@@ -278,12 +278,12 @@ type OAuth2 struct {
278278 // ClientAssertionFile is a path to a file whose contents are used as the
279279 // client_assertion. The file is re-read on every token refresh so that
280280 // rotated assertions are picked up automatically.
281- ClientAssertionFile string `yaml:"client_assertion_file,omitempty" json:"client_assertion_file,omitempty"`
282- Scopes []string `yaml:"scopes,omitempty" json:"scopes,omitempty"`
283- TokenURL string `yaml:"token_url,omitempty" json:"token_url,omitempty"`
284- EndpointParams map [ string ] string `yaml:"endpoint_params,omitempty" json:"endpoint_params,omitempty"`
285- TLSConfig TLSConfig `yaml:"tls_config,omitempty"`
286- ProxyConfig `yaml:",inline"`
281+ ClientAssertionFile string `yaml:"client_assertion_file,omitempty" json:"client_assertion_file,omitempty"`
282+ Scopes []string `yaml:"scopes,omitempty" json:"scopes,omitempty"`
283+ TokenURL string `yaml:"token_url,omitempty" json:"token_url,omitempty"`
284+ EndpointParams map [ string ] string `yaml:"endpoint_params,omitempty" json:"endpoint_params,omitempty"`
285+ TLSConfig TLSConfig `yaml:"tls_config,omitempty"`
286+ ProxyConfig `yaml:",inline"`
287287}
288288
289289// UnmarshalYAML implements the yaml.Unmarshaler interface.
@@ -725,18 +725,19 @@ func NewRoundTripperFromConfigWithContext(ctx context.Context, cfg HTTPClientCon
725725 err error
726726 )
727727
728- if cfg .OAuth2 .GrantType == grantTypeJWTBearer {
728+ switch {
729+ case cfg .OAuth2 .GrantType == grantTypeJWTBearer :
729730 oauthCredential , err = toSecret (opts .secretManager , cfg .OAuth2 .ClientCertificateKey , cfg .OAuth2 .ClientCertificateKeyFile , cfg .OAuth2 .ClientCertificateKeyRef )
730731 if err != nil {
731732 return nil , fmt .Errorf ("unable to use client certificate: %w" , err )
732733 }
733- } else if len (cfg .OAuth2 .ClientAssertion ) > 0 || len (cfg .OAuth2 .ClientAssertionFile ) > 0 {
734+ case len (cfg .OAuth2 .ClientAssertion ) > 0 || len (cfg .OAuth2 .ClientAssertionFile ) > 0 :
734735 // Pre-signed JWT assertion (RFC 7521 §4.2 / RFC 7523 §2.2).
735736 oauthCredential , err = toSecret (nil , cfg .OAuth2 .ClientAssertion , cfg .OAuth2 .ClientAssertionFile , "" )
736737 if err != nil {
737738 return nil , fmt .Errorf ("unable to use client assertion: %w" , err )
738739 }
739- } else {
740+ default :
740741 oauthCredential , err = toSecret (opts .secretManager , cfg .OAuth2 .ClientSecret , cfg .OAuth2 .ClientSecretFile , cfg .OAuth2 .ClientSecretRef )
741742 if err != nil {
742743 return nil , fmt .Errorf ("unable to use client secret: %w" , err )
@@ -1025,7 +1026,8 @@ func (rt *oauth2RoundTripper) newOauth2TokenSource(req *http.Request, clientCred
10251026
10261027 var config oauth2TokenSourceConfig
10271028
1028- if rt .config .GrantType == grantTypeJWTBearer {
1029+ switch {
1030+ case rt .config .GrantType == grantTypeJWTBearer :
10291031 // RFC 7523 3.1 - JWT authorization grants
10301032 // RFC 7523 3.2 - Client Authentication Processing is not implement upstream yet,
10311033 // see https://github.com/golang/oauth2/pull/745
@@ -1058,7 +1060,7 @@ func (rt *oauth2RoundTripper) newOauth2TokenSource(req *http.Request, clientCred
10581060 PrivateClaims : rt .config .Claims ,
10591061 EndpointParams : mapToValues (rt .config .EndpointParams ),
10601062 }
1061- } else if len (rt .config .ClientAssertion ) > 0 || len (rt .config .ClientAssertionFile ) > 0 {
1063+ case len (rt .config .ClientAssertion ) > 0 || len (rt .config .ClientAssertionFile ) > 0 :
10621064 // RFC 7521 §4.2 / RFC 7523 §2.2 — client_assertion authentication.
10631065 // The pre-signed JWT is sent as client_assertion together with the
10641066 // appropriate client_assertion_type; no client_secret is included.
@@ -1071,7 +1073,7 @@ func (rt *oauth2RoundTripper) newOauth2TokenSource(req *http.Request, clientCred
10711073 TokenURL : rt .config .TokenURL ,
10721074 EndpointParams : params ,
10731075 }
1074- } else {
1076+ default :
10751077 config = & clientcredentials.Config {
10761078 ClientID : rt .config .ClientID ,
10771079 ClientSecret : clientCredential ,
0 commit comments