diff --git a/auth/oauth.go b/auth/oauth.go index bc567385..dc21d7aa 100644 --- a/auth/oauth.go +++ b/auth/oauth.go @@ -65,7 +65,7 @@ func NewAccessTokenClient(clientId, clientSecret, accessToken string) *http.Clie ) } -func NewServiceAccountClient(serviceAccountFile string) (*http.Client, error) { +func NewServiceAccountClient(serviceAccountFile string, serviceAccountSubject string) (*http.Client, error) { content, exists, err := ReadFile(serviceAccountFile) if(!exists) { return nil, fmt.Errorf("Service account filename %q not found", serviceAccountFile) @@ -79,6 +79,11 @@ func NewServiceAccountClient(serviceAccountFile string) (*http.Client, error) { if(err != nil) { return nil, err } + + if (serviceAccountSubject != "") { + conf.Subject = serviceAccountSubject + } + return conf.Client(oauth2.NoContext), nil } diff --git a/gdrive.go b/gdrive.go index a505d789..257cb76e 100644 --- a/gdrive.go +++ b/gdrive.go @@ -45,6 +45,11 @@ func main() { Patterns: []string{"--service-account"}, Description: "Oauth service account filename, used for server to server communication without user interaction (filename path is relative to config dir)", }, + cli.StringFlag{ + Name: "serviceAccountSubject", + Patterns: []string{"--service-account-subject"}, + Description: "Connect to this user account GDrive instead of the service account GDrive. Useful only with the --service-account parameter. The service account must be domain-wide delegated.", + }, } handlers := []*cli.Handler{ diff --git a/handlers_drive.go b/handlers_drive.go index 7bda872f..9900c264 100644 --- a/handlers_drive.go +++ b/handlers_drive.go @@ -357,7 +357,7 @@ func getOauthClient(args cli.Arguments) (*http.Client, error) { if args.String("serviceAccount") != "" { serviceAccountPath := ConfigFilePath(configDir, args.String("serviceAccount")) - serviceAccountClient, err := auth.NewServiceAccountClient(serviceAccountPath) + serviceAccountClient, err := auth.NewServiceAccountClient(serviceAccountPath,args.String("serviceAccountSubject")) if err != nil { return nil, err }