in gce-containers-startup/utils/auth.go [44:72]
func (provider ServiceAccountTokenProvider) RetrieveAuthToken() (string, error) {
log.Print("Downloading credentials for default VM service account from metadata server")
client := &http.Client{}
request, err := http.NewRequest("GET", AUTH_METADATA, nil)
request.Header.Add("Metadata-Flavor", "Google")
resp, err := client.Do(request)
if err != nil {
return "", err
}
defer resp.Body.Close()
if resp.StatusCode >= 400 {
return "", fmt.Errorf("Metadata server responded with status %d", resp.StatusCode)
}
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
return "", err
}
res := Token{}
err = json.Unmarshal(body, &res)
if err != nil {
return "", err
}
// TODO(gjaskiewicz): validate that AccessToken exists
return res.AccessToken, nil
}