Revert "Revert "fix: Update config.go and framework_config.go to use transport.Creds for all cases"" (#7955) (#5645)

modular-magician · web-flow · commit 58def4d69a37 · 2023-05-16T13:59:15.000-07:00
Signed-off-by: Modular Magician &lt;magic-modules@google.com&gt;
diff --git a/.changelog/7955.txt b/.changelog/7955.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+provider: fixed an issue where mtls transports were not used consistently
+```
diff --git a/google-beta/framework_config.go b/google-beta/framework_config.go
@@ -1494,7 +1494,7 @@ func GetCredentials(ctx context.Context, data ProviderModel, initialCredentialsO
 			return *creds
 		}
 
-		creds, err := googleoauth.CredentialsFromJSON(ctx, []byte(contents), clientScopes...)
+		creds, err := transport.Creds(ctx, option.WithCredentialsJSON([]byte(contents)), option.WithScopes(clientScopes...))
 		if err != nil {
 			diags.AddError("unable to parse credentials", err.Error())
 			return googleoauth.Credentials{}
@@ -1518,14 +1518,12 @@ func GetCredentials(ctx context.Context, data ProviderModel, initialCredentialsO
 
 	tflog.Info(ctx, "Authenticating using DefaultClient...")
 	tflog.Info(ctx, fmt.Sprintf("  -- Scopes: %s", clientScopes))
-	defaultTS, err := googleoauth.DefaultTokenSource(context.Background(), clientScopes...)
+	creds, err := transport.Creds(context.Background(), option.WithScopes(clientScopes...))
 	if err != nil {
 		diags.AddError(fmt.Sprintf("Attempted to load application default credentials since neither `credentials` nor `access_token` was set in the provider block.  "+
 			"No credentials loaded. To use your gcloud credentials, run 'gcloud auth application-default login'"), err.Error())
 		return googleoauth.Credentials{}
 	}
 
-	return googleoauth.Credentials{
-		TokenSource: defaultTS,
-	}
+	return *creds
 }
diff --git a/google-beta/transport/config.go b/google-beta/transport/config.go
@@ -1922,7 +1922,7 @@ func (c *Config) GetCredentials(clientScopes []string, initialCredentialsOnly bo
 			return *creds, nil
 		}
 
-		creds, err := googleoauth.CredentialsFromJSON(c.Context, []byte(contents), clientScopes...)
+		creds, err := transport.Creds(c.Context, option.WithCredentialsJSON([]byte(contents)), option.WithScopes(clientScopes...))
 		if err != nil {
 			return googleoauth.Credentials{}, fmt.Errorf("unable to parse credentials from '%s': %s", contents, err)
 		}
@@ -1944,14 +1944,12 @@ func (c *Config) GetCredentials(clientScopes []string, initialCredentialsOnly bo
 
 	log.Printf("[INFO] Authenticating using DefaultClient...")
 	log.Printf("[INFO]   -- Scopes: %s", clientScopes)
-	defaultTS, err := googleoauth.DefaultTokenSource(context.Background(), clientScopes...)
+	creds, err := transport.Creds(context.Background(), option.WithScopes(clientScopes...))
 	if err != nil {
 		return googleoauth.Credentials{}, fmt.Errorf("Attempted to load application default credentials since neither `credentials` nor `access_token` was set in the provider block.  No credentials loaded. To use your gcloud credentials, run 'gcloud auth application-default login'.  Original error: %w", err)
 	}
 
-	return googleoauth.Credentials{
-		TokenSource: defaultTS,
-	}, err
+	return *creds, nil
 }
 
 // Remove the `/{{version}}/` from a base path if present.

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	+```release-note:bug
	`2`	`+provider: fixed an issue where mtls transports were not used consistently`
	`3`	+```
Original file line number	Diff line number	Diff line change
`@@ -1922,7 +1922,7 @@ func (c *Config) GetCredentials(clientScopes []string, initialCredentialsOnly bo`
`1922`	`1922`	`return *creds, nil`
`1923`	`1923`	`}`
`1924`	`1924`
`1925`		`- creds, err := googleoauth.CredentialsFromJSON(c.Context, []byte(contents), clientScopes...)`
	`1925`	`+ creds, err := transport.Creds(c.Context, option.WithCredentialsJSON([]byte(contents)), option.WithScopes(clientScopes...))`
`1926`	`1926`	`if err != nil {`
`1927`	`1927`	`return googleoauth.Credentials{}, fmt.Errorf("unable to parse credentials from '%s': %s", contents, err)`
`1928`	`1928`	`}`
`@@ -1944,14 +1944,12 @@ func (c *Config) GetCredentials(clientScopes []string, initialCredentialsOnly bo`
`1944`	`1944`
`1945`	`1945`	`log.Printf("[INFO] Authenticating using DefaultClient...")`
`1946`	`1946`	`log.Printf("[INFO] -- Scopes: %s", clientScopes)`
`1947`		`- defaultTS, err := googleoauth.DefaultTokenSource(context.Background(), clientScopes...)`
	`1947`	`+ creds, err := transport.Creds(context.Background(), option.WithScopes(clientScopes...))`
`1948`	`1948`	`if err != nil {`
`1949`	`1949`	return googleoauth.Credentials{}, fmt.Errorf("Attempted to load application default credentials since neither `credentials` nor `access_token` was set in the provider block. No credentials loaded. To use your gcloud credentials, run 'gcloud auth application-default login'. Original error: %w", err)
`1950`	`1950`	`}`
`1951`	`1951`
`1952`		`- return googleoauth.Credentials{`
`1953`		`- TokenSource: defaultTS,`
`1954`		`- }, err`
	`1952`	`+ return *creds, nil`
`1955`	`1953`	`}`
`1956`	`1954`
`1957`	`1955`	// Remove the `/{{version}}/` from a base path if present.