From b2e825f5c0267e33a3a67e8ababe24b1e3b894ed Mon Sep 17 00:00:00 2001
From: Shir Moran <101132224+shirmoran@users.noreply.github.com>
Date: Tue, 8 Oct 2024 10:29:05 +0300
Subject: [PATCH] Authenticate results spreadsheet creation using a google
 service account (#2497)

---
 .../upload/results_spreadsheet/client.go      | 77 -------------------
 .../results_spreadsheet.go                    | 23 +-----
 2 files changed, 4 insertions(+), 96 deletions(-)
 delete mode 100644 cmd/certsuite/upload/results_spreadsheet/client.go

diff --git a/cmd/certsuite/upload/results_spreadsheet/client.go b/cmd/certsuite/upload/results_spreadsheet/client.go
deleted file mode 100644
index 5f5d697ce..000000000
--- a/cmd/certsuite/upload/results_spreadsheet/client.go
+++ /dev/null
@@ -1,77 +0,0 @@
-package resultsspreadsheet
-
-import (
-	"context"
-	"encoding/json"
-	"fmt"
-	"net/http"
-	"os"
-
-	"golang.org/x/oauth2"
-)
-
-const tokenPermissions = 0o600
-
-// Retrieve a token, saves the token, then returns the generated client.
-func getClient(config *oauth2.Config) (*http.Client, error) {
-	// The file token.json stores the user's access and refresh tokens, and is
-	// created automatically when the authorization flow completes for the first
-	// time.
-	tokFile := "token.json"
-	tok, err := tokenFromFile(tokFile)
-	if err != nil {
-		tok, err = getTokenFromWeb(config)
-		if err != nil {
-			return nil, err
-		}
-		if err := saveToken(tokFile, tok); err != nil {
-			return nil, err
-		}
-	}
-	return config.Client(context.Background(), tok), nil
-}
-
-// Request a token from the web, then returns the retrieved token.
-func getTokenFromWeb(config *oauth2.Config) (*oauth2.Token, error) {
-	authURL := config.AuthCodeURL("state-token", oauth2.AccessTypeOffline)
-	fmt.Printf("Go to the following link in your browser then type the "+
-		"authorization code: \n%v\n", authURL)
-
-	var authCode string
-	if _, err := fmt.Scan(&authCode); err != nil {
-		return nil, fmt.Errorf("unable to read authorization code: %v", err)
-	}
-
-	tok, err := config.Exchange(context.TODO(), authCode)
-	if err != nil {
-		return nil, fmt.Errorf("unable to retrieve token from web: %v", err)
-	}
-	return tok, nil
-}
-
-// Retrieves a token from a local file.
-func tokenFromFile(file string) (*oauth2.Token, error) {
-	f, err := os.Open(file)
-	if err != nil {
-		return nil, err
-	}
-	defer f.Close()
-	tok := &oauth2.Token{}
-	err = json.NewDecoder(f).Decode(tok)
-	return tok, err
-}
-
-// Saves a token to a file path.
-func saveToken(path string, token *oauth2.Token) error {
-	fmt.Printf("Saving credential file to: %s\n", path)
-	f, err := os.OpenFile(path, os.O_RDWR|os.O_CREATE|os.O_TRUNC, tokenPermissions)
-	if err != nil {
-		return fmt.Errorf("unable to cache oauth token: %v", err)
-	}
-	defer f.Close()
-	err = json.NewEncoder(f).Encode(token)
-	if err != nil {
-		return fmt.Errorf("unable to encode token: %v", err)
-	}
-	return nil
-}
diff --git a/cmd/certsuite/upload/results_spreadsheet/results_spreadsheet.go b/cmd/certsuite/upload/results_spreadsheet/results_spreadsheet.go
index 790b7714c..6708d98b8 100644
--- a/cmd/certsuite/upload/results_spreadsheet/results_spreadsheet.go
+++ b/cmd/certsuite/upload/results_spreadsheet/results_spreadsheet.go
@@ -11,7 +11,6 @@ import (
 
 	"github.com/spf13/cobra"
 
-	"golang.org/x/oauth2/google"
 	"google.golang.org/api/drive/v3"
 	"google.golang.org/api/option"
 	"google.golang.org/api/sheets/v4"
@@ -75,29 +74,15 @@ func readCSV(fp string) ([][]string, error) {
 
 func CreateSheetsAndDriveServices(credentials string) (sheetService *sheets.Service, driveService *drive.Service, err error) {
 	ctx := context.Background()
-	b, err := os.ReadFile(credentials)
-	if err != nil {
-		return nil, nil, fmt.Errorf("unable to read client secret file: %v", err)
-	}
-
-	// If modifying these scopes, delete your previously saved token.json.
-	config, err := google.ConfigFromJSON(b, sheets.SpreadsheetsScope, drive.DriveScope)
-	if err != nil {
-		return nil, nil, fmt.Errorf("unable to parse client secret file to config: %v", err)
-	}
-	client, err := getClient(config)
-	if err != nil {
-		return nil, nil, fmt.Errorf("unable to get client: %v", err)
-	}
 
-	sheetSrv, err := sheets.NewService(ctx, option.WithHTTPClient(client))
+	sheetSrv, err := sheets.NewService(ctx, option.WithCredentialsFile(credentials))
 	if err != nil {
-		return nil, nil, fmt.Errorf("unable to retrieve Sheets client: %v", err)
+		return nil, nil, fmt.Errorf("unable to retrieve Sheets service: %v", err)
 	}
 
-	driveSrv, err := drive.NewService(ctx, option.WithHTTPClient(client))
+	driveSrv, err := drive.NewService(ctx, option.WithCredentialsFile(credentials))
 	if err != nil {
-		return nil, nil, fmt.Errorf("unable to retrieve Drive client: %v", err)
+		return nil, nil, fmt.Errorf("unable to retrieve Drive service: %v", err)
 	}
 
 	return sheetSrv, driveSrv, nil