport)
-		if !ok {
-			return nil, fmt.Errorf("unable to type assert HTTP client.Transport to *oauth2.Transport, got %T", client.Transport)
-		}
-		t.Base = config.HTTPTransport
-	}
-
-	kmsService, err := cloudkms.New(client)
-	if err != nil {
-		return nil, err
-	}
-
-	return &gcpClient{
-		keyURIPrefix: uriPrefix,
-		kms:          kmsService,
-	}, nil
-}
-
-// NewClient returns a new GCP KMS client which will use default
-// credentials to handle keys with uriPrefix prefix.
-// uriPrefix must have the following format: 'gcp-kms://[:path]'.
-//
-// Deprecated: Use NewClientWithOptions instead.
-func NewClient(uriPrefix string) (registry.KMSClient, error) {
-	return NewClientWithConfig(uriPrefix, nil)
-}
-
-// NewClientWithCredentials returns a new GCP KMS client which will use given
-// credentials to handle keys with uriPrefix prefix.
-// uriPrefix must have the following format: 'gcp-kms://[:path]'.
-//
-// Deprecated: Use NewClientWithOptions instead.
-// To provide a credential file, use option.WithCredentialsFile.
-func NewClientWithCredentials(uriPrefix string, credentialPath string) (registry.KMSClient, error) {
-	if !strings.HasPrefix(strings.ToLower(uriPrefix), gcpPrefix) {
-		return nil, fmt.Errorf("uriPrefix must start with %s", gcpPrefix)
-	}
-
-	ctx := context.Background()
-	if len(credentialPath) <= 0 {
-		return nil, errCred
-	}
-	data, err := os.ReadFile(credentialPath)
-	if err != nil {
-		return nil, errCred
-	}
-	creds, err := google.CredentialsFromJSON(ctx, data, "https://www.googleapis.com/auth/cloudkms")
-	if err != nil {
-		return nil, errCred
-	}
-	client := oauth2.NewClient(ctx, creds.TokenSource)
-	kmsService, err := cloudkms.New(client)
-	kmsService.UserAgent = tinkUserAgent
-	if err != nil {
-		return nil, err
-	}
-
-	return &gcpClient{
-		keyURIPrefix: uriPrefix,
-		kms:          kmsService,
-	}, nil
-}
-
 // Supported true if this client does support keyURI
 func (c *gcpClient) Supported(keyURI string) bool {
 	return strings.HasPrefix(keyURI, c.keyURIPrefix)

diff --git a/go/integration/gcpkms/gcp_kms_client_test.go b/go/integration/gcpkms/gcp_kms_client_test.go
@@ -17,8 +17,10 @@
 package gcpkms_test
 
 import (
+	"context"
 	"log"
 
+	"google.golang.org/api/option"
 	"github.com/google/tink/go/aead"
 	"github.com/google/tink/go/core/registry"
 	"github.com/google/tink/go/integration/gcpkms"
@@ -27,8 +29,8 @@ import (
 
 func Example() {
 	const keyURI = "gcp-kms://......"
-
-	gcpclient, err := gcpkms.NewClientWithCredentials(keyURI, "/mysecurestorage/credentials.json")
+	ctx := context.Background()
+	gcpclient, err := gcpkms.NewClientWithOptions(ctx, keyURI, option.WithCredentialsFile("/mysecurestorage/credentials.json"))
 	if err != nil {
 		log.Fatal(err)
 	}

diff --git a/go/integration/gcpkms/gcp_kms_integration_test.go b/go/integration/gcpkms/gcp_kms_integration_test.go
@@ -18,13 +18,15 @@ package gcpkms_test
 
 import (
 	"bytes"
+	"context"
 	"errors"
 	"os"
 	"path/filepath"
 	"testing"
 
 	"flag"
 	// context is used to cancel outstanding requests
+	"google.golang.org/api/option"
 	"github.com/google/tink/go/aead"
 	"github.com/google/tink/go/core/registry"
 	"github.com/google/tink/go/integration/gcpkms"
@@ -54,8 +56,8 @@ func setupKMS(t *testing.T) {
 	if !ok {
 		t.Skip("TEST_SRCDIR not set")
 	}
-
-	g, err := gcpkms.NewClientWithCredentials(keyURI, filepath.Join(srcDir, credFile))
+	ctx := context.Background()
+	g, err := gcpkms.NewClientWithOptions(ctx, keyURI, option.WithCredentialsFile(filepath.Join(srcDir, credFile)))
 	if err != nil {
 		t.Fatalf("error setting up GCP client: %v", err)
 	}