error-reporting: Skip authentication for error-reporting when API key is provided (#2554)

PR-URL: #2554

Author: kjin

README.md

@@ -116,7 +116,9 @@ Alternatively, you can also follow the instructions for using a service account
 
 ## Running Elsewhere
 
-If your application is running outside of Google Cloud Platform, such as locally, on-premise, or on another cloud provider, you can still use Stackdriver Errors.
+If your application is running outside of Google Cloud Platform, such as locally, on-premise, or on another cloud provider, you can still use Stackdriver Errors either with locally-stored credentials or with an API Key.
+
+### Using Locally-Stored Credentials
 
 1. You will need to specify your project ID when starting the errors agent.
 
@@ -145,6 +147,25 @@ If your application is running outside of Google Cloud Platform, such as locally
 
 When running on Google Cloud Platform, we handle these for you automatically.
 
+### Using an API Key
+
+You may use an API key in lieu of locally-stored credentials. Please see [this document][api-key] on how to set up an API key if you do not already have one.
+
+Once you have obtained an API key, you may provide it as part of the Error Reporting instance configuration:
+
+```js
+var errors = require('@google-cloud/error-reporting')({
+  projectId: '{your project ID}',
+  key: '{your api key}'
+});
+```
+
+If a key is provided, the module will not attempt to authenticate using the methods associated with locally-stored credentials as mentioned in the previous section.
+
+We recommend using a file, environment variable, or another mechanism to store the API key rather than hard-coding it into your application's source.
+
+**Note:** The Error Reporting instance will check if the provided API key is invalid shortly after it is instantiated. If the key is invalid, an error-level message will be logged to stdout.
+
 ## Configuration
 
 The following code snippet lists all available configuration options.  All configuration options are optional.
@@ -286,6 +307,7 @@ server.head('/hello/:name', respond);
 server.listen(3000);
 ```
 
+[api-key]: https://support.google.com/cloud/answer/6158862
 [app-default-credentials]: https://developers.google.com/identity/protocols/application-default-credentials
 [express-error-docs]: https://expressjs.com/en/guide/error-handling.html
 [gcloud-sdk]: https://cloud.google.com/sdk/gcloud/

src/google-apis/auth-client.js

@@ -27,7 +27,7 @@ var isString = is.string;
 var SCOPES = ['https://www.googleapis.com/auth/cloud-platform'];
 
 /* @const {String} Base Error Reporting API */
-var API = 'https://clouderrorreporting.googleapis.com/v1beta1/projects';
+var API = 'https://clouderrorreporting.googleapis.com/v1beta1';
 
 /**
  * The RequestHandler constructor initializes several properties on the
@@ -70,6 +70,7 @@ class RequestHandler extends common.Service {
     }
     return null;
   }
+
   /**
    * No-operation stub function for user callback substitution
    * @param {Error|Null} err - the error
@@ -88,26 +89,47 @@ class RequestHandler extends common.Service {
    */
   constructor(config, logger) {
     var pid = config.getProjectId();
+    // If an API key is provided, do not try to authenticate.
+    var tryAuthenticate = !config.getKey();
     super({
       packageJson: pkg,
-      baseUrl: 'https://clouderrorreporting.googleapis.com/v1beta1/',
+      baseUrl: API,
       scopes: SCOPES,
       projectId: pid !== null ? pid : undefined,
-      projectIdRequired: true
+      projectIdRequired: true,
+      customEndpoint: !tryAuthenticate
     }, config);
     this._config = config;
     this._logger = logger;
 
     var that = this;
-    this.authClient.getToken(function(err, token) {
-      if (err) {
-        that._logger.error([
-          'Unable to find credential information on instance. This library',
-          'will be unable to communicate with the Stackdriver API to save',
-          'errors.  Message: ' + err.message
-        ].join(' '));
-      }
-    });
+    if (tryAuthenticate) {
+      this.authClient.getToken(function(err, token) {
+        if (err) {
+          that._logger.error([
+            'Unable to find credential information on instance. This library',
+            'will be unable to communicate with the Stackdriver API to save',
+            'errors.  Message: ' + err.message
+          ].join(' '));
+        }
+      });
+    } else {
+      this.request({
+        uri: 'events:report',
+        qs: RequestHandler.manufactureQueryString(this._config.getKey()),
+        method: 'POST',
+        json: {}
+      }, (err, body, response) => {
+        if (err && err.message !== 'Message cannot be empty.' && 
+            response.statusCode === 400) {
+          this._logger.error([
+            'Encountered an error while attempting to validate the provided',
+            'API key'
+          ].join(' '), err);
+        }
+      });
+      that._logger.info('API key provided; skipping OAuth2 token request.');
+    }
   }
   /**
    * Creates a request options object given the value of the error message and

system-test/testAuthClient.js system-test/error-reporting.jssystem-test/testAuthClient.js renamed to system-test/error-reporting.js

@@ -31,6 +31,7 @@ var forEach = require('lodash.foreach');
 var assign = require('lodash.assign');
 var pick = require('lodash.pick');
 var omitBy = require('lodash.omitby');
+var request = require('request');
 var util = require('util');
 var path = require('path');
 
@@ -362,6 +363,41 @@ describe('Expected Behavior', function() {
   });
 });
 
+describe('Error Reporting API', function() {
+  [
+    {
+      name: 'when a valid API key is given',
+      getKey: () => env.apiKey,
+      message: 'Message cannot be empty.'
+    },
+    {
+      name: 'when an empty API key is given',
+      getKey: () => '',
+      message: 'The request is missing a valid API key.'
+    },
+    {
+      name: 'when an invalid API key is given',
+      getKey: () => env.apiKey.slice(1) + env.apiKey[0],
+      message: 'API key not valid. Please pass a valid API key.'
+    }
+  ].forEach(function(testCase) {
+    it(`should return an expected message ${testCase.name}`, function(done) {
+      this.timeout(30000);
+      const API = 'https://clouderrorreporting.googleapis.com/v1beta1';
+      const key = testCase.getKey();
+      request.post({
+        url: `${API}/projects/${env.projectId}/events:report?key=${key}`,
+        json: {},
+      }, (err, response, body) => {
+        assert.ok(!err && body.error);
+        assert.strictEqual(response.statusCode, 400);
+        assert.strictEqual(body.error.message, testCase.message);
+        done();
+      });
+    });
+  });
+});
+
 describe('error-reporting', function() {
   const SRC_ROOT = path.join(__dirname, '..', 'src');
   const TIMESTAMP = Date.now();

test/unit/google-apis/auth-client.js

@@ -20,14 +20,15 @@ var proxyquire = require('proxyquire');
 
 var Configuration = require('../../../src/configuration.js');
 
-function verifyReportedMessage(errToReturn, expectedMessage) {
+function verifyReportedMessage(config, errToReturn, expectedLogs) {
   class ServiceStub {
     constructor() {
       this.authClient = {
         getToken: function(cb) {
           cb(errToReturn);
         }
       };
+      this.request = function() {};
     }
   }
 
@@ -37,28 +38,50 @@ function verifyReportedMessage(errToReturn, expectedMessage) {
     }
   });
 
-  var message = '';
+  var logs = {};
   var logger = {
     error: function(text) {
-      message += text;
+      if (!logs.error) {
+        logs.error = '';
+      }
+      logs.error += text;
+    },
+    info: function(text) {
+      if (!logs.info) {
+        logs.info = '';
+      }
+      logs.info += text;
     }
   };
-  var config = new Configuration({ ignoreEnvironmentCheck: true }, logger);
+  var config = new Configuration(config, logger);
   new RequestHandler(config, logger);
-  assert.strictEqual(message, expectedMessage);
+  assert.deepStrictEqual(logs, expectedLogs);
 }
-
 describe('RequestHandler', function() {
+  it('should not request OAuth2 token if key is provided', function() {
+    var config = {
+      ignoreEnvironmentCheck: true,
+      key: 'key'
+    };
+    var message = 'Made OAuth2 Token Request';
+    verifyReportedMessage(config, new Error(message), {
+      info: 'API key provided; skipping OAuth2 token request.'
+    });
+  });
+
   it('should issue a warning if it cannot communicate with the API', function() {
+    var config = { ignoreEnvironmentCheck: true };
     var message = 'Test Error';
-    verifyReportedMessage(new Error(message),
-      'Unable to find credential information on instance. This library ' +
-      'will be unable to communicate with the Stackdriver API to save ' +
-      'errors.  Message: ' + message);
+    verifyReportedMessage(config, new Error(message), {
+      error: 'Unable to find credential information on instance. This ' +
+        'library will be unable to communicate with the Stackdriver API to ' +
+        'save errors.  Message: ' + message
+    });
   });
 
   it('should not issue a warning if it can communicate with the API', function() {
-    verifyReportedMessage(null, '');
-    verifyReportedMessage(undefined, '');
+    var config = { ignoreEnvironmentCheck: true };
+    verifyReportedMessage(config, null, {});
+    verifyReportedMessage(config, undefined, {});
   });
 });