feat(main): Add fetching of tokens from metadata server

This commit is contained in:
Vincent Ambo 2018-06-14 16:48:43 +02:00
parent 2541d25fba
commit 2d8e057118

View file

@ -14,10 +14,17 @@ mod stackdriver;
use std::env; use std::env;
use std::mem; use std::mem;
use std::ops::Add;
use std::process; use std::process;
use std::time::{Duration, Instant}; use std::time::{Duration, Instant};
use systemd::journal::*; use systemd::journal::*;
const METADATA_TOKEN_URL: &str = "http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/token";
header! { (MetadataFlavor, "Metadata-Flavor") => [String] }
type Result<T> = std::result::Result<T, failure::Error>;
#[derive(Debug)] #[derive(Debug)]
struct Record { struct Record {
message: Option<String>, message: Option<String>,
@ -90,6 +97,38 @@ fn flush(records: Vec<Record>) {
} }
} }
/// Retrieves an access token from the GCP metadata service.
#[derive(Deserialize)]
struct TokenResponse {
#[serde(rename = "type")]
expires_in: u64,
access_token: String,
}
/// Struct used to store a token together with a sensible
/// representation of when it expires.
struct Token {
token: String,
renew_at: Instant,
}
fn get_metadata_token(client: &reqwest::Client) -> Result<Token> {
let now = Instant::now();
let token: TokenResponse = client.get(METADATA_TOKEN_URL)
.header(MetadataFlavor("Google".into()))
.send()?.json()?;
debug!("Fetched new token from metadata service");
let renew_at = now.add(Duration::from_secs(token.expires_in / 2));
Ok(Token {
renew_at,
token: token.access_token,
})
}
fn main () { fn main () {
env_logger::init(); env_logger::init();