From f486efa66ace75893ff2d4009510cadfe4e2f798 Mon Sep 17 00:00:00 2001 From: Lifosmin Simon Date: Mon, 21 Oct 2024 13:48:33 +0700 Subject: [PATCH] add oauth scope for each service --- plugins/providers/bigquery/client.go | 2 +- plugins/providers/gcloudiam/client.go | 2 +- plugins/providers/gcs/client.go | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/plugins/providers/bigquery/client.go b/plugins/providers/bigquery/client.go index 225aaadf..f63c395f 100644 --- a/plugins/providers/bigquery/client.go +++ b/plugins/providers/bigquery/client.go @@ -32,7 +32,7 @@ func NewBigQueryClient(projectID string, credentialsJSON []byte, opts ...option. var oauthClient func(name string) *http.Client if credentialsJSON != nil { var err error - creds, err = google.CredentialsFromJSON(ctx, credentialsJSON, cloudresourcemanager.CloudPlatformScope) + creds, err = google.CredentialsFromJSON(ctx, credentialsJSON, cloudresourcemanager.CloudPlatformScope, bqApi.BigqueryScope, iam.CloudPlatformScope) if err != nil { return nil, fmt.Errorf("failed to obtain credentials: %w", err) } diff --git a/plugins/providers/gcloudiam/client.go b/plugins/providers/gcloudiam/client.go index 14b44e35..5ba1b7b3 100644 --- a/plugins/providers/gcloudiam/client.go +++ b/plugins/providers/gcloudiam/client.go @@ -28,7 +28,7 @@ type iamClient struct { func newIamClient(credentialsJSON []byte, resourceName string) (*iamClient, error) { ctx := context.Background() - creds, err := google.CredentialsFromJSON(ctx, credentialsJSON) + creds, err := google.CredentialsFromJSON(ctx, credentialsJSON, cloudresourcemanager.CloudPlatformScope, iam.CloudPlatformScope) if err != nil { return nil, fmt.Errorf("failed to obtain credentials: %w", err) } diff --git a/plugins/providers/gcs/client.go b/plugins/providers/gcs/client.go index 9ae92ea4..d1284d02 100644 --- a/plugins/providers/gcs/client.go +++ b/plugins/providers/gcs/client.go @@ -24,7 +24,7 @@ type gcsClient struct { } func newGCSClient(ctx context.Context, projectID string, credentialsJSON []byte) (*gcsClient, error) { - creds, err := google.CredentialsFromJSON(ctx, credentialsJSON) + creds, err := google.CredentialsFromJSON(ctx, credentialsJSON, "https://www.googleapis.com/auth/devstorage.full_control") if err != nil { return nil, fmt.Errorf("failed to obtain credentials: %w", err) }